From 5ddd5050e25095fceb62e0146d3f0c943f9c9c86 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 15 May 2025 13:20:31 +0000 Subject: [PATCH] build(deps): bump github.com/mholt/archives from 0.1.1 to 0.1.2 Bumps [github.com/mholt/archives](https://github.com/mholt/archives) from 0.1.1 to 0.1.2. - [Release notes](https://github.com/mholt/archives/releases) - [Commits](https://github.com/mholt/archives/compare/v0.1.1...v0.1.2) --- updated-dependencies: - dependency-name: github.com/mholt/archives dependency-version: 0.1.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 4 +- go.sum | 8 +-- .../brotli/compress_fragment_two_pass.go | 2 + .../github.com/andybalholm/brotli/reader.go | 3 + vendor/github.com/mholt/archives/brotli.go | 46 +++++++++++++- vendor/github.com/mholt/archives/fs.go | 62 +++++++++++++------ vendor/github.com/mholt/archives/rar.go | 44 ++++++++++++- vendor/modules.txt | 4 +- 8 files changed, 142 insertions(+), 31 deletions(-) diff --git a/go.mod b/go.mod index 6b45a77f..fae092f0 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/containerd/platforms v0.2.1 github.com/containers/image/v5 v5.33.1 github.com/docker/docker v27.3.1+incompatible - github.com/mholt/archives v0.1.1 + github.com/mholt/archives v0.1.2 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.1 github.com/pkg/errors v0.9.1 @@ -26,7 +26,7 @@ require ( github.com/STARRY-S/zip v0.2.1 // indirect github.com/VividCortex/ewma v1.2.0 // indirect github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect - github.com/andybalholm/brotli v1.1.1 // indirect + github.com/andybalholm/brotli v1.1.2-0.20250424173009-453214e765f3 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect github.com/bodgit/plumbing v1.3.0 // indirect github.com/bodgit/sevenzip v1.6.0 // indirect diff --git a/go.sum b/go.sum index 3525ebbf..fba0e123 100644 --- a/go.sum +++ b/go.sum @@ -41,8 +41,8 @@ github.com/alecthomas/kong v1.10.0 h1:8K4rGDpT7Iu+jEXCIJUeKqvpwZHbsFRoebLbnzlmrp github.com/alecthomas/kong v1.10.0/go.mod h1:p2vqieVMeTAnaC83txKtXe8FLke2X07aruPWXyMPQrU= github.com/alecthomas/repr v0.4.0 h1:GhI2A8MACjfegCPVq9f1FLvIBS+DrQ2KQBFZP1iFzXc= github.com/alecthomas/repr v0.4.0/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4= -github.com/andybalholm/brotli v1.1.1 h1:PR2pgnyFznKEugtsUo0xLdDop5SKXd5Qf5ysW+7XdTA= -github.com/andybalholm/brotli v1.1.1/go.mod h1:05ib4cKhjx3OQYUY22hTVd34Bc8upXjOLL2rKwwZBoA= +github.com/andybalholm/brotli v1.1.2-0.20250424173009-453214e765f3 h1:8PmGpDEZl9yDpcdEr6Odf23feCxK3LNUNMxjXg41pZQ= +github.com/andybalholm/brotli v1.1.2-0.20250424173009-453214e765f3/go.mod h1:05ib4cKhjx3OQYUY22hTVd34Bc8upXjOLL2rKwwZBoA= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -255,8 +255,8 @@ github.com/mattn/go-runewidth v0.0.16 h1:E5ScNMtiwvlvB5paMFdw9p4kSQzbXFikJ5SQO6T github.com/mattn/go-runewidth v0.0.16/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-sqlite3 v1.14.24 h1:tpSp2G2KyMnnQu99ngJ47EIkWVmliIizyZBfPrBWDRM= github.com/mattn/go-sqlite3 v1.14.24/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= -github.com/mholt/archives v0.1.1 h1:c7J3qXN1FB54y0qiUXiq9Bxk4eCUc8pdXWwOhZdRzeY= -github.com/mholt/archives v0.1.1/go.mod h1:FQVz01Q2uXKB/35CXeW/QFO23xT+hSCGZHVtha78U4I= +github.com/mholt/archives v0.1.2 h1:UBSe5NfYKHI1sy+S5dJsEsG9jsKKk8NJA4HCC+xTI4A= +github.com/mholt/archives v0.1.2/go.mod h1:D7QzTHgw3ctfS6wgOO9dN+MFgdZpbksGCxprUOwZWDs= github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU= github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/minio/minlz v1.0.0 h1:Kj7aJZ1//LlTP1DM8Jm7lNKvvJS2m74gyyXXn3+uJWQ= diff --git a/vendor/github.com/andybalholm/brotli/compress_fragment_two_pass.go b/vendor/github.com/andybalholm/brotli/compress_fragment_two_pass.go index 79f9c7fd..c5c663a5 100644 --- a/vendor/github.com/andybalholm/brotli/compress_fragment_two_pass.go +++ b/vendor/github.com/andybalholm/brotli/compress_fragment_two_pass.go @@ -229,6 +229,8 @@ func storeMetaBlockHeaderBW(len uint, is_uncompressed bool, bw *bitWriter) { nibbles = 4 } else if len <= 1<<20 { nibbles = 5 + } else if len > 1<<24 { + panic("metablock too long") } bw.writeBits(2, uint64(nibbles)-4) diff --git a/vendor/github.com/andybalholm/brotli/reader.go b/vendor/github.com/andybalholm/brotli/reader.go index 9419c79c..3e227893 100644 --- a/vendor/github.com/andybalholm/brotli/reader.go +++ b/vendor/github.com/andybalholm/brotli/reader.go @@ -49,6 +49,9 @@ func (r *Reader) Read(p []byte) (n int, err error) { if !decoderHasMoreOutput(r) && len(r.in) == 0 { m, readErr := r.src.Read(r.buf) if m == 0 { + if readErr == io.EOF && r.state != stateDone { + readErr = io.ErrUnexpectedEOF + } // If readErr is `nil`, we just proxy underlying stream behavior. return 0, readErr } diff --git a/vendor/github.com/mholt/archives/brotli.go b/vendor/github.com/mholt/archives/brotli.go index 02ad866f..67c892d3 100644 --- a/vendor/github.com/mholt/archives/brotli.go +++ b/vendor/github.com/mholt/archives/brotli.go @@ -1,6 +1,7 @@ package archives import ( + "bytes" "context" "io" "strings" @@ -33,11 +34,52 @@ func (br Brotli) Match(_ context.Context, filename string, stream io.Reader) (Ma // the best way to match the stream is probably to try decoding part // of it, but we'll just have to guess a large-enough size that is // still small enough for the smallest streams we'll encounter - r := brotli.NewReader(stream) + input := &bytes.Buffer{} + r := brotli.NewReader(io.TeeReader(stream, input)) buf := make([]byte, 16) - if _, err := io.ReadFull(r, buf); err == nil { + + // First gauntlet - can the reader even read 16 bytes without an error? + n, err := r.Read(buf) + if err != nil { + return mr, nil + } + buf = buf[:n] + inputBytes := input.Bytes() + + // Second gauntlet - do the decompressed bytes exist in the raw input? + // If they don't appear in the first 4 bytes (to account for the up to + // 32 bits of initial brotli header) or at all, then chances are the + // input was compressed. + idx := bytes.Index(inputBytes, buf) + if idx < 4 { mr.ByStream = true + return mr, nil } + + // The input is assumed to be compressed data, but we still can't be 100% sure. + // Try reading more data until we encounter an error. + for n < 128 { + nn, err := r.Read(buf) + switch err { + case io.EOF: + // If we've reached EOF, we return assuming it's compressed. + mr.ByStream = true + return mr, nil + case io.ErrUnexpectedEOF: + // If we've encountered a short read, that's probably due to invalid reads due + // to the fact it isn't compressed data at all. + return mr, nil + case nil: + // No error, no problem. Continue reading. + n += nn + default: + // If we encounter any other error, return it. + return mr, nil + } + } + + // If we haven't encountered an error by now, the input is probably compressed. + mr.ByStream = true } return mr, nil diff --git a/vendor/github.com/mholt/archives/fs.go b/vendor/github.com/mholt/archives/fs.go index b83903bf..f1d3efad 100644 --- a/vendor/github.com/mholt/archives/fs.go +++ b/vendor/github.com/mholt/archives/fs.go @@ -663,7 +663,7 @@ func (f *ArchiveFS) ReadDir(name string) ([]fs.DirEntry, error) { // one component remains -- then loop again to make sure it's not a duplicate // (start without the base, since we know the full filename is an actual entry // in the archive, we don't need to create an implicit directory entry for it) - startingPath := path.Dir(file.NameInArchive) + startingPath := strings.TrimPrefix(path.Dir(file.NameInArchive), "/") // see issue #31 for dir, base := path.Dir(startingPath), path.Base(startingPath); base != "."; dir, base = path.Dir(dir), path.Base(dir) { if err := ctx.Err(); err != nil { return err @@ -765,7 +765,7 @@ func (fsys *DeepFS) Open(name string) (fs.File, error) { return nil, &fs.PathError{Op: "open", Path: name, Err: fmt.Errorf("%w: %s", fs.ErrInvalid, name)} } name = path.Join(filepath.ToSlash(fsys.Root), name) - realPath, innerPath := fsys.splitPath(name) + realPath, innerPath := fsys.SplitPath(name) if innerPath != "" { if innerFsys := fsys.getInnerFsys(realPath); innerFsys != nil { return innerFsys.Open(innerPath) @@ -779,7 +779,7 @@ func (fsys *DeepFS) Stat(name string) (fs.FileInfo, error) { return nil, &fs.PathError{Op: "stat", Path: name, Err: fmt.Errorf("%w: %s", fs.ErrInvalid, name)} } name = path.Join(filepath.ToSlash(fsys.Root), name) - realPath, innerPath := fsys.splitPath(name) + realPath, innerPath := fsys.SplitPath(name) if innerPath != "" { if innerFsys := fsys.getInnerFsys(realPath); innerFsys != nil { return fs.Stat(innerFsys, innerPath) @@ -798,7 +798,7 @@ func (fsys *DeepFS) ReadDir(name string) ([]fs.DirEntry, error) { return nil, &fs.PathError{Op: "readdir", Path: name, Err: fmt.Errorf("%w: %s", fs.ErrInvalid, name)} } name = path.Join(filepath.ToSlash(fsys.Root), name) - realPath, innerPath := fsys.splitPath(name) + realPath, innerPath := fsys.SplitPath(name) if innerPath != "" { if innerFsys := fsys.getInnerFsys(realPath); innerFsys != nil { return fs.ReadDir(innerFsys, innerPath) @@ -811,7 +811,7 @@ func (fsys *DeepFS) ReadDir(name string) ([]fs.DirEntry, error) { // make sure entries that appear to be archive files indicate they are a directory // so the fs package will try to walk them for i, entry := range entries { - if slices.Contains(archiveExtensions, strings.ToLower(path.Ext(entry.Name()))) { + if PathIsArchive(entry.Name()) { entries[i] = alwaysDirEntry{entry} } } @@ -840,7 +840,7 @@ func (fsys *DeepFS) getInnerFsys(realPath string) fs.FS { return nil } -// splitPath splits a file path into the "real" path and the "inner" path components, +// SplitPath splits a file path into the "real" path and the "inner" path components, // where the split point is the first extension of an archive filetype like ".zip" or // ".tar.gz" that occurs in the path. // @@ -851,7 +851,7 @@ func (fsys *DeepFS) getInnerFsys(realPath string) fs.FS { // If no archive extension is found in the path, only the realPath is returned. // If the input path is precisely an archive file (i.e. ends with an archive file // extension), then innerPath is returned as "." which indicates the root of the archive. -func (*DeepFS) splitPath(path string) (realPath, innerPath string) { +func (*DeepFS) SplitPath(path string) (realPath, innerPath string) { if len(path) < 2 { realPath = path return @@ -870,20 +870,20 @@ func (*DeepFS) splitPath(path string) (realPath, innerPath string) { for { part := strings.TrimRight(strings.ToLower(path[start:end]), " ") - for _, ext := range archiveExtensions { - if strings.HasSuffix(part, ext) { - // we've found an archive extension, so the path until the end of this segment is - // the "real" OS path, and what remains (if anything( is the path within the archive - realPath = filepath.Clean(filepath.FromSlash(path[:end])) - if end < len(path) { - innerPath = path[end+1:] - } else { - // signal to the caller that this is an archive, - // even though it is the very root of the archive - innerPath = "." - } - return + if PathIsArchive(part) { + // we've found an archive extension, so the path until the end of this segment is + // the "real" OS path, and what remains (if anything( is the path within the archive + realPath = filepath.Clean(filepath.FromSlash(path[:end])) + + if end < len(path) { + innerPath = path[end+1:] + } else { + // signal to the caller that this is an archive, + // even though it is the very root of the archive + innerPath = "." } + return + } // advance to the next segment, or end of string @@ -936,6 +936,22 @@ var archiveExtensions = []string{ ".tar.lz", } +// PathIsArchive returns true if the path ends with an archive file (i.e. +// whether the path traverse to an archive) solely by lexical analysis (no +// reading the files or headers is performed). +func PathIsArchive(path string) bool { + // normalize the extension + path = strings.ToLower(path) + for _, ext := range archiveExtensions { + // Check the full ext + if strings.HasSuffix(path, ext) { + return true + } + } + + return false +} + // PathContainsArchive returns true if the path contains an archive file (i.e. // whether the path traverses into an archive) solely by lexical analysis (no // reading of files or headers is performed). Such a path is not typically @@ -981,6 +997,8 @@ func PathContainsArchive(path string) bool { // an archive file or is an extracted archive file, as they will // work with the same filename/path inputs regardless of the // presence of a top-level directory. +// +// EXPERIMENTAL: Subject to change or removal even after stable release. func TopDirOpen(fsys fs.FS, name string) (fs.File, error) { file, err := fsys.Open(name) if err == nil { @@ -990,6 +1008,8 @@ func TopDirOpen(fsys fs.FS, name string) (fs.File, error) { } // TopDirStat is like TopDirOpen but for Stat. +// +// EXPERIMENTAL: Subject to change or removal even after stable release. func TopDirStat(fsys fs.FS, name string) (fs.FileInfo, error) { info, err := fs.Stat(fsys, name) if err == nil { @@ -999,6 +1019,8 @@ func TopDirStat(fsys fs.FS, name string) (fs.FileInfo, error) { } // TopDirReadDir is like TopDirOpen but for ReadDir. +// +// EXPERIMENTAL: Subject to change or removal even after stable release. func TopDirReadDir(fsys fs.FS, name string) ([]fs.DirEntry, error) { entries, err := fs.ReadDir(fsys, name) if err == nil { diff --git a/vendor/github.com/mholt/archives/rar.go b/vendor/github.com/mholt/archives/rar.go index 8a8cb381..388ecab1 100644 --- a/vendor/github.com/mholt/archives/rar.go +++ b/vendor/github.com/mholt/archives/rar.go @@ -20,6 +20,12 @@ func init() { RegisterFormat(Rar{}) } +type rarReader interface { + Next() (*rardecode.FileHeader, error) + io.Reader + io.WriterTo +} + type Rar struct { // If true, errors encountered during reading or writing // a file within an archive will be logged and the @@ -28,6 +34,23 @@ type Rar struct { // Password to open archives. Password string + + // Name for a multi-volume archive. When Name is specified, + // the named file is extracted (rather than any io.Reader that + // may be passed to Extract). If the archive is a multi-volume + // archive, this name will also be used by the decoder to derive + // the filename of the next volume in the volume set. + Name string + + // FS is an fs.FS exposing the files of the archive. Unless Name is + // also specified, this does nothing. When Name is also specified, + // FS defines the fs.FS that from which the archive will be opened, + // and in the case of a multi-volume archive, from where each subsequent + // volume of the volume set will be loaded. + // + // Typically this should be a DirFS pointing at the directory containing + // the volumes of the archive. + FS fs.FS } func (Rar) Extension() string { return ".rar" } @@ -65,7 +88,26 @@ func (r Rar) Extract(ctx context.Context, sourceArchive io.Reader, handleFile Fi options = append(options, rardecode.Password(r.Password)) } - rr, err := rardecode.NewReader(sourceArchive, options...) + if r.FS != nil { + options = append(options, rardecode.FileSystem(r.FS)) + } + + var ( + rr rarReader + err error + ) + + // If a name has been provided, then the sourceArchive stream is ignored + // and the archive is opened directly via the filesystem (or provided FS). + if r.Name != "" { + var or *rardecode.ReadCloser + if or, err = rardecode.OpenReader(r.Name, options...); err == nil { + rr = or + defer or.Close() + } + } else { + rr, err = rardecode.NewReader(sourceArchive, options...) + } if err != nil { return err } diff --git a/vendor/modules.txt b/vendor/modules.txt index 691c07a9..8a7143e9 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -53,7 +53,7 @@ github.com/acarl005/stripansi # github.com/alecthomas/kong v1.10.0 ## explicit; go 1.20 github.com/alecthomas/kong -# github.com/andybalholm/brotli v1.1.1 +# github.com/andybalholm/brotli v1.1.2-0.20250424173009-453214e765f3 ## explicit; go 1.13 github.com/andybalholm/brotli github.com/andybalholm/brotli/matchfinder @@ -433,7 +433,7 @@ github.com/mattn/go-runewidth # github.com/mattn/go-sqlite3 v1.14.24 ## explicit; go 1.19 github.com/mattn/go-sqlite3 -# github.com/mholt/archives v0.1.1 +# github.com/mholt/archives v0.1.2 ## explicit; go 1.22.2 github.com/mholt/archives # github.com/miekg/pkcs11 v1.1.1