Aleksa Sarai
1623cde125
go: update github.com/cyphar/filepath-securejoin to v0.3.4
...
This includes a fix to avoid doing import "testing" in non-_test.go
code.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-10-09 15:13:28 +11:00
Aleksa Sarai
1d308c7da4
vendor: update to github.com/cyphar/filepath-securejoin@v0.3.1
...
This includes the MkdirAll and OpenInRoot implementations which are
actually secure against races.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-09-03 23:05:59 +10:00
dependabot[bot]
c7ad2749fd
build(deps): bump github.com/cyphar/filepath-securejoin
...
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin ) from 0.2.3 to 0.2.4.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases )
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.3...v0.2.4 )
---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-09-07 04:30:28 +00:00
Aleksa Sarai
9f2a1f4df1
deps: update to github.com/cyphar/filepath-securejoin@v0.2.3
...
The main change is the switch to Go 1.13-style "%w" error wrapping,
dropping one of the github.com/pkg/errors dependencies we have left.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2021-07-04 21:24:12 +10:00
Vincent Demeester
594501475e
Use cyphar/filepath-securejoin instead of docker pkg/symlink
...
runc shouldn't depend on docker and be more self-contained.
Removing github.com/pkg/symlink dep is the first step to not depend on docker anymore
Signed-off-by: Vincent Demeester <vincent@sbr.pm >
2017-10-31 16:53:45 +01:00