6 Commits

Author SHA1 Message Date
Aleksa Sarai 44a0fcf685 go.mod: update to github.com/cyphar/filepath-securejoin@v0.5.0
In order to avoid lint errors due to the deprecation of the top-level
securejoin methods ported from libpathrs, we need to adjust
internal/pathrs to use the new pathrs-lite subpackage instead.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2025-11-01 21:24:03 +11:00
Aleksa Sarai 1623cde125 go: update github.com/cyphar/filepath-securejoin to v0.3.4
This includes a fix to avoid doing import "testing" in non-_test.go
code.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2024-10-09 15:13:28 +11:00
Aleksa Sarai 1d308c7da4 vendor: update to github.com/cyphar/filepath-securejoin@v0.3.1
This includes the MkdirAll and OpenInRoot implementations which are
actually secure against races.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2024-09-03 23:05:59 +10:00
dependabot[bot] c7ad2749fd build(deps): bump github.com/cyphar/filepath-securejoin
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.2.3 to 0.2.4.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases)
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.3...v0.2.4)

---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-07 04:30:28 +00:00
Aleksa Sarai 9f2a1f4df1 deps: update to github.com/cyphar/filepath-securejoin@v0.2.3
The main change is the switch to Go 1.13-style "%w" error wrapping,
dropping one of the github.com/pkg/errors dependencies we have left.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2021-07-04 21:24:12 +10:00
Vincent Demeester 594501475e Use cyphar/filepath-securejoin instead of docker pkg/symlink
runc shouldn't depend on docker and be more self-contained.
Removing github.com/pkg/symlink dep is the first step to not depend on docker anymore

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-10-31 16:53:45 +01:00