Unverified Commit 1af4c5e7 authored by Wang Yan's avatar Wang Yan Committed by GitHub
Browse files

bump up go-digest version (#12992)


Signed-off-by: default avatarwang yan <wangyan@vmware.com>
parent a62f0589
...@@ -54,7 +54,7 @@ require ( ...@@ -54,7 +54,7 @@ require (
github.com/ncw/swift v1.0.49 // indirect github.com/ncw/swift v1.0.49 // indirect
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646
github.com/olekukonko/tablewriter v0.0.1 github.com/olekukonko/tablewriter v0.0.1
github.com/opencontainers/go-digest v1.0.0-rc1 github.com/opencontainers/go-digest v1.0.0
github.com/opencontainers/image-spec v1.0.1 github.com/opencontainers/image-spec v1.0.1
github.com/opentracing/opentracing-go v1.1.0 // indirect github.com/opentracing/opentracing-go v1.1.0 // indirect
github.com/pkg/errors v0.9.1 github.com/pkg/errors v0.9.1
......
...@@ -613,6 +613,8 @@ github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1 ...@@ -613,6 +613,8 @@ github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1
github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ= github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ=
github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI= github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI=
github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
......
Aaron Lehmann <aaronl@vitelus.com> <aaron.lehmann@docker.com>
Derek McGowan <derek@mcg.dev> <derek@mcgstyle.net>
Stephen J Day <stephen.day@docker.com> <stevvooe@users.noreply.github.com> Stephen J Day <stephen.day@docker.com> <stevvooe@users.noreply.github.com>
Haibing Zhou <zhouhaibing089@gmail.com>
approve_by_comment: true version: 2
approve_regex: '^(Approved|lgtm|LGTM|:shipit:|:star:|:\+1:|:ship:)'
reject_regex: ^Rejected requirements:
reset_on_push: true signed_off_by:
author_approval: ignored required: true
signed_off_by:
required: true always_pending:
reviewers: title_regex: '^WIP'
teams: explanation: 'Work in progress...'
- go-digest-maintainers
name: default group_defaults:
required: 2 required: 2
approve_by_comment:
enabled: true
approve_regex: '^LGTM'
reject_regex: '^Rejected'
reset_on_push:
enabled: true
author_approval:
ignored: true
conditions:
branches:
- master
groups:
go-digest:
teams:
- go-digest-maintainers
language: go language: go
go: go:
- 1.7 - 1.12.x
- 1.13.x
- master - master
...@@ -176,6 +176,7 @@ ...@@ -176,6 +176,7 @@
END OF TERMS AND CONDITIONS END OF TERMS AND CONDITIONS
Copyright 2019, 2020 OCI Contributors
Copyright 2016 Docker, Inc. Copyright 2016 Docker, Inc.
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
......
Aaron Lehmann <aaron.lehmann@docker.com> (@aaronlehmann)
Brandon Philips <brandon.philips@coreos.com> (@philips)
Brendan Burns <bburns@microsoft.com> (@brendandburns)
Derek McGowan <derek@mcgstyle.net> (@dmcgowan) Derek McGowan <derek@mcgstyle.net> (@dmcgowan)
Jason Bouzane <jbouzane@google.com> (@jbouzane) Stephen Day <stevvooe@gmail.com> (@stevvooe)
John Starks <jostarks@microsoft.com> (@jstarks) Vincent Batts <vbatts@hashbangbash.com> (@vbatts)
Jonathan Boulle <jon.boulle@coreos.com> (@jonboulle) Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> (@AkihiroSuda)
Stephen Day <stephen.day@docker.com> (@stevvooe) Sebastiaan van Stijn <github@gone.nl> (@thaJeztah)
Vincent Batts <vbatts@redhat.com> (@vbatts)
...@@ -8,20 +8,16 @@ Please see the [godoc](https://godoc.org/github.com/opencontainers/go-digest) fo ...@@ -8,20 +8,16 @@ Please see the [godoc](https://godoc.org/github.com/opencontainers/go-digest) fo
# What is a digest? # What is a digest?
A digest is just a hash. A digest is just a [hash](https://en.wikipedia.org/wiki/Hash_function).
The most common use case for a digest is to create a content The most common use case for a digest is to create a content identifier for use in [Content Addressable Storage](https://en.wikipedia.org/wiki/Content-addressable_storage) systems:
identifier for use in [Content Addressable Storage](https://en.wikipedia.org/wiki/Content-addressable_storage)
systems:
```go ```go
id := digest.FromBytes([]byte("my content")) id := digest.FromBytes([]byte("my content"))
``` ```
In the example above, the id can be used to uniquely identify In the example above, the id can be used to uniquely identify the byte slice "my content".
the byte slice "my content". This allows two disparate applications This allows two disparate applications to agree on a verifiable identifier without having to trust one another.
to agree on a verifiable identifier without having to trust one
another.
An identifying digest can be verified, as follows: An identifying digest can be verified, as follows:
...@@ -31,8 +27,7 @@ if id != digest.FromBytes([]byte("my content")) { ...@@ -31,8 +27,7 @@ if id != digest.FromBytes([]byte("my content")) {
} }
``` ```
A `Verifier` type can be used to handle cases where an `io.Reader` A `Verifier` type can be used to handle cases where an `io.Reader` makes more sense:
makes more sense:
```go ```go
rd := getContent() rd := getContent()
...@@ -44,33 +39,28 @@ if !verifier.Verified() { ...@@ -44,33 +39,28 @@ if !verifier.Verified() {
} }
``` ```
Using [Merkle DAGs](https://en.wikipedia.org/wiki/Merkle_tree), this Using [Merkle DAGs](https://en.wikipedia.org/wiki/Merkle_tree), this can power a rich, safe, content distribution system.
can power a rich, safe, content distribution system.
# Usage # Usage
While the [godoc](https://godoc.org/github.com/opencontainers/go-digest) is While the [godoc](https://godoc.org/github.com/opencontainers/go-digest) is considered the best resource, a few important items need to be called out when using this package.
considered the best resource, a few important items need to be called
out when using this package.
1. Make sure to import the hash implementations into your application 1. Make sure to import the hash implementations into your application or the package will panic.
or the package will panic. You should have something like the You should have something like the following in the main (or other entrypoint) of your application:
following in the main (or other entrypoint) of your application:
```go ```go
import ( import (
_ "crypto/sha256" _ "crypto/sha256"
_ "crypto/sha512" _ "crypto/sha512"
) )
``` ```
This may seem inconvenient but it allows you replace the hash This may seem inconvenient but it allows you replace the hash
implementations with others, such as https://github.com/stevvooe/resumable. implementations with others, such as https://github.com/stevvooe/resumable.
2. Even though `digest.Digest` may be assemable as a string, _always_ 2. Even though `digest.Digest` may be assemblable as a string, _always_ verify your input with `digest.Parse` or use `Digest.Validate` when accepting untrusted input.
verify your input with `digest.Parse` or use `Digest.Validate` While there are measures to avoid common problems, this will ensure you have valid digests in the rest of your application.
when accepting untrusted input. While there are measures to
avoid common problems, this will ensure you have valid digests 3. While alternative encodings of hash values (digests) are possible (for example, base64), this package deals exclusively with hex-encoded digests.
in the rest of your application.
# Stability # Stability
...@@ -80,25 +70,27 @@ As always, before using a package export, read the [godoc](https://godoc.org/git ...@@ -80,25 +70,27 @@ As always, before using a package export, read the [godoc](https://godoc.org/git
# Contributing # Contributing
This package is considered fairly complete. It has been in production This package is considered fairly complete.
in thousands (millions?) of deployments and is fairly battle-hardened. It has been in production in thousands (millions?) of deployments and is fairly battle-hardened.
New additions will be met with skepticism. If you think there is a New additions will be met with skepticism.
missing feature, please file a bug clearly describing the problem and If you think there is a missing feature, please file a bug clearly describing the problem and the alternatives you tried before submitting a PR.
the alternatives you tried before submitting a PR.
# Reporting security issues ## Code of Conduct
Please DO NOT file a public issue, instead send your report privately to Participation in the OpenContainers community is governed by [OpenContainer's Code of Conduct][code-of-conduct].
security@opencontainers.org.
The maintainers take security seriously. If you discover a security issue, ## Security
please bring it to their attention right away!
If you are reporting a security issue, do not create an issue or file a pull If you find an issue, please follow the [security][security] protocol to report it.
request on GitHub. Instead, disclose the issue responsibly by sending an email
to security@opencontainers.org (which is inhabited only by the maintainers of
the various OCI projects).
# Copyright and license # Copyright and license
Copyright © 2016 Docker, Inc. All rights reserved, except as follows. Code is released under the [Apache 2.0 license](LICENSE.code). This `README.md` file and the [`CONTRIBUTING.md`](CONTRIBUTING.md) file are licensed under the Creative Commons Attribution 4.0 International License under the terms and conditions set forth in the file [`LICENSE.docs`](LICENSE.docs). You may obtain a duplicate copy of the same license, titled CC BY-SA 4.0, at http://creativecommons.org/licenses/by-sa/4.0/. Copyright © 2019, 2020 OCI Contributors
Copyright © 2016 Docker, Inc.
All rights reserved, except as follows.
Code is released under the [Apache 2.0 license](LICENSE).
This `README.md` file and the [`CONTRIBUTING.md`](CONTRIBUTING.md) file are licensed under the Creative Commons Attribution 4.0 International License under the terms and conditions set forth in the file [`LICENSE.docs`](LICENSE.docs).
You may obtain a duplicate copy of the same license, titled CC BY-SA 4.0, at http://creativecommons.org/licenses/by-sa/4.0/.
[security]: https://github.com/opencontainers/org/blob/master/security
[code-of-conduct]: https://github.com/opencontainers/org/blob/master/CODE_OF_CONDUCT.md
// Copyright 2019, 2020 OCI Contributors
// Copyright 2017 Docker, Inc. // Copyright 2017 Docker, Inc.
// //
// Licensed under the Apache License, Version 2.0 (the "License"); // Licensed under the Apache License, Version 2.0 (the "License");
......
// Copyright 2019, 2020 OCI Contributors
// Copyright 2017 Docker, Inc. // Copyright 2017 Docker, Inc.
// //
// Licensed under the Apache License, Version 2.0 (the "License"); // Licensed under the Apache License, Version 2.0 (the "License");
......
// Copyright 2019, 2020 OCI Contributors
// Copyright 2017 Docker, Inc. // Copyright 2017 Docker, Inc.
// //
// Licensed under the Apache License, Version 2.0 (the "License"); // Licensed under the Apache License, Version 2.0 (the "License");
......
// Copyright 2019, 2020 OCI Contributors
// Copyright 2017 Docker, Inc. // Copyright 2017 Docker, Inc.
// //
// Licensed under the Apache License, Version 2.0 (the "License"); // Licensed under the Apache License, Version 2.0 (the "License");
...@@ -29,8 +30,13 @@ ...@@ -29,8 +30,13 @@
// //
// sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc // sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc
// //
// In this case, the string "sha256" is the algorithm and the hex bytes are // The "algorithm" portion defines both the hashing algorithm used to calculate
// the "digest". // the digest and the encoding of the resulting digest, which defaults to "hex"
// if not otherwise specified. Currently, all supported algorithms have their
// digests encoded in hex strings.
//
// In the example above, the string "sha256" is the algorithm and the hex bytes
// are the "digest".
// //
// Because the Digest type is simply a string, once a valid Digest is // Because the Digest type is simply a string, once a valid Digest is
// obtained, comparisons are cheap, quick and simple to express with the // obtained, comparisons are cheap, quick and simple to express with the
......
module github.com/opencontainers/go-digest
go 1.13
// Copyright 2019, 2020 OCI Contributors
// Copyright 2017 Docker, Inc. // Copyright 2017 Docker, Inc.
// //
// Licensed under the Apache License, Version 2.0 (the "License"); // Licensed under the Apache License, Version 2.0 (the "License");
......
...@@ -404,7 +404,7 @@ github.com/nfnt/resize ...@@ -404,7 +404,7 @@ github.com/nfnt/resize
# github.com/olekukonko/tablewriter v0.0.1 # github.com/olekukonko/tablewriter v0.0.1
## explicit ## explicit
github.com/olekukonko/tablewriter github.com/olekukonko/tablewriter
# github.com/opencontainers/go-digest v1.0.0-rc1 # github.com/opencontainers/go-digest v1.0.0
## explicit ## explicit
github.com/opencontainers/go-digest github.com/opencontainers/go-digest
# github.com/opencontainers/image-spec v1.0.1 # github.com/opencontainers/image-spec v1.0.1
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment