mirror of
https://github.com/opencontainers/runc.git
synced 2026-07-11 06:03:57 +08:00
build(deps): bump github.com/cyphar/filepath-securejoin
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.3.5 to 0.3.6. - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md) - [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.3.5...v0.3.6) --- updated-dependencies: - dependency-name: github.com/cyphar/filepath-securejoin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
+24
-1
@@ -6,7 +6,29 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
|
||||
|
||||
## [Unreleased] ##
|
||||
|
||||
## [0.3.6] - 2024-12-17 ##
|
||||
|
||||
### Compatibility ###
|
||||
- The minimum Go version requirement for `filepath-securejoin` is now Go 1.18
|
||||
(we use generics internally).
|
||||
|
||||
For reference, `filepath-securejoin@v0.3.0` somewhat-arbitrarily bumped the
|
||||
Go version requirement to 1.21.
|
||||
|
||||
While we did make some use of Go 1.21 stdlib features (and in principle Go
|
||||
versions <= 1.21 are no longer even supported by upstream anymore), some
|
||||
downstreams have complained that the version bump has meant that they have to
|
||||
do workarounds when backporting fixes that use the new `filepath-securejoin`
|
||||
API onto old branches. This is not an ideal situation, but since using this
|
||||
library is probably better for most downstreams than a hand-rolled
|
||||
workaround, we now have compatibility shims that allow us to build on older
|
||||
Go versions.
|
||||
- Lower minimum version requirement for `golang.org/x/sys` to `v0.18.0` (we
|
||||
need the wrappers for `fsconfig(2)`), which should also make backporting
|
||||
patches to older branches easier.
|
||||
|
||||
## [0.3.5] - 2024-12-06 ##
|
||||
|
||||
### Fixed ###
|
||||
- `MkdirAll` will now no longer return an `EEXIST` error if two racing
|
||||
processes are creating the same directory. We will still verify that the path
|
||||
@@ -171,7 +193,8 @@ This is our first release of `github.com/cyphar/filepath-securejoin`,
|
||||
containing a full implementation with a coverage of 93.5% (the only missing
|
||||
cases are the error cases, which are hard to mocktest at the moment).
|
||||
|
||||
[Unreleased]: https://github.com/cyphar/filepath-securejoin/compare/v0.3.5...HEAD
|
||||
[Unreleased]: https://github.com/cyphar/filepath-securejoin/compare/v0.3.6...HEAD
|
||||
[0.3.6]: https://github.com/cyphar/filepath-securejoin/compare/v0.3.5...v0.3.6
|
||||
[0.3.5]: https://github.com/cyphar/filepath-securejoin/compare/v0.3.4...v0.3.5
|
||||
[0.3.4]: https://github.com/cyphar/filepath-securejoin/compare/v0.3.3...v0.3.4
|
||||
[0.3.3]: https://github.com/cyphar/filepath-securejoin/compare/v0.3.2...v0.3.3
|
||||
|
||||
Reference in New Issue
Block a user