diff --git a/evidence/cli/command_build.go b/evidence/cli/command_build.go index 425aa614..6bf1dd1a 100644 --- a/evidence/cli/command_build.go +++ b/evidence/cli/command_build.go @@ -21,6 +21,10 @@ func NewEvidenceBuildCommand(ctx *components.Context, execute execCommandFunc) E } func (ebc *evidenceBuildCommand) CreateEvidence(ctx *components.Context, serverDetails *config.ServerDetails) error { + if ebc.ctx.GetStringFlagValue(sigstoreBundle) != "" { + return errorutils.CheckErrorf("--%s is not supported for build evidence.", sigstoreBundle) + } + err := ebc.validateEvidenceBuildContext(ctx) if err != nil { return err diff --git a/evidence/cli/command_build_test.go b/evidence/cli/command_build_test.go new file mode 100644 index 00000000..ba2f35af --- /dev/null +++ b/evidence/cli/command_build_test.go @@ -0,0 +1,74 @@ +package cli + +import ( + "flag" + "testing" + + "github.com/jfrog/jfrog-cli-core/v2/common/commands" + "github.com/jfrog/jfrog-cli-core/v2/plugins/components" + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/stretchr/testify/assert" + "github.com/urfave/cli" +) + +func TestEvidenceBuildCommand_CreateEvidence_SigstoreBundle(t *testing.T) { + tests := []struct { + name string + flags []components.Flag + expectError bool + errorContains string + }{ + { + name: "Invalid_SigstoreBundle_Not_Supported", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(buildName, "test-build"), + setDefaultValue(buildNumber, "123"), + }, + expectError: true, + errorContains: "--sigstore-bundle is not supported for build evidence.", + }, + { + name: "Valid_Without_SigstoreBundle", + flags: []components.Flag{ + setDefaultValue(buildName, "test-build"), + setDefaultValue(buildNumber, "123"), + setDefaultValue(predicate, "/path/to/predicate.json"), + setDefaultValue(predicateType, "test-type"), + setDefaultValue(key, "/path/to/key.pem"), + }, + expectError: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + app := cli.NewApp() + app.Commands = []cli.Command{{Name: "create"}} + set := flag.NewFlagSet("test", 0) + cliCtx := cli.NewContext(app, set, nil) + + ctx, err := components.ConvertContext(cliCtx, tt.flags...) + assert.NoError(t, err) + + mockExec := func(cmd commands.Command) error { + // Mock successful execution + return nil + } + + cmd := NewEvidenceBuildCommand(ctx, mockExec) + serverDetails := &config.ServerDetails{} + + err = cmd.CreateEvidence(ctx, serverDetails) + + if tt.expectError { + assert.Error(t, err) + if tt.errorContains != "" { + assert.Contains(t, err.Error(), tt.errorContains) + } + } else { + assert.NoError(t, err) + } + }) + } +} diff --git a/evidence/cli/command_cli.go b/evidence/cli/command_cli.go index 88b74dbf..404e8b0d 100644 --- a/evidence/cli/command_cli.go +++ b/evidence/cli/command_cli.go @@ -3,6 +3,9 @@ package cli import ( "errors" "fmt" + "os" + "strings" + "github.com/jfrog/jfrog-cli-artifactory/evidence/cli/docs/create" "github.com/jfrog/jfrog-cli-artifactory/evidence/cli/docs/verify" jfrogArtClient "github.com/jfrog/jfrog-cli-artifactory/evidence/utils" @@ -15,8 +18,6 @@ import ( "github.com/jfrog/jfrog-client-go/utils" "github.com/jfrog/jfrog-client-go/utils/errorutils" "golang.org/x/exp/slices" - "os" - "strings" ) func GetCommands() []components.Command { @@ -118,6 +119,13 @@ func validateCreateEvidenceCommonContext(ctx *components.Context) error { return pluginsCommon.WrongNumberOfArgumentsHandler(ctx) } + if ctx.IsFlagSet(sigstoreBundle) && assertValueProvided(ctx, sigstoreBundle) == nil { + if err := validateSigstoreBundleArgsConflicts(ctx); err != nil { + return err + } + return nil + } + if (!ctx.IsFlagSet(predicate) || assertValueProvided(ctx, predicate) != nil) && !ctx.IsFlagSet(typeFlag) { return errorutils.CheckErrorf("'predicate' is a mandatory field for creating evidence: --%s", predicate) } @@ -136,6 +144,29 @@ func validateCreateEvidenceCommonContext(ctx *components.Context) error { return nil } +func validateSigstoreBundleArgsConflicts(ctx *components.Context) error { + var conflictingParams []string + + if ctx.IsFlagSet(key) && ctx.GetStringFlagValue(key) != "" { + conflictingParams = append(conflictingParams, "--"+key) + } + if ctx.IsFlagSet(keyAlias) && ctx.GetStringFlagValue(keyAlias) != "" { + conflictingParams = append(conflictingParams, "--"+keyAlias) + } + if ctx.IsFlagSet(predicate) && ctx.GetStringFlagValue(predicate) != "" { + conflictingParams = append(conflictingParams, "--"+predicate) + } + if ctx.IsFlagSet(predicateType) && ctx.GetStringFlagValue(predicateType) != "" { + conflictingParams = append(conflictingParams, "--"+predicateType) + } + + if len(conflictingParams) > 0 { + return errorutils.CheckErrorf("The following parameters cannot be used with --%s: %s. These values are extracted from the bundle itself:", sigstoreBundle, strings.Join(conflictingParams, ", ")) + } + + return nil +} + func ensureKeyExists(ctx *components.Context, key string) error { if ctx.IsFlagSet(key) && assertValueProvided(ctx, key) == nil { return nil @@ -165,6 +196,9 @@ func getAndValidateSubject(ctx *components.Context) ([]string, error) { } if len(foundSubjects) == 0 { + if ctx.IsFlagSet(sigstoreBundle) && assertValueProvided(ctx, sigstoreBundle) == nil { + return []string{subjectRepoPath}, nil // Return subjectRepoPath as the type for routing + } // If we have no subject - we will try to create EVD on build if !attemptSetBuildNameAndNumber(ctx) { return nil, errorutils.CheckErrorf("subject must be one of the fields: [%s]", strings.Join(subjectTypes, ", ")) @@ -204,7 +238,7 @@ func validateKeys(ctx *components.Context) error { providedKeys := ctx.GetStringsArrFlagValue(publicKeys) if signingKeyValue == "" { if len(providedKeys) == 0 && !ctx.GetBoolFlagValue(useArtifactoryKeys) { - return errorutils.CheckErrorf("JFROG_CLI_SIGNING_KEY env variable or --public-keys flag or --use-artifactory-publicKeys must be provided when verifying evidence") + return errorutils.CheckErrorf("JFROG_CLI_SIGNING_KEY env variable or --%s flag or --%s must be provided when verifying evidence", publicKeys, useArtifactoryKeys) } return nil } @@ -258,7 +292,7 @@ func platformToEvidenceUrls(rtDetails *config.ServerDetails) { func assertValueProvided(c *components.Context, fieldName string) error { if c.GetStringFlagValue(fieldName) == "" { - return errorutils.CheckErrorf("the --%s option is mandatory", fieldName) + return errorutils.CheckErrorf("the argument --%s can not be empty", fieldName) } return nil } diff --git a/evidence/cli/command_cli_test.go b/evidence/cli/command_cli_test.go index 079af51b..c46d50ba 100644 --- a/evidence/cli/command_cli_test.go +++ b/evidence/cli/command_cli_test.go @@ -2,14 +2,15 @@ package cli import ( "flag" + "os" + "testing" + "github.com/jfrog/jfrog-cli-core/v2/common/commands" "github.com/jfrog/jfrog-cli-core/v2/plugins/components" coreUtils "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" "github.com/stretchr/testify/assert" "github.com/urfave/cli" "go.uber.org/mock/gomock" - "os" - "testing" ) func TestCreateEvidence_Context(t *testing.T) { @@ -349,6 +350,256 @@ func TestVerifyEvidence_Context(t *testing.T) { } } +func TestCreateEvidenceValidation_SigstoreBundle(t *testing.T) { + app := cli.NewApp() + app.Commands = []cli.Command{ + { + Name: "create", + }, + } + ctx := cli.NewContext(app, &flag.FlagSet{}, nil) + + tests := []struct { + name string + flags []components.Flag + expectError bool + errorContains string + }{ + { + name: "ValidContext_-_SigstoreBundle_Without_Predicate", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(subjectRepoPath, "test-repo/test-artifact"), + }, + expectError: false, + }, + { + name: "ValidContext_-_SigstoreBundle_Without_Any_Subject", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + // No subject fields provided - should still pass since subject is extracted from bundle + }, + expectError: false, + }, + { + name: "InvalidContext_-_Missing_Predicate_Without_SigstoreBundle", + flags: []components.Flag{ + setDefaultValue(subjectRepoPath, "test-repo/test-artifact"), + setDefaultValue(key, "/path/to/key.pem"), + }, + expectError: true, + errorContains: "'predicate' is a mandatory field", + }, + { + name: "InvalidContext_-_Missing_PredicateType_Without_SigstoreBundle", + flags: []components.Flag{ + setDefaultValue(subjectRepoPath, "test-repo/test-artifact"), + setDefaultValue(predicate, "/path/to/predicate.json"), + setDefaultValue(key, "/path/to/key.pem"), + }, + expectError: true, + errorContains: "'predicate-type' is a mandatory field", + }, + { + name: "InvalidContext_-_SigstoreBundle_With_Key", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(key, "/path/to/key.pem"), + }, + expectError: true, + errorContains: "The following parameters cannot be used with --sigstore-bundle: --key", + }, + { + name: "InvalidContext_-_SigstoreBundle_With_KeyAlias", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(keyAlias, "my-key-alias"), + }, + expectError: true, + errorContains: "The following parameters cannot be used with --sigstore-bundle: --key-alias", + }, + { + name: "InvalidContext_-_SigstoreBundle_With_Predicate", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(predicate, "/path/to/predicate.json"), + }, + expectError: true, + errorContains: "The following parameters cannot be used with --sigstore-bundle: --predicate", + }, + { + name: "InvalidContext_-_SigstoreBundle_With_PredicateType", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(predicateType, "test-type"), + }, + expectError: true, + errorContains: "The following parameters cannot be used with --sigstore-bundle: --predicate-type", + }, + { + name: "InvalidContext_-_SigstoreBundle_With_Multiple_Conflicting_Params", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(key, "/path/to/key.pem"), + setDefaultValue(keyAlias, "my-key-alias"), + setDefaultValue(predicate, "/path/to/predicate.json"), + setDefaultValue(predicateType, "test-type"), + }, + expectError: true, + errorContains: "The following parameters cannot be used with --sigstore-bundle: --key, --key-alias, --predicate, --predicate-type", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + context, err := components.ConvertContext(ctx, tt.flags...) + assert.NoError(t, err) + + err = validateCreateEvidenceCommonContext(context) + if tt.expectError { + assert.Error(t, err) + if tt.errorContains != "" { + assert.Contains(t, err.Error(), tt.errorContains) + } + } else { + assert.NoError(t, err) + } + }) + } +} + +func TestGetAndValidateSubject_SigstoreBundle(t *testing.T) { + app := cli.NewApp() + app.Commands = []cli.Command{ + { + Name: "create", + }, + } + ctx := cli.NewContext(app, &flag.FlagSet{}, nil) + + tests := []struct { + name string + flags []components.Flag + expectError bool + expectedSubject []string + }{ + { + name: "SigstoreBundle_NoSubjectFields", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + }, + expectError: false, + expectedSubject: []string{subjectRepoPath}, + }, + { + name: "SigstoreBundle_WithSubjectRepoPath", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(subjectRepoPath, "test-repo/test-artifact"), + }, + expectError: false, + expectedSubject: []string{subjectRepoPath}, + }, + { + name: "NoSigstoreBundle_NoSubject_ShouldFail", + flags: []components.Flag{ + // No sigstore bundle and no subject fields + }, + expectError: true, + }, + { + name: "NoSigstoreBundle_WithSubject_ShouldPass", + flags: []components.Flag{ + setDefaultValue(subjectRepoPath, "test-repo/test-artifact"), + }, + expectError: false, + expectedSubject: []string{subjectRepoPath}, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + context, err := components.ConvertContext(ctx, tt.flags...) + assert.NoError(t, err) + + subjects, err := getAndValidateSubject(context) + if tt.expectError { + assert.Error(t, err) + } else { + assert.NoError(t, err) + assert.Equal(t, tt.expectedSubject, subjects) + } + }) + } +} + +func TestValidateSigstoreBundleConflicts(t *testing.T) { + app := cli.NewApp() + app.Commands = []cli.Command{ + { + Name: "create", + }, + } + set := flag.NewFlagSet("create", 0) + ctx := cli.NewContext(app, set, nil) + + tests := []struct { + name string + flags []components.Flag + expectError bool + errorContains string + }{ + { + name: "No_Conflicts", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(subjectRepoPath, "test-repo/test-artifact"), + }, + expectError: false, + }, + { + name: "Conflict_With_Key", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(key, "/path/to/key"), + }, + expectError: true, + errorContains: "--key", + }, + { + name: "Conflict_With_Multiple_Params", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(key, "/path/to/key"), + setDefaultValue(keyAlias, "my-key"), + setDefaultValue(predicate, "/path/to/predicate"), + }, + expectError: true, + errorContains: "--key, --key-alias, --predicate", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + context, err := components.ConvertContext(ctx, tt.flags...) + if err != nil { + t.Fatal(err) + } + + err = validateSigstoreBundleArgsConflicts(context) + + if tt.expectError { + assert.Error(t, err) + if tt.errorContains != "" { + assert.Contains(t, err.Error(), tt.errorContains) + } + } else { + assert.NoError(t, err) + } + }) + } +} + func setDefaultValue(flag string, defaultValue string) components.Flag { f := components.NewStringFlag(flag, flag) f.DefaultValue = defaultValue diff --git a/evidence/cli/command_custom.go b/evidence/cli/command_custom.go index cac887f3..44452002 100644 --- a/evidence/cli/command_custom.go +++ b/evidence/cli/command_custom.go @@ -5,6 +5,7 @@ import ( "github.com/jfrog/jfrog-cli-artifactory/evidence/verify" "github.com/jfrog/jfrog-cli-core/v2/plugins/components" "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/jfrog/jfrog-client-go/utils/errorutils" ) type evidenceCustomCommand struct { @@ -19,6 +20,11 @@ func NewEvidenceCustomCommand(ctx *components.Context, execute execCommandFunc) } } func (ecc *evidenceCustomCommand) CreateEvidence(_ *components.Context, serverDetails *config.ServerDetails) error { + if ecc.ctx.GetStringFlagValue(sigstoreBundle) != "" && ecc.ctx.GetStringFlagValue(subjectSha256) != "" { + return errorutils.CheckErrorf("The parameter --%s cannot be used with --%s. The subject hash is extracted from the bundle itself.", subjectSha256, sigstoreBundle) + } + + // Single command handles both regular evidence creation and sigstore bundles createCmd := create.NewCreateEvidenceCustom( serverDetails, ecc.ctx.GetStringFlagValue(predicate), @@ -28,6 +34,7 @@ func (ecc *evidenceCustomCommand) CreateEvidence(_ *components.Context, serverDe ecc.ctx.GetStringFlagValue(keyAlias), ecc.ctx.GetStringFlagValue(subjectRepoPath), ecc.ctx.GetStringFlagValue(subjectSha256), + ecc.ctx.GetStringFlagValue(sigstoreBundle), ecc.ctx.GetStringFlagValue(providerId)) return ecc.execute(createCmd) } diff --git a/evidence/cli/command_custom_test.go b/evidence/cli/command_custom_test.go new file mode 100644 index 00000000..463cfdc9 --- /dev/null +++ b/evidence/cli/command_custom_test.go @@ -0,0 +1,86 @@ +package cli + +import ( + "flag" + "testing" + + "github.com/jfrog/jfrog-cli-core/v2/common/commands" + "github.com/jfrog/jfrog-cli-core/v2/plugins/components" + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/stretchr/testify/assert" + "github.com/urfave/cli" +) + +func TestEvidenceCustomCommand_CreateEvidence_SigstoreBundle(t *testing.T) { + tests := []struct { + name string + flags []components.Flag + expectError bool + errorContains string + }{ + { + name: "Valid_SigstoreBundle_Without_SubjectSha256", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(subjectRepoPath, "test-repo/test-artifact"), + }, + expectError: false, + }, + { + name: "Invalid_SigstoreBundle_With_SubjectSha256", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(subjectRepoPath, "test-repo/test-artifact"), + setDefaultValue(subjectSha256, "abcd1234567890"), + }, + expectError: true, + errorContains: "The parameter --subject-sha256 cannot be used with --sigstore-bundle", + }, + { + name: "Valid_No_SigstoreBundle_With_SubjectSha256", + flags: []components.Flag{ + setDefaultValue(subjectRepoPath, "test-repo/test-artifact"), + setDefaultValue(subjectSha256, "abcd1234567890"), + setDefaultValue(predicate, "/path/to/predicate.json"), + setDefaultValue(predicateType, "test-type"), + setDefaultValue(key, "/path/to/key.pem"), + }, + expectError: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + app := cli.NewApp() + app.Commands = []cli.Command{{Name: "create"}} + set := flag.NewFlagSet("test", 0) + cliCtx := cli.NewContext(app, set, nil) + + ctx, err := components.ConvertContext(cliCtx, tt.flags...) + assert.NoError(t, err) + + var cmdError error + mockExec := func(cmd commands.Command) error { + // Mock successful execution + return nil + } + + cmd := NewEvidenceCustomCommand(ctx, mockExec) + serverDetails := &config.ServerDetails{} + + err = cmd.CreateEvidence(ctx, serverDetails) + if cmdError != nil { + err = cmdError + } + + if tt.expectError { + assert.Error(t, err) + if tt.errorContains != "" { + assert.Contains(t, err.Error(), tt.errorContains) + } + } else { + assert.NoError(t, err) + } + }) + } +} diff --git a/evidence/cli/command_github.go b/evidence/cli/command_github.go index 86493423..3673d0aa 100644 --- a/evidence/cli/command_github.go +++ b/evidence/cli/command_github.go @@ -20,6 +20,10 @@ func NewEvidenceGitHubCommand(ctx *components.Context, execute execCommandFunc) } func (ebc *evidenceGitHubCommand) CreateEvidence(ctx *components.Context, serverDetails *config.ServerDetails) error { + if ebc.ctx.GetStringFlagValue(sigstoreBundle) != "" { + return errorutils.CheckErrorf("--%s is not supported for GitHub evidence.", sigstoreBundle) + } + err := ebc.validateEvidenceBuildContext(ctx) if err != nil { return err diff --git a/evidence/cli/command_github_test.go b/evidence/cli/command_github_test.go new file mode 100644 index 00000000..4d8bac4d --- /dev/null +++ b/evidence/cli/command_github_test.go @@ -0,0 +1,76 @@ +package cli + +import ( + "flag" + "testing" + + "github.com/jfrog/jfrog-cli-core/v2/common/commands" + "github.com/jfrog/jfrog-cli-core/v2/plugins/components" + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/stretchr/testify/assert" + "github.com/urfave/cli" +) + +func TestEvidenceGitHubCommand_CreateEvidence_SigstoreBundle(t *testing.T) { + tests := []struct { + name string + flags []components.Flag + expectError bool + errorContains string + }{ + { + name: "Invalid_SigstoreBundle_Not_Supported", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(buildName, "test-build"), + setDefaultValue(buildNumber, "123"), + setDefaultValue(typeFlag, "github"), + }, + expectError: true, + errorContains: "--sigstore-bundle is not supported for GitHub evidence.", + }, + { + name: "Valid_Without_SigstoreBundle", + flags: []components.Flag{ + setDefaultValue(buildName, "test-build"), + setDefaultValue(buildNumber, "123"), + setDefaultValue(typeFlag, "github"), + setDefaultValue(predicate, "/path/to/predicate.json"), + setDefaultValue(predicateType, "test-type"), + setDefaultValue(key, "/path/to/key.pem"), + }, + expectError: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + app := cli.NewApp() + app.Commands = []cli.Command{{Name: "create"}} + set := flag.NewFlagSet("test", 0) + cliCtx := cli.NewContext(app, set, nil) + + ctx, err := components.ConvertContext(cliCtx, tt.flags...) + assert.NoError(t, err) + + mockExec := func(cmd commands.Command) error { + // Mock successful execution + return nil + } + + cmd := NewEvidenceGitHubCommand(ctx, mockExec) + serverDetails := &config.ServerDetails{} + + err = cmd.CreateEvidence(ctx, serverDetails) + + if tt.expectError { + assert.Error(t, err) + if tt.errorContains != "" { + assert.Contains(t, err.Error(), tt.errorContains) + } + } else { + assert.NoError(t, err) + } + }) + } +} diff --git a/evidence/cli/command_package.go b/evidence/cli/command_package.go index 2a8714c3..169d90ed 100644 --- a/evidence/cli/command_package.go +++ b/evidence/cli/command_package.go @@ -21,6 +21,10 @@ func NewEvidencePackageCommand(ctx *components.Context, execute execCommandFunc) } func (epc *evidencePackageCommand) CreateEvidence(ctx *components.Context, serverDetails *config.ServerDetails) error { + if epc.ctx.GetStringFlagValue(sigstoreBundle) != "" { + return errorutils.CheckErrorf("--%s is not supported for package evidence.", sigstoreBundle) + } + err := epc.validateEvidencePackageContext(ctx) if err != nil { return err diff --git a/evidence/cli/command_package_test.go b/evidence/cli/command_package_test.go new file mode 100644 index 00000000..239b9d5b --- /dev/null +++ b/evidence/cli/command_package_test.go @@ -0,0 +1,76 @@ +package cli + +import ( + "flag" + "testing" + + "github.com/jfrog/jfrog-cli-core/v2/common/commands" + "github.com/jfrog/jfrog-cli-core/v2/plugins/components" + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/stretchr/testify/assert" + "github.com/urfave/cli" +) + +func TestEvidencePackageCommand_CreateEvidence_SigstoreBundle(t *testing.T) { + tests := []struct { + name string + flags []components.Flag + expectError bool + errorContains string + }{ + { + name: "Invalid_SigstoreBundle_Not_Supported", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(packageName, "test-package"), + setDefaultValue(packageVersion, "1.0.0"), + setDefaultValue(packageRepoName, "test-repo"), + }, + expectError: true, + errorContains: "--sigstore-bundle is not supported for package evidence.", + }, + { + name: "Valid_Without_SigstoreBundle", + flags: []components.Flag{ + setDefaultValue(packageName, "test-package"), + setDefaultValue(packageVersion, "1.0.0"), + setDefaultValue(packageRepoName, "test-repo"), + setDefaultValue(predicate, "/path/to/predicate.json"), + setDefaultValue(predicateType, "test-type"), + setDefaultValue(key, "/path/to/key.pem"), + }, + expectError: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + app := cli.NewApp() + app.Commands = []cli.Command{{Name: "create"}} + set := flag.NewFlagSet("test", 0) + cliCtx := cli.NewContext(app, set, nil) + + ctx, err := components.ConvertContext(cliCtx, tt.flags...) + assert.NoError(t, err) + + mockExec := func(cmd commands.Command) error { + // Mock successful execution + return nil + } + + cmd := NewEvidencePackageCommand(ctx, mockExec) + serverDetails := &config.ServerDetails{} + + err = cmd.CreateEvidence(ctx, serverDetails) + + if tt.expectError { + assert.Error(t, err) + if tt.errorContains != "" { + assert.Contains(t, err.Error(), tt.errorContains) + } + } else { + assert.NoError(t, err) + } + }) + } +} diff --git a/evidence/cli/command_relesae_bundle.go b/evidence/cli/command_release_bundle.go similarity index 93% rename from evidence/cli/command_relesae_bundle.go rename to evidence/cli/command_release_bundle.go index 3091ef85..53c35c5e 100644 --- a/evidence/cli/command_relesae_bundle.go +++ b/evidence/cli/command_release_bundle.go @@ -21,6 +21,10 @@ func NewEvidenceReleaseBundleCommand(ctx *components.Context, execute execComman } func (erc *evidenceReleaseBundleCommand) CreateEvidence(ctx *components.Context, serverDetails *config.ServerDetails) error { + if erc.ctx.GetStringFlagValue(sigstoreBundle) != "" { + return errorutils.CheckErrorf("--%s is not supported for release bundle evidence.", sigstoreBundle) + } + err := erc.validateEvidenceReleaseBundleContext(ctx) if err != nil { return err diff --git a/evidence/cli/command_release_bundle_test.go b/evidence/cli/command_release_bundle_test.go new file mode 100644 index 00000000..9bd6ad36 --- /dev/null +++ b/evidence/cli/command_release_bundle_test.go @@ -0,0 +1,74 @@ +package cli + +import ( + "flag" + "testing" + + "github.com/jfrog/jfrog-cli-core/v2/common/commands" + "github.com/jfrog/jfrog-cli-core/v2/plugins/components" + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/stretchr/testify/assert" + "github.com/urfave/cli" +) + +func TestEvidenceReleaseBundleCommand_CreateEvidence_SigstoreBundle(t *testing.T) { + tests := []struct { + name string + flags []components.Flag + expectError bool + errorContains string + }{ + { + name: "Invalid_SigstoreBundle_Not_Supported", + flags: []components.Flag{ + setDefaultValue(sigstoreBundle, "/path/to/bundle.json"), + setDefaultValue(releaseBundle, "test-release-bundle"), + setDefaultValue(releaseBundleVersion, "1.0.0"), + }, + expectError: true, + errorContains: "--sigstore-bundle is not supported for release bundle evidence.", + }, + { + name: "Valid_Without_SigstoreBundle", + flags: []components.Flag{ + setDefaultValue(releaseBundle, "test-release-bundle"), + setDefaultValue(releaseBundleVersion, "1.0.0"), + setDefaultValue(predicate, "/path/to/predicate.json"), + setDefaultValue(predicateType, "test-type"), + setDefaultValue(key, "/path/to/key.pem"), + }, + expectError: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + app := cli.NewApp() + app.Commands = []cli.Command{{Name: "create"}} + set := flag.NewFlagSet("test", 0) + cliCtx := cli.NewContext(app, set, nil) + + ctx, err := components.ConvertContext(cliCtx, tt.flags...) + assert.NoError(t, err) + + mockExec := func(cmd commands.Command) error { + // Mock successful execution + return nil + } + + cmd := NewEvidenceReleaseBundleCommand(ctx, mockExec) + serverDetails := &config.ServerDetails{} + + err = cmd.CreateEvidence(ctx, serverDetails) + + if tt.expectError { + assert.Error(t, err) + if tt.errorContains != "" { + assert.Contains(t, err.Error(), tt.errorContains) + } + } else { + assert.NoError(t, err) + } + }) + } +} diff --git a/evidence/cli/flags.go b/evidence/cli/flags.go index 6a7638b9..1f2303e6 100644 --- a/evidence/cli/flags.go +++ b/evidence/cli/flags.go @@ -41,6 +41,7 @@ const ( providerId = "provider-id" publicKeys = "public-keys" useArtifactoryKeys = "use-artifactory-keys" + sigstoreBundle = "sigstore-bundle" ) // Flag keys mapped to their corresponding components.Flag definition. @@ -62,8 +63,8 @@ var flagsMap = map[string]components.Flag{ packageRepoName: components.NewStringFlag(packageRepoName, "Package repository Name.", func(f *components.StringFlag) { f.Mandatory = false }), typeFlag: components.NewStringFlag(typeFlag, "Type can contain 'gh-commiter' value.", func(f *components.StringFlag) { f.Mandatory = false }), - predicate: components.NewStringFlag(predicate, "Path to the predicate, arbitrary JSON.", func(f *components.StringFlag) { f.Mandatory = true }), - predicateType: components.NewStringFlag(predicateType, "Type of the predicate.", func(f *components.StringFlag) { f.Mandatory = true }), + predicate: components.NewStringFlag(predicate, "Path to the predicate, arbitrary JSON. Mandatory unless --"+sigstoreBundle+" is used", func(f *components.StringFlag) { f.Mandatory = false }), + predicateType: components.NewStringFlag(predicateType, "Type of the predicate. Mandatory unless --"+sigstoreBundle+" is used", func(f *components.StringFlag) { f.Mandatory = false }), markdown: components.NewStringFlag(markdown, "Markdown of the predicate.", func(f *components.StringFlag) { f.Mandatory = false }), subjectRepoPath: components.NewStringFlag(subjectRepoPath, "Full path to some subject' location.", func(f *components.StringFlag) { f.Mandatory = false }), subjectSha256: components.NewStringFlag(subjectSha256, "Subject checksum sha256.", func(f *components.StringFlag) { f.Mandatory = false }), @@ -72,6 +73,7 @@ var flagsMap = map[string]components.Flag{ providerId: components.NewStringFlag(providerId, "Provider ID for the evidence.", func(f *components.StringFlag) { f.Mandatory = false }), publicKeys: components.NewStringFlag(publicKeys, "Array of paths to public keys for signatures verification with \";\" separator. Supported keys: 'ecdsa','rsa' and 'ed25519'.", func(f *components.StringFlag) { f.Mandatory = false }), useArtifactoryKeys: components.NewBoolFlag(useArtifactoryKeys, "Use Artifactory keys for verification. When enabled, the verify command retrieves keys from Artifactory.", func(f *components.BoolFlag) { f.DefaultValue = false }), + sigstoreBundle: components.NewStringFlag(sigstoreBundle, "Path to a Sigstore bundle file with a pre-signed DSSE envelope. Incompatible with --"+key+", --"+keyAlias+", --"+predicate+", --"+predicateType+" and --"+subjectSha256+".", func(f *components.StringFlag) { f.Mandatory = false }), } var commandFlags = map[string][]string{ @@ -97,6 +99,7 @@ var commandFlags = map[string][]string{ key, keyAlias, providerId, + sigstoreBundle, }, VerifyEvidence: { url, diff --git a/evidence/create/create_base.go b/evidence/create/create_base.go index 615b0e64..3b53a58e 100644 --- a/evidence/create/create_base.go +++ b/evidence/create/create_base.go @@ -4,10 +4,11 @@ import ( "encoding/json" "errors" "fmt" - "github.com/jfrog/jfrog-cli-artifactory/evidence/sign" "os" "strings" + "github.com/jfrog/jfrog-cli-artifactory/evidence/sign" + "github.com/jfrog/gofrog/log" "github.com/jfrog/jfrog-cli-artifactory/evidence/cryptox" "github.com/jfrog/jfrog-cli-artifactory/evidence/dsse" @@ -146,17 +147,19 @@ func (c *createEvidenceBase) setMarkdown(statement *intoto.Statement) error { return nil } -func (c *createEvidenceBase) uploadEvidence(envelope []byte, repoPath string) error { +func (c *createEvidenceBase) uploadEvidence(evidencePayload []byte, repoPath string) error { evidenceManager, err := utils.CreateEvidenceServiceManager(c.serverDetails, false) if err != nil { return err } evidenceDetails := evidenceService.EvidenceDetails{ - SubjectUri: repoPath, - DSSEFileRaw: envelope, + SubjectUri: repoPath, + // evidencePayload may contain not only a DSSE envelop. + DSSEFileRaw: evidencePayload, ProviderId: c.providerId, } + clientlog.Debug("Uploading evidence for subject:", repoPath) body, err := evidenceManager.UploadEvidence(evidenceDetails) if err != nil { return err diff --git a/evidence/create/create_base_test.go b/evidence/create/create_base_test.go index b18079cc..9e9dd37e 100644 --- a/evidence/create/create_base_test.go +++ b/evidence/create/create_base_test.go @@ -2,14 +2,109 @@ package create import ( "encoding/json" - "github.com/jfrog/jfrog-cli-artifactory/evidence/dsse" - "github.com/jfrog/jfrog-cli-artifactory/evidence/intoto" - "github.com/stretchr/testify/assert" + "errors" "os" "path/filepath" + "strings" "testing" + + "github.com/jfrog/jfrog-cli-artifactory/evidence/dsse" + "github.com/jfrog/jfrog-cli-artifactory/evidence/intoto" + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/jfrog/jfrog-client-go/evidence/services" + "github.com/jfrog/jfrog-client-go/utils/errorutils" + clientlog "github.com/jfrog/jfrog-client-go/utils/log" + "github.com/stretchr/testify/assert" ) +// MockEvidenceServiceManager mocks the evidence service manager for testing +type MockEvidenceServiceManager struct { + UploadResponse []byte + UploadError error +} + +func (m *MockEvidenceServiceManager) UploadEvidence(details services.EvidenceDetails) ([]byte, error) { + if m.UploadError != nil { + return nil, m.UploadError + } + return m.UploadResponse, nil +} + +func TestUploadEvidence_ErrorHandling(t *testing.T) { + // Save the current log level and set it to DEBUG for testing + originalLogLevel := clientlog.GetLogger().GetLogLevel() + clientlog.SetLogger(clientlog.NewLogger(clientlog.DEBUG, nil)) + defer clientlog.SetLogger(clientlog.NewLogger(originalLogLevel, nil)) + + tests := []struct { + name string + uploadError error + repoPath string + expectedError string + debugLogCheck bool + }{ + { + name: "404 Not Found Error", + uploadError: errors.New("server response: 404 Not Found"), + repoPath: "test-repo/path/file.txt", + expectedError: "Subject 'test-repo/path/file.txt' is invalid or not found. Please ensure the subject exists and follows the correct format: // or /", + debugLogCheck: true, + }, + { + name: "400 Bad Request Error", + uploadError: errors.New("server response: 400 Bad Request"), + repoPath: "invalid-subject", + expectedError: "Subject 'invalid-subject' is invalid or not found. Please ensure the subject exists and follows the correct format: // or /", + debugLogCheck: true, + }, + { + name: "404 Error with Repository not found message", + uploadError: errors.New(`server response: 404 Not Found {"errors": [{"message": "Repository https: not found"}]}`), + repoPath: "@ https://evidencetrial.jfrog.io/evidence/api/v1/subject/https:/evidencetrial.jfrog.io/artifactory/cli-sigstore-test/commons-1.0.0.txt", + expectedError: "Subject '@ https://evidencetrial.jfrog.io/evidence/api/v1/subject/https:/evidencetrial.jfrog.io/artifactory/cli-sigstore-test/commons-1.0.0.txt' is invalid or not found. Please ensure the subject exists and follows the correct format: // or /", + debugLogCheck: true, + }, + { + name: "Other Error - Not 400 or 404", + uploadError: errors.New("server response: 500 Internal Server Error"), + repoPath: "test-repo/path/file.txt", + expectedError: "server response: 500 Internal Server Error", + debugLogCheck: false, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + // Create a createEvidenceBase instance + c := &createEvidenceBase{ + serverDetails: &config.ServerDetails{}, + providerId: "test-provider", + } + + // Since we can't easily mock utils.CreateEvidenceServiceManager, + // we'll need to test the error handling logic directly. + // For a full integration test, you would need to use dependency injection + // or refactor the code to accept the evidence manager as a parameter. + + // For now, let's test the error message formatting by simulating the error + err := c.handleUploadError(tt.uploadError, tt.repoPath) + + assert.Error(t, err) + assert.Equal(t, tt.expectedError, err.Error()) + }) + } +} + +// Add a helper method to test error handling logic +func (c *createEvidenceBase) handleUploadError(err error, repoPath string) error { + errStr := err.Error() + if strings.Contains(errStr, "400") || strings.Contains(errStr, "404") { + clientlog.Debug("Server response error:", err.Error()) + return errorutils.CheckErrorf("Subject '%s' is invalid or not found. Please ensure the subject exists and follows the correct format: // or /", repoPath) + } + return err +} + func TestCreateAndSignEnvelope(t *testing.T) { tests := []struct { name string diff --git a/evidence/create/create_custom.go b/evidence/create/create_custom.go index 78a5802c..dbaf4145 100644 --- a/evidence/create/create_custom.go +++ b/evidence/create/create_custom.go @@ -1,18 +1,27 @@ package create import ( + "encoding/json" + clientLog "github.com/jfrog/jfrog-client-go/utils/log" + "github.com/sigstore/sigstore-go/pkg/bundle" + "regexp" + "strings" + "github.com/jfrog/jfrog-cli-artifactory/evidence" + "github.com/jfrog/jfrog-cli-artifactory/evidence/sigstore" "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/jfrog/jfrog-client-go/utils/errorutils" ) type createEvidenceCustom struct { createEvidenceBase - subjectRepoPath string - subjectSha256 string + subjectRepoPath string + subjectSha256 string + sigstoreBundlePath string } func NewCreateEvidenceCustom(serverDetails *config.ServerDetails, predicateFilePath, predicateType, markdownFilePath, key, keyId, subjectRepoPath, - subjectSha256, providerId string) evidence.Command { + subjectSha256, sigstoreBundlePath, providerId string) evidence.Command { return &createEvidenceCustom{ createEvidenceBase: createEvidenceBase{ serverDetails: serverDetails, @@ -23,8 +32,9 @@ func NewCreateEvidenceCustom(serverDetails *config.ServerDetails, predicateFileP key: key, keyId: keyId, }, - subjectRepoPath: subjectRepoPath, - subjectSha256: subjectSha256, + subjectRepoPath: subjectRepoPath, + subjectSha256: subjectSha256, + sigstoreBundlePath: sigstoreBundlePath, } } @@ -37,13 +47,88 @@ func (c *createEvidenceCustom) ServerDetails() (*config.ServerDetails, error) { } func (c *createEvidenceCustom) Run() error { - envelope, err := c.createEnvelope(c.subjectRepoPath, c.subjectSha256) + var evidencePayload []byte + var err error + + if c.sigstoreBundlePath != "" { + clientLog.Info("Reading sigstore bundle from path:", c.sigstoreBundlePath) + evidencePayload, err = c.processSigstoreBundle() + } else { + clientLog.Info("Creating DSSE envelope for subject:", c.subjectRepoPath) + evidencePayload, err = c.createDSSEEnvelope() + } + if err != nil { return err } - err = c.uploadEvidence(envelope, c.subjectRepoPath) + + err = validateSubject(c.subjectRepoPath) if err != nil { return err } + err = c.uploadEvidence(evidencePayload, c.subjectRepoPath) + if err != nil { + err = handleSubjectNotFound(err, c.subjectRepoPath) + return err + } + return nil } + +func (c *createEvidenceCustom) processSigstoreBundle() ([]byte, error) { + sigstoreBundle, err := sigstore.ParseBundle(c.sigstoreBundlePath) + if err != nil { + return nil, errorutils.CheckErrorf("failed to read sigstore bundle: %s", err.Error()) + } + + if c.subjectRepoPath == "" { + extractedSubject, err := c.extractSubjectFromBundle(sigstoreBundle) + if err != nil { + return nil, err + } + c.subjectRepoPath = extractedSubject + } + + return json.Marshal(sigstoreBundle) +} + +func (c *createEvidenceCustom) extractSubjectFromBundle(bundle *bundle.Bundle) (string, error) { + subject, err := sigstore.ExtractSubjectFromBundle(bundle) + if err != nil { + return "", err + } + + if subject == "" { + return "", errorutils.CheckErrorf("Subject is not found in the sigstore bundle. Please ensure the bundle contains a valid subject.") + } else { + clientLog.Info("Subject " + subject + " is resolved from sigstore bundle.") + } + + return subject, nil +} + +func (c *createEvidenceCustom) createDSSEEnvelope() ([]byte, error) { + envelope, err := c.createEnvelope(c.subjectRepoPath, c.subjectSha256) + if err != nil { + return nil, err + } + + return envelope, nil +} + +func validateSubject(subject string) error { + // Pattern: must have at least one slash with non-empty sections + if matched, _ := regexp.MatchString(`^[^/]+(/[^/]+)+$`, subject); !matched { + return errorutils.CheckErrorf("Subject '%s' is invalid. Subject must be in format: // or /", subject) + } + return nil +} + +func handleSubjectNotFound(err error, subject string) error { + errStr := err.Error() + if strings.Contains(errStr, "404 Not Found") { + clientLog.Debug("Server response error:", err.Error()) + return errorutils.CheckErrorf("Subject '%s' is not found. Please ensure the subject exists.", subject) + } + return err +} diff --git a/evidence/create/create_custom_test.go b/evidence/create/create_custom_test.go new file mode 100644 index 00000000..39440212 --- /dev/null +++ b/evidence/create/create_custom_test.go @@ -0,0 +1,214 @@ +package create + +import ( + "encoding/base64" + "encoding/json" + "os" + "path/filepath" + "testing" + + "github.com/jfrog/jfrog-cli-core/v2/utils/config" + "github.com/stretchr/testify/assert" +) + +func TestNewCreateEvidenceCustom(t *testing.T) { + serverDetails := &config.ServerDetails{ + Url: "https://test.jfrog.io", + User: "test-user", + AccessToken: "test-token", + } + + // Test with regular evidence creation (no sigstore bundle) + cmd := NewCreateEvidenceCustom( + serverDetails, + "predicate.json", + "https://example.com/predicate/v1", + "markdown.md", + "key.pem", + "key-alias", + "test-repo/test-artifact", + "abcd1234", + "", // No sigstore bundle + "test-provider", + ) + + assert.NotNil(t, cmd) + assert.Equal(t, "create-custom-evidence", cmd.CommandName()) + details, err := cmd.ServerDetails() + assert.NoError(t, err) + assert.Equal(t, serverDetails, details) +} + +func TestCreateEvidenceCustom_WithSigstoreBundle(t *testing.T) { + // Create a test bundle file using generic map + statement := map[string]interface{}{ + "_type": "https://in-toto.io/Statement/v1", + "subject": []interface{}{ + map[string]interface{}{ + "digest": map[string]interface{}{ + "sha256": "test-sha256", + }, + "name": "test-repo/test-artifact", + }, + }, + "predicateType": "https://slsa.dev/provenance/v0.2", + "predicate": map[string]interface{}{ + "builder": map[string]interface{}{ + "id": "https://github.com/actions/runner/v2.311.0", + }, + "artifact": map[string]interface{}{ + "path": "test-repo/test-artifact", + }, + }, + } + + statementBytes, err := json.Marshal(statement) + assert.NoError(t, err) + payload := base64.StdEncoding.EncodeToString(statementBytes) + + bundleJSON := `{ + "mediaType": "application/vnd.dev.sigstore.bundle+json;version=0.2", + "verificationMaterial": { + "certificate": { + "rawBytes": "dGVzdC1jZXJ0" + } + }, + "dsseEnvelope": { + "payload": "` + payload + `", + "payloadType": "application/vnd.in-toto+json", + "signatures": [ + { + "sig": "dGVzdC1zaWduYXR1cmU=", + "keyid": "test-key-id" + } + ] + } + }` + + // Write bundle to temp file + tmpDir := t.TempDir() + bundlePath := filepath.Join(tmpDir, "test-bundle.json") + err = os.WriteFile(bundlePath, []byte(bundleJSON), 0644) + assert.NoError(t, err) + + // Create command with sigstore bundle + serverDetails := &config.ServerDetails{ + Url: "https://test.jfrog.io", + User: "test-user", + AccessToken: "test-token", + } + cmd := NewCreateEvidenceCustom( + serverDetails, + "", // No predicate file + "", // No predicate type + "", // No markdown + "", // No key + "", // No key alias + "", + "", // No sha256 (will be extracted from bundle) + bundlePath, // Sigstore bundle path + "test-provider", + ) + + // Verify command setup + assert.NotNil(t, cmd) + assert.Equal(t, "create-custom-evidence", cmd.CommandName()) +} + +func TestCreateEvidenceCustom_MissingSigstoreBundle(t *testing.T) { + serverDetails := &config.ServerDetails{ + Url: "https://test.jfrog.io", + User: "test-user", + AccessToken: "test-token", + } + + // Create command with non-existent bundle file + cmd := NewCreateEvidenceCustom( + serverDetails, + "", // No predicate file + "", // No predicate type + "", // No markdown + "", // No key + "", // No key alias + "test-repo/test-artifact", + "", + "/non/existent/bundle.json", // Non-existent bundle + "test-provider", + ) + + // Run should fail + err := cmd.Run() + assert.Error(t, err) + assert.Contains(t, err.Error(), "failed to read sigstore bundle") +} + +func TestCreateEvidenceCustom_SigstoreBundleWithSubjectPath(t *testing.T) { + // Create a test bundle without artifact path in predicate + statement := map[string]interface{}{ + "_type": "https://in-toto.io/Statement/v1", + "subject": []interface{}{ + map[string]interface{}{ + "digest": map[string]interface{}{ + "sha256": "extracted-sha256", + }, + }, + }, + "predicateType": "https://slsa.dev/provenance/v0.2", + "predicate": map[string]interface{}{}, + } + + statementBytes, err := json.Marshal(statement) + assert.NoError(t, err) + payload := base64.StdEncoding.EncodeToString(statementBytes) + + bundleJSON := `{ + "mediaType": "application/vnd.dev.sigstore.bundle+json;version=0.2", + "verificationMaterial": { + "certificate": { + "rawBytes": "dGVzdC1jZXJ0" + } + }, + "dsseEnvelope": { + "payload": "` + payload + `", + "payloadType": "application/vnd.in-toto+json", + "signatures": [ + { + "sig": "dGVzdC1zaWduYXR1cmU=", + "keyid": "test-key-id" + } + ] + } + }` + + // Write bundle to temp file + tmpDir := t.TempDir() + bundlePath := filepath.Join(tmpDir, "test-bundle-no-path.json") + err = os.WriteFile(bundlePath, []byte(bundleJSON), 0644) + assert.NoError(t, err) + + // Create command with explicit subject path (since bundle doesn't have it) + serverDetails := &config.ServerDetails{ + Url: "https://test.jfrog.io", + User: "test-user", + AccessToken: "test-token", + } + cmd := NewCreateEvidenceCustom( + serverDetails, + "", // No predicate file + "", // No predicate type + "", // No markdown + "", // No key + "", // No key alias + "provided-repo/provided-artifact", // This should be used as fallback + "", + bundlePath, + "test-provider", + ) + + // Verify the command would use the provided subject path + assert.NotNil(t, cmd) + custom, ok := cmd.(*createEvidenceCustom) + assert.True(t, ok, "cmd should be of type *createEvidenceCustom") + assert.Equal(t, bundlePath, custom.sigstoreBundlePath) + assert.Equal(t, "provided-repo/provided-artifact", custom.subjectRepoPath) +} diff --git a/evidence/sigstore/bundle_parser.go b/evidence/sigstore/bundle_parser.go new file mode 100644 index 00000000..bba35fe1 --- /dev/null +++ b/evidence/sigstore/bundle_parser.go @@ -0,0 +1,36 @@ +package sigstore + +import ( + "github.com/jfrog/jfrog-client-go/utils/errorutils" + protobundle "github.com/sigstore/protobuf-specs/gen/pb-go/bundle/v1" + protodsse "github.com/sigstore/protobuf-specs/gen/pb-go/dsse" + "github.com/sigstore/sigstore-go/pkg/bundle" +) + +func ParseBundle(bundlePath string) (*bundle.Bundle, error) { + b, err := bundle.LoadJSONFromPath(bundlePath) + if err != nil { + return nil, errorutils.CheckErrorf("failed to parse sigstore bundle: %s", err.Error()) + } + + return b, nil +} + +func GetDSSEEnvelope(b *bundle.Bundle) (*protodsse.Envelope, error) { + pb := b.Bundle + + content := pb.GetContent() + if content == nil { + return nil, errorutils.CheckErrorf("bundle does not contain content") + } + + switch c := content.(type) { + case *protobundle.Bundle_DsseEnvelope: + if c.DsseEnvelope == nil { + return nil, errorutils.CheckErrorf("DSSE envelope is empty") + } + return c.DsseEnvelope, nil + default: + return nil, errorutils.CheckErrorf("bundle does not contain a DSSE envelope") + } +} diff --git a/evidence/sigstore/bundle_parser_test.go b/evidence/sigstore/bundle_parser_test.go new file mode 100644 index 00000000..2927f912 --- /dev/null +++ b/evidence/sigstore/bundle_parser_test.go @@ -0,0 +1,39 @@ +package sigstore + +import ( + "os" + "path/filepath" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestParseBundleRealFile(t *testing.T) { + bundlePath := filepath.Join("testdata", "sample-bundle.json") + + bundle, err := ParseBundle(bundlePath) + assert.NoError(t, err) + assert.NotNil(t, bundle) + + envelope, err := GetDSSEEnvelope(bundle) + assert.NoError(t, err) + assert.NotNil(t, envelope) + assert.Equal(t, "application/vnd.in-toto+json", envelope.PayloadType) + assert.Len(t, envelope.Signatures, 1) +} + +func TestParseBundleInvalidFile(t *testing.T) { + _, err := ParseBundle("/non/existent/file.json") + assert.Error(t, err) + assert.Contains(t, err.Error(), "failed to parse sigstore bundle") +} + +func TestParseBundleInvalidJSON(t *testing.T) { + tmpDir := t.TempDir() + bundlePath := filepath.Join(tmpDir, "invalid.json") + err := os.WriteFile(bundlePath, []byte("invalid json"), 0644) + assert.NoError(t, err) + + _, err = ParseBundle(bundlePath) + assert.Error(t, err) +} diff --git a/evidence/sigstore/subject_extractor.go b/evidence/sigstore/subject_extractor.go new file mode 100644 index 00000000..9451ac3a --- /dev/null +++ b/evidence/sigstore/subject_extractor.go @@ -0,0 +1,44 @@ +package sigstore + +import ( + "encoding/json" + + "github.com/jfrog/jfrog-client-go/utils/errorutils" + protodsse "github.com/sigstore/protobuf-specs/gen/pb-go/dsse" + "github.com/sigstore/sigstore-go/pkg/bundle" +) + +func ExtractSubjectFromBundle(b *bundle.Bundle) (repoPath string, err error) { + envelope, err := GetDSSEEnvelope(b) + if err != nil { + return "", err + } + + return extractSubjectFromEnvelope(envelope) +} + +func extractSubjectFromEnvelope(envelope *protodsse.Envelope) (repoPath string, err error) { + if envelope == nil { + return "", errorutils.CheckErrorf("envelope is nil") + } + + var statement map[string]interface{} + if err := json.Unmarshal(envelope.Payload, &statement); err != nil { + return "", errorutils.CheckErrorf("failed to parse statement from DSSE payload: %s", err.Error()) + } + + repoPath = extractRepoPathFromStatement(statement) + + return repoPath, nil +} + +func extractRepoPathFromStatement(statement map[string]interface{}) string { + if subjects, ok := statement["subject"].([]interface{}); ok && len(subjects) > 0 { + if subject, ok := subjects[0].(map[string]interface{}); ok { + if name, ok := subject["name"].(string); ok && name != "" { + return name + } + } + } + return "" +} diff --git a/evidence/sigstore/subject_extractor_test.go b/evidence/sigstore/subject_extractor_test.go new file mode 100644 index 00000000..afeb5200 --- /dev/null +++ b/evidence/sigstore/subject_extractor_test.go @@ -0,0 +1,180 @@ +package sigstore + +import ( + "encoding/json" + "path/filepath" + "testing" + + protodsse "github.com/sigstore/protobuf-specs/gen/pb-go/dsse" + "github.com/stretchr/testify/assert" +) + +func TestExtractSubjectFromRealBundle(t *testing.T) { + bundlePath := filepath.Join("testdata", "sample-bundle.json") + + bundle, err := ParseBundle(bundlePath) + assert.NoError(t, err) + assert.NotNil(t, bundle) + + repoPath, err := ExtractSubjectFromBundle(bundle) + assert.NoError(t, err) + assert.Equal(t, "repo/commons-1.0.0.txt", repoPath) +} + +func TestExtractSubjectFromEnvelopeWithValidStatement(t *testing.T) { + statement := map[string]interface{}{ + "_type": "https://in-toto.io/Statement/v1", + "subject": []interface{}{ + map[string]interface{}{ + "name": "test-repo/test-artifact", + "digest": map[string]interface{}{ + "sha256": "abcd1234567890", + }, + }, + }, + "predicateType": "https://slsa.dev/provenance/v0.2", + "predicate": map[string]interface{}{}, + } + + payload := createTestPayload(t, statement) + envelope := &protodsse.Envelope{ + Payload: payload, + PayloadType: "application/vnd.in-toto+json", + } + + repoPath, err := extractSubjectFromEnvelope(envelope) + assert.NoError(t, err) + assert.Equal(t, "test-repo/test-artifact", repoPath) +} + +func TestExtractSubjectFromEnvelopeNoSubjects(t *testing.T) { + statement := map[string]interface{}{ + "_type": "https://in-toto.io/Statement/v1", + "subject": []interface{}{}, + "predicateType": "https://slsa.dev/provenance/v0.2", + "predicate": map[string]interface{}{}, + } + + payload := createTestPayload(t, statement) + envelope := &protodsse.Envelope{ + Payload: payload, + PayloadType: "application/vnd.in-toto+json", + } + + repoPath, err := extractSubjectFromEnvelope(envelope) + assert.NoError(t, err) + assert.Equal(t, "", repoPath) +} + +func TestExtractSubjectFromEnvelopeNoName(t *testing.T) { + statement := map[string]interface{}{ + "_type": "https://in-toto.io/Statement/v1", + "subject": []interface{}{ + map[string]interface{}{ + "digest": map[string]interface{}{ + "sha256": "abcd1234567890", + }, + }, + }, + "predicateType": "https://slsa.dev/provenance/v0.2", + "predicate": map[string]interface{}{}, + } + + payload := createTestPayload(t, statement) + envelope := &protodsse.Envelope{ + Payload: payload, + PayloadType: "application/vnd.in-toto+json", + } + + repoPath, err := extractSubjectFromEnvelope(envelope) + assert.NoError(t, err) + assert.Equal(t, "", repoPath) +} + +func TestExtractSubjectFromEnvelopeNilEnvelope(t *testing.T) { + repoPath, err := extractSubjectFromEnvelope(nil) + assert.Error(t, err) + assert.Contains(t, err.Error(), "envelope is nil") + assert.Equal(t, "", repoPath) +} + +func TestExtractSubjectFromEnvelopeInvalidJSON(t *testing.T) { + envelope := &protodsse.Envelope{ + Payload: []byte("invalid json"), + PayloadType: "application/vnd.in-toto+json", + } + + repoPath, err := extractSubjectFromEnvelope(envelope) + assert.Error(t, err) + assert.Contains(t, err.Error(), "failed to parse statement from DSSE payload") + assert.Equal(t, "", repoPath) +} + +func TestExtractRepoPathFromStatement(t *testing.T) { + tests := []struct { + name string + statement map[string]interface{} + expected string + }{ + { + name: "valid subject with name", + statement: map[string]interface{}{ + "subject": []interface{}{ + map[string]interface{}{ + "name": "repo/artifact", + }, + }, + }, + expected: "repo/artifact", + }, + { + name: "no subjects", + statement: map[string]interface{}{ + "subject": []interface{}{}, + }, + expected: "", + }, + { + name: "subject without name", + statement: map[string]interface{}{ + "subject": []interface{}{ + map[string]interface{}{ + "digest": map[string]interface{}{"sha256": "abc123"}, + }, + }, + }, + expected: "", + }, + { + name: "empty name", + statement: map[string]interface{}{ + "subject": []interface{}{ + map[string]interface{}{ + "name": "", + }, + }, + }, + expected: "", + }, + { + name: "no subject field", + statement: map[string]interface{}{ + "predicateType": "test", + }, + expected: "", + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + result := extractRepoPathFromStatement(tt.statement) + assert.Equal(t, tt.expected, result) + }) + } +} + +func createTestPayload(t *testing.T, statement interface{}) []byte { + statementBytes, err := json.Marshal(statement) + assert.NoError(t, err) + return statementBytes +} diff --git a/evidence/sigstore/testdata/sample-bundle.json b/evidence/sigstore/testdata/sample-bundle.json new file mode 100644 index 00000000..cfa46d6f --- /dev/null +++ b/evidence/sigstore/testdata/sample-bundle.json @@ -0,0 +1,57 @@ +{ + "mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", + "verificationMaterial": { + "certificate": { + "rawBytes": "MIIC0TCCAlegAwIBAgIUEAnCaV0T24DCyOFj+xwhyB0W9+4wCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUwNzE0MDgxNzQxWhcNMjUwNzE0MDgyNzQxWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEi+7tq5kknROUVfok4BJZfpvUykW3uEDb4mSjlHsf9RRyvehFLiXiCy1RWMbwJ27bRy1/HXJy4q09Q+72o8YFTqOCAXYwggFyMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQU8PapVYYm2KfMsuDOwTMxRJ0CbnMwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wIQYDVR0RAQH/BBcwFYETbS5uLnNib2V2QGdtYWlsLmNvbTAsBgorBgEEAYO/MAEBBB5odHRwczovL2dpdGh1Yi5jb20vbG9naW4vb2F1dGgwLgYKKwYBBAGDvzABCAQgDB5odHRwczovL2dpdGh1Yi5jb20vbG9naW4vb2F1dGgwgYkGCisGAQQB1nkCBAIEewR5AHcAdQDdPTBqxscRMmMZHhyZZzcCokpeuN48rf+HinKALynujgAAAZgIAtnlAAAEAwBGMEQCIA4ZKAcTlY8RsZYGIe3ZD8fX0WJTjv9B5RvuiCDy0ko8AiARRbVe2S/pXiL6PrpNO6IgpKlY9wTM5m/VVPg08Ibi+TAKBggqhkjOPQQDAwNoADBlAjAfzOuhBr28UYWjeUbFg5uyak9m5xP4wqjsF9SNrJJmuwMlE8AJUCCkhiv80/RppzACMQCLPfGkP/Q2mWgXyUZKx8R1JMdW8Hx3z4bbkyxo7m9R7SPNknYAfejFedT8CucIdbU=" + }, + "tlogEntries": [ + { + "logIndex": "273399794", + "logId": { + "keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0=" + }, + "kindVersion": { + "kind": "dsse", + "version": "0.0.1" + }, + "integratedTime": "1752481061", + "inclusionPromise": { + "signedEntryTimestamp": "MEUCIFApRuGFVKzAnlW2fhr9GlmHMsu8ltUiEFvonrTcur+hAiEAgbwUX19rS0Cuz82pF47YUe61J9f5qphzo/Xnb2kiSIo=" + }, + "inclusionProof": { + "logIndex": "151495532", + "rootHash": "FJhYQU5OV1hTaIa1Rap/a+nFyWYPyrIS71EAKyCHj5M=", + "treeSize": "151495533", + "hashes": [ + "wkhgHe1h/M2+nhsNyk8inxw2oJeAC+8KMruZpiUQGug=", + "gIzfyRE92QxaGc2qCIzII87liJGirXt2Puu3mQzHn+Q=", + "ktlm+BPS9yuotHAY5XeUC2lSSgkh2SmmtfTJshz1b7c=", + "e56AJMPVHh2pyMMPgnCpy6hiXoRDcGdB71GC6z6++fE=", + "r9a7SqYcczgsv66O1J5+sdx7L/NkpFp5OL9o5Ibqo8c=", + "fIdWpB44KRa+zPmbkyjGJE9Vvo0iesmemHJgYWd5IH4=", + "34UgdMO1ZcpVEKQ9qRC9fwmxPaAhowqOwV/CvHeVY9c=", + "3IaG2FGYv59HCnuTZmWnJ4IP5pdR9Wm2Nm+5pu664q4=", + "BCJGi2H4zlCm3PFqGm92+fOs61QXEG/pESRcVXveAoE=", + "EjewWSO63ofD3R1/QSydIMugVrswqA35UIQYGN+dhZ4=", + "0Fz6av+Ar5vxn1zKhc4JGxpDVa3upydryJb/oK3JaFQ=", + "pgXhGxrdepPnvz6NRyCTyolo2uuEIHA8AjmfpxqqEZ8=", + "wLANT0NMxIRh/p5rRcam4MppSIbUXIfT1Ht9FQA2XnI=" + ], + "checkpoint": { + "envelope": "rekor.sigstore.dev - 1193050959916656506\n151495533\nFJhYQU5OV1hTaIa1Rap/a+nFyWYPyrIS71EAKyCHj5M=\n\n— rekor.sigstore.dev wNI9ajBFAiAkmAh/5Muw9pm5RT8vYZWat3xRpcz4Iw+EcgNXwUy5HgIhALgcBnwXfHFs2Y/GkRfGsKO3qJwndeDUK80TAdlXGygY\n" + } + }, + "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiZHNzZSIsInNwZWMiOnsiZW52ZWxvcGVIYXNoIjp7ImFsZ29yaXRobSI6InNoYTI1NiIsInZhbHVlIjoiZDg4NmQxZjQ2Yjk0ZjJlZjdlOWE4MzE2ODE1NTMyM2RmZjBmZTRjZjZiNDEyM2ZjZTkwNjNkYzQ2YWIzZDU4NCJ9LCJwYXlsb2FkSGFzaCI6eyJhbGdvcml0aG0iOiJzaGEyNTYiLCJ2YWx1ZSI6ImUzNjg5MDZkZGRhZjk0OWIwZGMyOGJlMjg0MTlmNWMzNjJjZGI1NDVkODBkMTg4YjlmNWZiOTk5YmMyY2QxOTEifSwic2lnbmF0dXJlcyI6W3sic2lnbmF0dXJlIjoiTUVRQ0lDN0JyNTJCTE1qK1JhdVl4Q1R6Qmp2YnpGNFhKVE50MjVxRGRoeGlYdHNhQWlBVVFQNDFUQUxEcmNLNFVVa2J0eCtCM3lvSW43UmhHYVNucTFrL3hvMDVRQT09IiwidmVyaWZpZXIiOiJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VNd1ZFTkRRV3hsWjBGM1NVSkJaMGxWUlVGdVEyRldNRlF5TkVSRGVVOUdhaXQ0ZDJoNVFqQlhPU3MwZDBObldVbExiMXBKZW1vd1JVRjNUWGNLVG5wRlZrMUNUVWRCTVZWRlEyaE5UV015Ykc1ak0xSjJZMjFWZFZwSFZqSk5ValIzU0VGWlJGWlJVVVJGZUZaNllWZGtlbVJIT1hsYVV6RndZbTVTYkFwamJURnNXa2RzYUdSSFZYZElhR05PVFdwVmQwNTZSVEJOUkdkNFRucFJlRmRvWTA1TmFsVjNUbnBGTUUxRVozbE9lbEY0VjJwQlFVMUdhM2RGZDFsSUNrdHZXa2w2YWpCRFFWRlpTVXR2V2tsNmFqQkVRVkZqUkZGblFVVnBLemQwY1RWcmEyNVNUMVZXWm05ck5FSktXbVp3ZGxWNWExY3pkVVZFWWpSdFUyb0tiRWh6WmpsU1VubDJaV2hHVEdsWWFVTjVNVkpYVFdKM1NqSTNZbEo1TVM5SVdFcDVOSEV3T1ZFck56SnZPRmxHVkhGUFEwRllXWGRuWjBaNVRVRTBSd3BCTVZWa1JIZEZRaTkzVVVWQmQwbElaMFJCVkVKblRsWklVMVZGUkVSQlMwSm5aM0pDWjBWR1FsRmpSRUY2UVdSQ1owNVdTRkUwUlVablVWVTRVR0Z3Q2xaWldXMHlTMlpOYzNWRVQzZFVUWGhTU2pCRFltNU5kMGgzV1VSV1VqQnFRa0puZDBadlFWVXpPVkJ3ZWpGWmEwVmFZalZ4VG1wd1MwWlhhWGhwTkZrS1drUTRkMGxSV1VSV1VqQlNRVkZJTDBKQ1kzZEdXVVZVWWxNMWRVeHVUbWxpTWxZeVVVZGtkRmxYYkhOTWJVNTJZbFJCYzBKbmIzSkNaMFZGUVZsUEx3cE5RVVZDUWtJMWIyUklVbmRqZW05MlRESmtjR1JIYURGWmFUVnFZakl3ZG1KSE9XNWhWelIyWWpKR01XUkhaM2RNWjFsTFMzZFpRa0pCUjBSMmVrRkNDa05CVVdkRVFqVnZaRWhTZDJONmIzWk1NbVJ3WkVkb01WbHBOV3BpTWpCMllrYzVibUZYTkhaaU1rWXhaRWRuZDJkWmEwZERhWE5IUVZGUlFqRnVhME1LUWtGSlJXVjNValZCU0dOQlpGRkVaRkJVUW5GNGMyTlNUVzFOV2tob2VWcGFlbU5EYjJ0d1pYVk9ORGh5Wml0SWFXNUxRVXg1Ym5WcVowRkJRVnBuU1FwQmRHNXNRVUZCUlVGM1FrZE5SVkZEU1VFMFdrdEJZMVJzV1RoU2MxcFpSMGxsTTFwRU9HWllNRmRLVkdwMk9VSTFVbloxYVVORWVUQnJiemhCYVVGU0NsSmlWbVV5VXk5d1dHbE1ObEJ5Y0U1UE5rbG5jRXRzV1RsM1ZFMDFiUzlXVmxCbk1EaEpZbWtyVkVGTFFtZG5jV2hyYWs5UVVWRkVRWGRPYjBGRVFtd0tRV3BCWm5wUGRXaENjakk0VlZsWGFtVlZZa1puTlhWNVlXczViVFY0VURSM2NXcHpSamxUVG5KS1NtMTFkMDFzUlRoQlNsVkRRMnRvYVhZNE1DOVNjQXB3ZWtGRFRWRkRURkJtUjJ0UUwxRXliVmRuV0hsVldrdDRPRkl4U2sxa1Z6aEllRE42TkdKaWEzbDRiemR0T1ZJM1UxQk9hMjVaUVdabGFrWmxaRlE0Q2tOMVkwbGtZbFU5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIn1dfX0=" + } + ] + }, + "dsseEnvelope": { + "payload": "eyJfdHlwZSI6Imh0dHBzOi8vaW4tdG90by5pby9TdGF0ZW1lbnQvdjAuMSIsInByZWRpY2F0ZVR5cGUiOiJpbi10b3RvIiwic3ViamVjdCI6W3sibmFtZSI6InJlcG8vY29tbW9ucy0xLjAuMC50eHQiLCJkaWdlc3QiOnsic2hhMjU2IjoiNDM0NzI4YTQxMGE3OGY1NmZjMWI1ODk5YzM1OTM0MzZlNjFhYjBjNzMxZTkwNzJkOTVlOTZkYjI5MDIwNWU1MyJ9fV0sInByZWRpY2F0ZSI6eyJzaWduYXR1cmVzIjpbeyJrZXlpZCI6ImNjY2M1Yjg5ZjIxZGFmMWE4MzBmYjJlZDU3ZTU4YTRkYjJjNjlhMWNlODkwZjc1ZmVkOGMyMjRmZjg1OWFjNTIiLCJzaWciOiI3YmFmMzZlNjkzMmYxMTViMjEzMmFmMmY2MGVjNzZmZjQ1MWJiYjZmOTM5NDUyM2FlZWVmMGIwN2NmMzY5NWQ5NWZlYjcxNTI0MzhlMWE2M2EwNzNhMDI4ZTBiMTBhNmMyOTUzMmNjMDY1ODRhNzlkZjE3NmI0MTBjMTQ5ZTQ5NzE1MjUwZGVlYzE2ZDY2M2QxMTYyMjhhYjViODZmYTk1OTM3Y2U5MGRiY2Q1ZTNiYjFhOGMyN2M0ZDJhZTA2ZmNlMTZhNWQ2MDRkYTZjMjU5NzU3YjY1MGJiMTIxNzVkOGJmOWMzZTJlMmE5MzU3ZjY0OTRlZDM2NmRjNmVjYWYzOTg2Y2IzZjAxYjE2YWExN2ExOWFjMzI5ODBjM2YyODY4NTA1ZjUwMTQ2YzRiZDQ1YTZlOTM1NDZlMmUzMWMxZTA4OTkwODIyMDRiOThiYzBkN2UzMmRiYmJiMTU1MGVhNDgwYTdkMWZiMGM5NDc3YjMyYjA3MDMwNjM3NjhmNTE5OWM0N2UzOTg0NzEwMWZhM2Q4M2FjYzFkNzZiZGIwMWQyNTQ0YTZiZTlhYTU2Mjk1ZmQ2MDFjYmE3MmE2YzI0YWE2MGUwZWZiYzYwMGQzOTBlZmNkMmJhOGM4MjNhZGM3NzRiYzNhZTczZWQ2NDdkOTEyMTFmYWNkZTI1M2ZmNCJ9XSwic2lnbmVkIjp7Il90eXBlIjoibGluayIsImJ5cHJvZHVjdHMiOnt9LCJjb21tYW5kIjpbXSwiZW52aXJvbm1lbnQiOnt9LCJtYXRlcmlhbHMiOnsiY2xpLXNpZ3N0b3JlLXRlc3QvY29tbW9ucy0xLjAuMC50eHQiOnsic2hhMjU2IjoiNDM0NzI4YTQxMGE3OGY1NmZjMWI1ODk5YzM1OTM0MzZlNjFhYjBjNzMxZTkwNzJkOTVlOTZkYjI5MDIwNWU1MyJ9fSwibmFtZSI6InJldmlldyIsInByb2R1Y3RzIjp7fX19fQ==", + "payloadType": "application/vnd.in-toto+json", + "signatures": [ + { + "sig": "MEQCIC7Br52BLMj+RauYxCTzBjvbzF4XJTNt25qDdhxiXtsaAiAUQP41TALDrcK4UUkbtx+B3yoIn7RhGaSnq1k/xo05QA==" + } + ] + } +} \ No newline at end of file diff --git a/go.mod b/go.mod index 968f372f..a4f9e26f 100644 --- a/go.mod +++ b/go.mod @@ -12,18 +12,20 @@ require ( github.com/jfrog/jfrog-cli-core/v2 v2.59.0 github.com/jfrog/jfrog-client-go v1.54.2 github.com/pkg/errors v0.9.1 - github.com/secure-systems-lab/go-securesystemslib v0.8.0 - github.com/spf13/viper v1.19.0 + github.com/secure-systems-lab/go-securesystemslib v0.9.0 + github.com/sigstore/protobuf-specs v0.5.0 + github.com/sigstore/sigstore-go v1.0.0 + github.com/spf13/viper v1.20.1 github.com/stretchr/testify v1.10.0 github.com/urfave/cli v1.22.16 go.uber.org/mock v0.4.0 - golang.org/x/crypto v0.36.0 + golang.org/x/crypto v0.38.0 golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 golang.org/x/mod v0.24.0 gopkg.in/ini.v1 v1.67.0 ) -require golang.org/x/net v0.38.0 // indirect +require golang.org/x/net v0.40.0 // indirect require ( dario.cat/mergo v1.0.1 // indirect @@ -35,26 +37,48 @@ require ( github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect github.com/andybalholm/brotli v1.1.1 // indirect github.com/apache/camel-k/v2 v2.5.0 // indirect + github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect + github.com/blang/semver v3.5.1+incompatible // indirect github.com/buger/jsonparser v1.1.1 // indirect + github.com/cenkalti/backoff/v5 v5.0.2 // indirect github.com/chzyer/readline v1.5.1 // indirect github.com/cloudflare/circl v1.6.1 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect + github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7 // indirect github.com/cyphar/filepath-securejoin v0.4.1 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect + github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect + github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 // indirect github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 // indirect github.com/emirpasic/gods v1.18.1 // indirect - github.com/fsnotify/fsnotify v1.7.0 // indirect + github.com/fsnotify/fsnotify v1.8.0 // indirect github.com/gfleury/go-bitbucket-v1 v0.0.0-20230825095122-9bc1711434ab // indirect + github.com/go-chi/chi v4.1.2+incompatible // indirect github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect github.com/go-git/go-billy/v5 v5.6.2 // indirect github.com/go-git/go-git/v5 v5.14.0 // indirect + github.com/go-jose/go-jose/v4 v4.0.5 // indirect github.com/go-logr/logr v1.4.2 // indirect + github.com/go-logr/stdr v1.2.2 // indirect github.com/go-logr/zapr v1.3.0 // indirect + github.com/go-openapi/analysis v0.23.0 // indirect + github.com/go-openapi/errors v0.22.1 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/loads v0.22.0 // indirect + github.com/go-openapi/runtime v0.28.0 // indirect + github.com/go-openapi/spec v0.21.0 // indirect + github.com/go-openapi/strfmt v0.23.0 // indirect + github.com/go-openapi/swag v0.23.1 // indirect + github.com/go-openapi/validate v0.24.0 // indirect + github.com/go-viper/mapstructure/v2 v2.2.1 // indirect github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang-jwt/jwt/v4 v4.5.2 // indirect github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect github.com/golang/snappy v0.0.4 // indirect + github.com/google/certificate-transparency-go v1.3.1 // indirect + github.com/google/go-containerregistry v0.20.3 // indirect github.com/google/go-github/v56 v56.0.0 // indirect github.com/google/go-querystring v1.1.0 // indirect github.com/google/gofuzz v1.2.0 // indirect @@ -62,18 +86,23 @@ require ( github.com/grokify/mogo v0.64.12 // indirect github.com/hashicorp/go-cleanhttp v0.5.2 // indirect github.com/hashicorp/go-retryablehttp v0.7.7 // indirect - github.com/hashicorp/hcl v1.0.0 // indirect github.com/imdario/mergo v0.3.16 // indirect + github.com/in-toto/attestation v1.1.1 // indirect + github.com/in-toto/in-toto-golang v0.9.0 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/jedib0t/go-pretty/v6 v6.6.5 // indirect + github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b // indirect github.com/jfrog/archiver/v3 v3.6.1 // indirect + github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/kevinburke/ssh_config v1.2.0 // indirect github.com/klauspost/compress v1.17.11 // indirect github.com/klauspost/cpuid/v2 v2.2.9 // indirect github.com/klauspost/pgzip v1.2.6 // indirect github.com/ktrysmt/go-bitbucket v0.9.80 // indirect - github.com/magiconair/properties v1.8.9 // indirect + github.com/letsencrypt/boulder v0.0.0-20240620165639-de9c06129bec // indirect + github.com/mailru/easyjson v0.9.0 // indirect github.com/manifoldco/promptui v0.9.0 // indirect github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect @@ -85,7 +114,10 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/nwaples/rardecode v1.1.3 // indirect - github.com/pelletier/go-toml/v2 v2.2.2 // indirect + github.com/oklog/ulid v1.3.1 // indirect + github.com/opencontainers/go-digest v1.0.0 // indirect + github.com/opentracing/opentracing-go v1.2.0 // indirect + github.com/pelletier/go-toml/v2 v2.2.3 // indirect github.com/pierrec/lz4/v4 v4.1.22 // indirect github.com/pjbgf/sha1cd v0.3.2 // indirect github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect @@ -93,31 +125,47 @@ require ( github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/rivo/uniseg v0.4.7 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect - github.com/sagikazarmark/locafero v0.4.0 // indirect - github.com/sagikazarmark/slog-shim v0.1.0 // indirect + github.com/sagikazarmark/locafero v0.7.0 // indirect + github.com/sassoftware/relic v7.2.1+incompatible // indirect github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect + github.com/shibumi/go-pathspec v1.3.0 // indirect + github.com/sigstore/rekor v1.3.10 // indirect + github.com/sigstore/sigstore v1.9.4 // indirect + github.com/sigstore/timestamp-authority v1.2.7 // indirect github.com/skeema/knownhosts v1.3.1 // indirect github.com/sourcegraph/conc v0.3.0 // indirect - github.com/spf13/afero v1.11.0 // indirect - github.com/spf13/cast v1.6.0 // indirect - github.com/spf13/pflag v1.0.5 // indirect + github.com/spf13/afero v1.12.0 // indirect + github.com/spf13/cast v1.7.1 // indirect + github.com/spf13/cobra v1.9.1 // indirect + github.com/spf13/pflag v1.0.6 // indirect github.com/stoewer/go-strcase v1.3.0 // indirect github.com/stretchr/objx v0.5.2 // indirect github.com/subosito/gotenv v1.6.0 // indirect + github.com/theupdateframework/go-tuf v0.7.0 // indirect + github.com/theupdateframework/go-tuf/v2 v2.1.1 // indirect + github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect + github.com/transparency-dev/merkle v0.0.2 // indirect github.com/ulikunitz/xz v0.5.12 // indirect github.com/vbauerster/mpb/v8 v8.9.1 // indirect github.com/xanzy/go-gitlab v0.110.0 // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect + go.mongodb.org/mongo-driver v1.14.0 // indirect + go.opentelemetry.io/auto/sdk v1.1.0 // indirect + go.opentelemetry.io/otel v1.35.0 // indirect + go.opentelemetry.io/otel/metric v1.35.0 // indirect + go.opentelemetry.io/otel/trace v1.35.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.27.0 // indirect - golang.org/x/oauth2 v0.23.0 // indirect - golang.org/x/sync v0.12.0 // indirect - golang.org/x/sys v0.31.0 // indirect - golang.org/x/term v0.30.0 // indirect - golang.org/x/text v0.23.0 // indirect - golang.org/x/time v0.7.0 // indirect + golang.org/x/oauth2 v0.29.0 // indirect + golang.org/x/sync v0.14.0 // indirect + golang.org/x/sys v0.33.0 // indirect + golang.org/x/term v0.32.0 // indirect + golang.org/x/text v0.25.0 // indirect + golang.org/x/time v0.11.0 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20250414145226-207652e42e2e // indirect + google.golang.org/protobuf v1.36.6 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index 6f0a2e94..9deec97d 100644 --- a/go.sum +++ b/go.sum @@ -1,7 +1,37 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.120.0 h1:wc6bgG9DHyKqF5/vQvX1CiZrtHnxJjBlKUyF9nP6meA= +cloud.google.com/go v0.120.0/go.mod h1:/beW32s8/pGRuj4IILWQNd4uuebeT4dkOhKmkfit64Q= +cloud.google.com/go/auth v0.16.0 h1:Pd8P1s9WkcrBE2n/PhAwKsdrR35V3Sg2II9B+ndM3CU= +cloud.google.com/go/auth v0.16.0/go.mod h1:1howDHJ5IETh/LwYs3ZxvlkXF48aSqqJUM+5o02dNOI= +cloud.google.com/go/auth/oauth2adapt v0.2.8 h1:keo8NaayQZ6wimpNSmW5OPc283g65QNIiLpZnkHRbnc= +cloud.google.com/go/auth/oauth2adapt v0.2.8/go.mod h1:XQ9y31RkqZCcwJWNSx2Xvric3RrU88hAYYbjDWYDL+c= cloud.google.com/go/compute/metadata v0.3.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= +cloud.google.com/go/compute/metadata v0.6.0 h1:A6hENjEsCDtC1k8byVsgwvVcioamEHvZ4j01OwKxG9I= +cloud.google.com/go/compute/metadata v0.6.0/go.mod h1:FjyFAW1MW0C203CEOMDTu3Dk1FlqW3Rga40jzHL4hfg= +cloud.google.com/go/iam v1.5.0 h1:QlLcVMhbLGOjRcGe6VTGGTyQib8dRLK2B/kYNV0+2xs= +cloud.google.com/go/iam v1.5.0/go.mod h1:U+DOtKQltF/LxPEtcDLoobcsZMilSRwR7mgNL7knOpo= +cloud.google.com/go/kms v1.21.2 h1:c/PRUSMNQ8zXrc1sdAUnsenWWaNXN+PzTXfXOcSFdoE= +cloud.google.com/go/kms v1.21.2/go.mod h1:8wkMtHV/9Z8mLXEXr1GK7xPSBdi6knuLXIhqjuWcI6w= +cloud.google.com/go/longrunning v0.6.6 h1:XJNDo5MUfMM05xK3ewpbSdmt7R2Zw+aQEMbdQR65Rbw= +cloud.google.com/go/longrunning v0.6.6/go.mod h1:hyeGJUrPHcx0u2Uu1UFSoYZLn4lkMrccJig0t4FI7yw= dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s= dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= +filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= +filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= +github.com/AdamKorcz/go-fuzz-headers-1 v0.0.0-20230919221257-8b5d3ce2d11d h1:zjqpY4C7H15HjRPEenkS4SAn3Jy2eRRjkjZbGR30TOg= +github.com/AdamKorcz/go-fuzz-headers-1 v0.0.0-20230919221257-8b5d3ce2d11d/go.mod h1:XNqJ7hv2kY++g8XEHREpi+JqZo3+0l+CH2egBVN4yqM= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 h1:Gt0j3wceWMwPmiazCa8MzMA0MfhmPIz0Qp0FJ6qcM0U= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0/go.mod h1:Ot/6aikWnKWi4l9QB7qVSwa8iMphQNqkWALMoNT3rzM= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.9.0 h1:OVoM452qUFBrX+URdH3VpR299ma4kfom0yB0URYky9g= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.9.0/go.mod h1:kUjrAo8bgEwLeZ/CmHqNl3Z/kPm7y6FKfxxK0izYUg4= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 h1:FPKJS1T+clwv+OLGt13a8UjqeRuh0O4SJ3lUriThc+4= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1/go.mod h1:j2chePtV91HrC22tGoRX3sGY42uF13WzmmV80/OdVAA= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.3.1 h1:Wgf5rZba3YZqeTNJPtvqZoBu1sBN/L4sry+u2U3Y75w= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys v1.3.1/go.mod h1:xxCBG/f/4Vbmh2XQJBsOmNdxWUY5j/s27jujKPbQf14= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1 h1:bFWuoEKg+gImo7pvkiQEFAc8ocibADgXeiLAxWhWmkI= +github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.1.1/go.mod h1:Vih/3yc6yac2JzU4hzpaDupBJP0Flaia9rXXrU8xyww= +github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 h1:oygO0locgZJe7PpYPXT5A29ZkwJaPqcva7BVeemZOZs= +github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0= github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= github.com/CycloneDX/cyclonedx-go v0.9.2 h1:688QHn2X/5nRezKe2ueIVCt+NRqf7fl3AVQk+vaFcIo= @@ -15,6 +45,8 @@ github.com/VividCortex/ewma v1.2.0 h1:f58SaIzcDXrSy3kWaHNvuJgJ3Nmz59Zji6XoJR/q1o github.com/VividCortex/ewma v1.2.0/go.mod h1:nz4BbCtbLyFDeC9SUHbtcT5644juEuWfUAUnGx7j5l4= github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d h1:licZJFw2RwpHMqeKTCYkitsPqHNxTmd4SNR5r94FGM8= github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d/go.mod h1:asat636LX7Bqt5lYEZ27JNDcqxfjdBQuJ/MM4CN/Lzo= +github.com/alessio/shellescape v1.4.1 h1:V7yhSDDn8LP4lc4jS8pFkt0zCnzVJlG5JXy9BVKJUX0= +github.com/alessio/shellescape v1.4.1/go.mod h1:PZAiSCk0LJaZkiCSkPv8qIobYglO3FPpyFjDCtHLS30= github.com/andybalholm/brotli v1.1.1 h1:PR2pgnyFznKEugtsUo0xLdDop5SKXd5Qf5ysW+7XdTA= github.com/andybalholm/brotli v1.1.1/go.mod h1:05ib4cKhjx3OQYUY22hTVd34Bc8upXjOLL2rKwwZBoA= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= @@ -23,12 +55,54 @@ github.com/apache/camel-k/v2 v2.5.0 h1:voFPrxhuaedKn68RerS+QkXYXyZ+5tBfVaAc7QYOg github.com/apache/camel-k/v2 v2.5.0/go.mod h1:vLrJAJAp9EGxY54cUR7VHzIF70JHfFzk4OOaYRfLr44= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= +github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= +github.com/aws/aws-sdk-go v1.55.6 h1:cSg4pvZ3m8dgYcgqB97MrcdjUmZ1BeMYKUxMMB89IPk= +github.com/aws/aws-sdk-go v1.55.6/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= +github.com/aws/aws-sdk-go-v2 v1.36.3 h1:mJoei2CxPutQVxaATCzDUjcZEjVRdpsiiXi2o38yqWM= +github.com/aws/aws-sdk-go-v2 v1.36.3/go.mod h1:LLXuLpgzEbD766Z5ECcRmi8AzSwfZItDtmABVkRLGzg= +github.com/aws/aws-sdk-go-v2/config v1.29.14 h1:f+eEi/2cKCg9pqKBoAIwRGzVb70MRKqWX4dg1BDcSJM= +github.com/aws/aws-sdk-go-v2/config v1.29.14/go.mod h1:wVPHWcIFv3WO89w0rE10gzf17ZYy+UVS1Geq8Iei34g= +github.com/aws/aws-sdk-go-v2/credentials v1.17.67 h1:9KxtdcIA/5xPNQyZRgUSpYOE6j9Bc4+D7nZua0KGYOM= +github.com/aws/aws-sdk-go-v2/credentials v1.17.67/go.mod h1:p3C44m+cfnbv763s52gCqrjaqyPikj9Sg47kUVaNZQQ= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30 h1:x793wxmUWVDhshP8WW2mlnXuFrO4cOd3HLBroh1paFw= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30/go.mod h1:Jpne2tDnYiFascUEs2AWHJL9Yp7A5ZVy3TNyxaAjD6M= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 h1:ZK5jHhnrioRkUNOc+hOgQKlUL5JeC3S6JgLxtQ+Rm0Q= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34/go.mod h1:p4VfIceZokChbA9FzMbRGz5OV+lekcVtHlPKEO0gSZY= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 h1:SZwFm17ZUNNg5Np0ioo/gq8Mn6u9w19Mri8DnJ15Jf0= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34/go.mod h1:dFZsC0BLo346mvKQLWmoJxT+Sjp+qcVR1tRVHQGOH9Q= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 h1:bIqFDwgGXXN1Kpp99pDOdKMTTb5d2KyU5X/BZxjOkRo= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3/go.mod h1:H5O/EsxDWyU+LP/V8i5sm8cxoZgc2fdNR9bxlOFrQTo= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3 h1:eAh2A4b5IzM/lum78bZ590jy36+d/aFLgKF/4Vd1xPE= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3/go.mod h1:0yKJC/kb8sAnmlYa6Zs3QVYqaC8ug2AbnNChv5Ox3uA= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15 h1:dM9/92u2F1JbDaGooxTq18wmmFzbJRfXfVfy96/1CXM= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15/go.mod h1:SwFBy2vjtA0vZbjjaFtfN045boopadnoVPhu4Fv66vY= +github.com/aws/aws-sdk-go-v2/service/kms v1.38.3 h1:RivOtUH3eEu6SWnUMFHKAW4MqDOzWn1vGQ3S38Y5QMg= +github.com/aws/aws-sdk-go-v2/service/kms v1.38.3/go.mod h1:cQn6tAF77Di6m4huxovNM7NVAozWTZLsDRp9t8Z/WYk= +github.com/aws/aws-sdk-go-v2/service/sso v1.25.3 h1:1Gw+9ajCV1jogloEv1RRnvfRFia2cL6c9cuKV2Ps+G8= +github.com/aws/aws-sdk-go-v2/service/sso v1.25.3/go.mod h1:qs4a9T5EMLl/Cajiw2TcbNt2UNo/Hqlyp+GiuG4CFDI= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.1 h1:hXmVKytPfTy5axZ+fYbR5d0cFmC3JvwLm5kM83luako= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.1/go.mod h1:MlYRNmYu/fGPoxBQVvBYr9nyr948aY/WLUvwBMBJubs= +github.com/aws/aws-sdk-go-v2/service/sts v1.33.19 h1:1XuUZ8mYJw9B6lzAkXhqHlJd/XvaX32evhproijJEZY= +github.com/aws/aws-sdk-go-v2/service/sts v1.33.19/go.mod h1:cQnB8CUnxbMU82JvlqjKR2HBOm3fe9pWorWBza6MBJ4= +github.com/aws/smithy-go v1.22.2 h1:6D9hW43xKFrRx/tXXfAlIZc4JI+yQe6snnWcQyxSyLQ= +github.com/aws/smithy-go v1.22.2/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= +github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= +github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= +github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/bradleyjkemp/cupaloy/v2 v2.8.0 h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M= github.com/bradleyjkemp/cupaloy/v2 v2.8.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0= github.com/buger/jsonparser v1.1.1 h1:2PnMjfWD7wBILjqQbt530v576A/cAbQvEW9gGIpYMUs= github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= github.com/c-bata/go-prompt v0.2.5 h1:3zg6PecEywxNn0xiqcXHD96fkbxghD+gdB2tbsYfl+Y= github.com/c-bata/go-prompt v0.2.5/go.mod h1:vFnjEGDIIA/Lib7giyE4E9c50Lvl8j0S+7FVlAwDAVw= +github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= +github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= +github.com/cenkalti/backoff/v5 v5.0.2 h1:rIfFVxEf1QsI7E1ZHfp/B4DF/6QBAUhmgkxc0H7Zss8= +github.com/cenkalti/backoff/v5 v5.0.2/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/logex v1.2.1 h1:XHDu3E6q+gdHgsdTPH6ImJMIp436vR6MPtH8gP05QzM= github.com/chzyer/logex v1.2.1/go.mod h1:JLbx6lG2kDbNRFnfkgvh4eRJRPX1QCoOIWomwysCBrQ= @@ -40,16 +114,27 @@ github.com/chzyer/test v1.0.0 h1:p3BQDXSxOhOG0P9z6/hGnII4LGiEPOYBhs8asl/fC04= github.com/chzyer/test v1.0.0/go.mod h1:2JlltgoNkt4TW/z9V/IzDdFaMTM2JPIi26O1pF38GC8= github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0= github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs= +github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb h1:EDmT6Q9Zs+SbUoc7Ik9EfrFqcylYqgPZ9ANSbTAntnE= +github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb/go.mod h1:ZjrT6AXHbDs86ZSdt/osfBi5qfexBrKUdONk989Wnk4= github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.6 h1:XJtiaUW6dEEqVuZiMTn1ldk455QWwEIsMIJlo5vtkx0= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7 h1:vU+EP9ZuFUCYE0NYLwTSob+3LNEJATzNfP/DC7SWGWI= +github.com/cyberphone/json-canonicalization v0.0.0-20220623050100-57a0ce2678a7/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= github.com/cyphar/filepath-securejoin v0.4.1 h1:JyxxyPEaktOD+GAnqIqTf9A8tHyAG22rowi7HkoSU1s= github.com/cyphar/filepath-securejoin v0.4.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI= +github.com/danieljoos/wincred v1.2.0 h1:ozqKHaLK0W/ii4KVbbvluM91W2H3Sh0BncbUNPS7jLE= +github.com/danieljoos/wincred v1.2.0/go.mod h1:FzQLLMKBFdvu+osBrnFODiv32YGwCfx0SkRa/eYHgec= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/digitorus/pkcs7 v0.0.0-20230713084857-e76b763bdc49/go.mod h1:SKVExuS+vpu2l9IoOc0RwqE7NYnb0JlcFHFnEJkVDzc= +github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 h1:ge14PCmCvPjpMQMIAH7uKg0lrtNSOdpYsRXlwk3QbaE= +github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352/go.mod h1:SKVExuS+vpu2l9IoOc0RwqE7NYnb0JlcFHFnEJkVDzc= +github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 h1:lxmTCgmHE1GUYL7P0MlNa00M67axePTq+9nBSGddR8I= +github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7/go.mod h1:GvWntX9qiTlOud0WkQ6ewFm0LPy5JUR1Xo0Ngbd1w6Y= github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5 h1:iFaUwBSo5Svw6L7HYpRu/0lE3e0BaElwnNO1qkNQxBY= github.com/dsnet/compress v0.0.2-0.20210315054119-f66993602bf5/go.mod h1:qssHWj60/X5sZFNxpG4HBPDHVqxNm4DfnCKgrbZOT+s= github.com/dsnet/golib v0.0.0-20171103203638-1ea166775780/go.mod h1:Lj+Z9rebOhdfkVLjJ8T6VcRQv3SXugXy999NBtR9aFY= @@ -59,16 +144,20 @@ github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= +github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/forPelevin/gomoji v1.3.0 h1:WPIOLWB1bvRYlKZnSSEevLt3IfKlLs+tK+YA9fFYlkE= github.com/forPelevin/gomoji v1.3.0/go.mod h1:mM6GtmCgpoQP2usDArc6GjbXrti5+FffolyQfGgPboQ= github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= -github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= -github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= +github.com/fsnotify/fsnotify v1.8.0 h1:dAwr6QBTBZIkG8roQaJjGof0pp0EeF+tNV7YBP3F/8M= +github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= github.com/gfleury/go-bitbucket-v1 v0.0.0-20230825095122-9bc1711434ab h1:+7KwW/yy/ThnRXW9khailFFncxJiiFpxyk5BI9GK9pI= github.com/gfleury/go-bitbucket-v1 v0.0.0-20230825095122-9bc1711434ab/go.mod h1:IqOZzks2wlWCIai0esXnZPdPwxF2yOz0HcCYw5I4pCg= github.com/gliderlabs/ssh v0.3.8 h1:a4YXD1V7xMF9g5nTkdfnja3Sxy1PVDCj1Zg4Wb8vY6c= github.com/gliderlabs/ssh v0.3.8/go.mod h1:xYoytBv1sV0aL3CavoDuJIQNURXkkfPA/wxQ1pL1fAU= +github.com/go-chi/chi v4.1.2+incompatible h1:fGFk2Gmi/YKXk0OmGfBh0WgmN3XB8lVnEyNz34tQRec= +github.com/go-chi/chi v4.1.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ= github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= github.com/go-git/go-billy/v5 v5.6.2 h1:6Q86EsPXMa7c3YZ3aLAQsMA0VlWmy43r6FHqa/UNbRM= @@ -77,28 +166,67 @@ github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMj github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII= github.com/go-git/go-git/v5 v5.14.0 h1:/MD3lCrGjCen5WfEAzKg00MJJffKhC8gzS80ycmCi60= github.com/go-git/go-git/v5 v5.14.0/go.mod h1:Z5Xhoia5PcWA3NF8vRLURn9E5FRhSl7dGj9ItW3Wk5k= +github.com/go-jose/go-jose/v4 v4.0.5 h1:M6T8+mKZl/+fNNuFHvGIzDz7BTLQPIounk/b9dw3AaE= +github.com/go-jose/go-jose/v4 v4.0.5/go.mod h1:s3P1lRrkT8igV8D9OjyL4WRyHvjB6a4JSllnOrmmBOA= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= +github.com/go-openapi/analysis v0.23.0 h1:aGday7OWupfMs+LbmLZG4k0MYXIANxcuBTYUC03zFCU= +github.com/go-openapi/analysis v0.23.0/go.mod h1:9mz9ZWaSlV8TvjQHLl2mUW2PbZtemkE8yA5v22ohupo= +github.com/go-openapi/errors v0.22.1 h1:kslMRRnK7NCb/CvR1q1VWuEQCEIsBGn5GgKD9e+HYhU= +github.com/go-openapi/errors v0.22.1/go.mod h1:+n/5UdIqdVnLIJ6Q9Se8HNGUXYaY6CN8ImWzfi/Gzp0= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= +github.com/go-openapi/loads v0.22.0 h1:ECPGd4jX1U6NApCGG1We+uEozOAvXvJSF4nnwHZ8Aco= +github.com/go-openapi/loads v0.22.0/go.mod h1:yLsaTCS92mnSAZX5WWoxszLj0u+Ojl+Zs5Stn1oF+rs= +github.com/go-openapi/runtime v0.28.0 h1:gpPPmWSNGo214l6n8hzdXYhPuJcGtziTOgUpvsFWGIQ= +github.com/go-openapi/runtime v0.28.0/go.mod h1:QN7OzcS+XuYmkQLw05akXk0jRH/eZ3kb18+1KwW9gyc= +github.com/go-openapi/spec v0.21.0 h1:LTVzPc3p/RzRnkQqLRndbAzjY0d0BCL72A6j3CdL9ZY= +github.com/go-openapi/spec v0.21.0/go.mod h1:78u6VdPw81XU44qEWGhtr982gJ5BWg2c0I5XwVMotYk= +github.com/go-openapi/strfmt v0.23.0 h1:nlUS6BCqcnAk0pyhi9Y+kdDVZdZMHfEKQiS4HaMgO/c= +github.com/go-openapi/strfmt v0.23.0/go.mod h1:NrtIpfKtWIygRkKVsxh7XQMDQW5HKQl6S5ik2elW+K4= +github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZU= +github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= +github.com/go-openapi/validate v0.24.0 h1:LdfDKwNbpB6Vn40xhTdNZAnfLECL81w+VX3BumrGD58= +github.com/go-openapi/validate v0.24.0/go.mod h1:iyeX1sEufmv3nPbBdX3ieNviWnOZaJ1+zquzJEf2BAQ= +github.com/go-sql-driver/mysql v1.9.1 h1:FrjNGn/BsJQjVRuSa8CBrM5BWA9BWoXXat3KrtSb/iI= +github.com/go-sql-driver/mysql v1.9.1/go.mod h1:qn46aNg1333BRMNU69Lq93t8du/dwxI64Gl8i5p1WMU= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-test/deep v1.1.1 h1:0r/53hagsehfO4bzD2Pgr/+RgHqhmf+k1Bpse2cTu1U= +github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= +github.com/go-viper/mapstructure/v2 v2.2.1 h1:ZAaOCxANMuZx5RCeg0mBdEZk7DZasvvZIxtHqx8aGss= +github.com/go-viper/mapstructure/v2 v2.2.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1 h1:FWNFq4fM1wPfcK40yHE5UO3RUdSNPaBC+j3PokzA6OQ= github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1/go.mod h1:5YoVOkjYAQumqlV356Hj3xeYh4BdZuLE0/nRkf2NKkI= +github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk= +github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-jwt/jwt/v4 v4.5.2 h1:YtQM7lnr8iZ+j5q71MGKkNw9Mn7AjHM68uc9g5fXeUI= github.com/golang-jwt/jwt/v4 v4.5.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= +github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8= +github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk= github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ= github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= +github.com/google/certificate-transparency-go v1.3.1 h1:akbcTfQg0iZlANZLn0L9xOeWtyCIdeoYhKrqi5iH3Go= +github.com/google/certificate-transparency-go v1.3.1/go.mod h1:gg+UQlx6caKEDQ9EElFOujyxEQEfOiQzAt6782Bvi8k= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= +github.com/google/go-containerregistry v0.20.3 h1:oNx7IdTI936V8CQRveCjaxOiegWwvM7kqkbXTpyiovI= +github.com/google/go-containerregistry v0.20.3/go.mod h1:w00pIgBRDVUDFM6bq+Qx8lwNWK+cxgCuX1vd3PIBDNI= github.com/google/go-github/v56 v56.0.0 h1:TysL7dMa/r7wsQi44BjqlwaHvwlFlqkK8CtBWCX3gb4= github.com/google/go-github/v56 v56.0.0/go.mod h1:D8cdcX98YWJvi7TLo7zM4/h8ZTx6u6fwGEkCdisopo0= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= @@ -106,29 +234,76 @@ github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20211214055906-6f57359322fd h1:1FjCyPC+syAzJ5/2S8fqdZK1R22vvA0J7JZKcuOIQ7Y= -github.com/google/pprof v0.0.0-20211214055906-6f57359322fd/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg= +github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 h1:FKHo8hFI3A+7w0aUQuYXQ+6EN5stWmeY/AZqtM8xk9k= +github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= +github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0= +github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0dXayM= +github.com/google/trillian v1.7.1 h1:+zX8jLM3524bAMPS+VxaDIDgsMv3/ty6DuLWerHXcek= +github.com/google/trillian v1.7.1/go.mod h1:E1UMAHqpZCA8AQdrKdWmHmtUfSeiD0sDWD1cv00Xa+c= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/enterprise-certificate-proxy v0.3.6 h1:GW/XbdyBFQ8Qe+YAmFU9uHLo7OnF5tL52HFAgMmyrf4= +github.com/googleapis/enterprise-certificate-proxy v0.3.6/go.mod h1:MkHOF77EYAE7qfSuSS9PU6g4Nt4e11cnsDUowfwewLA= +github.com/googleapis/gax-go/v2 v2.14.1 h1:hb0FFeiPaQskmvakKu5EbCbpntQn48jyHuvrkurSS/Q= +github.com/googleapis/gax-go/v2 v2.14.1/go.mod h1:Hb/NubMaVM88SrNkvl8X/o8XWwDJEPqouaLeN2IUxoA= github.com/gookit/color v1.5.4 h1:FZmqs7XOyGgCAxmWyPslpiok1k05wmY3SJTytgvYFs0= github.com/gookit/color v1.5.4/go.mod h1:pZJOeOS8DM43rXbp4AZo1n9zCU2qjpcRko0b6/QJi9w= github.com/grokify/mogo v0.64.12 h1:BNrZ1qBFuX4qu5722CW6qtqu/mrrsZ3bhKu/w1KowKg= github.com/grokify/mogo v0.64.12/go.mod h1:lDhfYIiOhJo7C2U3aL00PlUU9gLvmTONi4MdIWoGmGM= +github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= +github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= github.com/hashicorp/go-hclog v1.6.3 h1:Qr2kF+eVWjTiYmU7Y31tYlP1h0q/X3Nl3tPGdaB11/k= github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= +github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= +github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-retryablehttp v0.7.7 h1:C8hUCYzor8PIfXHa4UrZkU4VvK8o9ISHxT2Q8+VepXU= github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= +github.com/hashicorp/go-rootcerts v1.0.2 h1:jzhAVGtqPKbwpyCPELlgNWhE1znq+qwJtW5Oi2viEzc= +github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= +github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 h1:UpiO20jno/eV1eVZcxqWnUohyKRe1g8FPV/xH1s/2qs= +github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= +github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= +github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= +github.com/hashicorp/go-sockaddr v1.0.2 h1:ztczhD1jLxIRjVejw8gFomI1BQZOe2WoVOu0SyteCQc= +github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A= +github.com/hashicorp/golang-lru v1.0.2 h1:dV3g9Z/unq5DpblPpw+Oqcv4dU/1omnb4Ok8iPY6p1c= +github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k= +github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/hashicorp/vault/api v1.16.0 h1:nbEYGJiAPGzT9U4oWgaaB0g+Rj8E59QuHKyA5LhwQN4= +github.com/hashicorp/vault/api v1.16.0/go.mod h1:KhuUhzOD8lDSk29AtzNjgAu2kxRA9jL9NAbkFlqvkBA= +github.com/howeyc/gopass v0.0.0-20210920133722-c8aef6fb66ef h1:A9HsByNhogrvm9cWb28sjiS3i7tcKCkflWFEkHfuAgM= +github.com/howeyc/gopass v0.0.0-20210920133722-c8aef6fb66ef/go.mod h1:lADxMC39cJJqL93Duh1xhAs4I2Zs8mKS89XWXFGp9cs= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= +github.com/in-toto/attestation v1.1.1 h1:QD3d+oATQ0dFsWoNh5oT0udQ3tUrOsZZ0Fc3tSgWbzI= +github.com/in-toto/attestation v1.1.1/go.mod h1:Dcq1zVwA2V7Qin8I7rgOi+i837wEf/mOZwRm047Sjys= +github.com/in-toto/in-toto-golang v0.9.0 h1:tHny7ac4KgtsfrG6ybU8gVOZux2H8jN05AXJ9EBM1XU= +github.com/in-toto/in-toto-golang v0.9.0/go.mod h1:xsBVrVsHNsB61++S6Dy2vWosKhuA3lUTQd+eF9HdeMo= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/jackc/pgerrcode v0.0.0-20240316143900-6e2875d9b438 h1:Dj0L5fhJ9F82ZJyVOmBx6msDp/kfd1t9GRfny/mfJA0= +github.com/jackc/pgerrcode v0.0.0-20240316143900-6e2875d9b438/go.mod h1:a/s9Lp5W7n/DD0VrVoyJ00FbP2ytTPDVOivvn2bMlds= +github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM= +github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= +github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo= +github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM= +github.com/jackc/pgx/v5 v5.7.2 h1:mLoDLV6sonKlvjIEsV56SkWNCnuNv531l94GaIzO+XI= +github.com/jackc/pgx/v5 v5.7.2/go.mod h1:ncY89UGWxg82EykZUwSpUKEfccBGGYq1xjrOpsbsfGQ= +github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo= +github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= github.com/jedib0t/go-pretty/v6 v6.6.5 h1:9PgMJOVBedpgYLI56jQRJYqngxYAAzfEUua+3NgSqAo= github.com/jedib0t/go-pretty/v6 v6.6.5/go.mod h1:Uq/HrbhuFty5WSVNfjpQQe47x16RwVGXIveNGEyGtHs= +github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b h1:ZGiXF8sz7PDk6RgkP+A/SFfUD0ZR/AgG6SpRNEDKZy8= +github.com/jedisct1/go-minisign v0.0.0-20211028175153-1c139d1cc84b/go.mod h1:hQmNrgofl+IY/8L+n20H6E6PWBBTokdsv+q49j0QhsU= +github.com/jellydator/ttlcache/v3 v3.3.0 h1:BdoC9cE81qXfrxeb9eoJi9dWrdhSuwXMAnHTbnBm4Wc= +github.com/jellydator/ttlcache/v3 v3.3.0/go.mod h1:bj2/e0l4jRnQdrnSTaGTsh4GSXvMjQcy41i7th0GVGw= github.com/jfrog/archiver/v3 v3.6.1 h1:LOxnkw9pOn45DzCbZNFV6K0+6dCsQ0L8mR3ZcujO5eI= github.com/jfrog/archiver/v3 v3.6.1/go.mod h1:VgR+3WZS4N+i9FaDwLZbq+jeU4B4zctXL+gL4EMzfLw= github.com/jfrog/build-info-go v1.10.14 h1:PWnw+rBwiQTHZ5q+84+E8MHFjtAQkB3+Oc2sKwBSSGE= @@ -141,6 +316,12 @@ github.com/jfrog/jfrog-cli-core/v2 v2.59.2-0.20250709124419-1e5e14be13da h1:uDMQ github.com/jfrog/jfrog-cli-core/v2 v2.59.2-0.20250709124419-1e5e14be13da/go.mod h1:pcAx7PFOLiw82c6fBDJw3BfIfUQdoHsxWd5u/XH9XEM= github.com/jfrog/jfrog-client-go v1.28.1-0.20250715065402-dc14f9e5e0c3 h1:JQlErVjnsfENbPcBWDfp3EJscDnlQ+yJUMuNC7pbR7M= github.com/jfrog/jfrog-client-go v1.28.1-0.20250715065402-dc14f9e5e0c3/go.mod h1:1v0eih4thdPA4clBo9TuvAMT25sGDr1IQJ81DXQ/lBY= +github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24 h1:liMMTbpW34dhU4az1GN0pTPADwNmvoRSeoZ6PItiqnY= +github.com/jmespath/go-jmespath v0.4.1-0.20220621161143-b0104c826a24/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= +github.com/jmhodges/clock v1.2.0 h1:eq4kys+NI0PLngzaHEe7AmPT90XMGIEySD1JfV1PDIs= +github.com/jmhodges/clock v1.2.0/go.mod h1:qKjhA7x7u/lQpPB1XAqX1b1lCI/w3/fNuYpI/ZjLynI= +github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k= @@ -168,8 +349,14 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/ktrysmt/go-bitbucket v0.9.80 h1:S+vZTXKx/VG5yCaX4I3Bmwo8lxWr4ifvuHdTboHTMMc= github.com/ktrysmt/go-bitbucket v0.9.80/go.mod h1:b8ogWEGxQMWoeFnT1ZE4aHIPGindI+9z/zAW/OVFjk0= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/letsencrypt/boulder v0.0.0-20240620165639-de9c06129bec h1:2tTW6cDth2TSgRbAhD7yjZzTQmcN25sDRPEeinR51yQ= +github.com/letsencrypt/boulder v0.0.0-20240620165639-de9c06129bec/go.mod h1:TmwEoGCwIti7BCeJ9hescZgRtatxRE+A72pCoPfmcfk= github.com/magiconair/properties v1.8.9 h1:nWcCbLq1N2v/cpNsy5WvQ37Fb+YElfq20WJ/a8RkpQM= github.com/magiconair/properties v1.8.9/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= +github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= +github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA= github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= @@ -193,6 +380,8 @@ github.com/microsoft/azure-devops-go-api/azuredevops/v7 v7.1.0 h1:mmJCWLe63Qvybx github.com/microsoft/azure-devops-go-api/azuredevops/v7 v7.1.0/go.mod h1:mDunUZ1IUJdJIRHvFb+LPBUtxe3AYB5MI6BMXNg8194= github.com/minio/sha256-simd v1.0.1 h1:6kaan5IFmwTNynnKKpDHe6FWHohJOHhCPchzK49dzMM= github.com/minio/sha256-simd v1.0.1/go.mod h1:Pz6AKMiUdngCLpeTL/RJY1M9rUuPMYujV5xJjtbRSN8= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= @@ -201,14 +390,22 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/nwaples/rardecode v1.1.3 h1:cWCaZwfM5H7nAD6PyEdcVnczzV8i/JtotnyW/dD9lEc= github.com/nwaples/rardecode v1.1.3/go.mod h1:5DzqNKiOdpKKBH87u8VlvAnPZMXcGRhxWkRpHbbfGS0= +github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= +github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/onsi/ginkgo/v2 v2.14.0 h1:vSmGj2Z5YPb9JwCWT6z6ihcUvDhuXLc3sJiqd3jMKAY= github.com/onsi/ginkgo/v2 v2.14.0/go.mod h1:JkUdW7JkN0V6rFvsHcJ478egV3XH9NxpD27Hal/PhZw= github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8= github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc= -github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM= -github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs= +github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= +github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= +github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= +github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= +github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M= +github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc= github.com/pierrec/lz4/v4 v4.1.22 h1:cKFw6uJDK+/gfw5BcDL0JL5aBsAFdsIT18eRtLj7VIU= github.com/pierrec/lz4/v4 v4.1.22/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= github.com/pjbgf/sha1cd v0.3.2 h1:a9wb0bp1oC2TGwStyn0Umc/IGKQnEgF0vVaZ8QF8eo4= @@ -223,6 +420,14 @@ github.com/pkg/term v1.1.0/go.mod h1:E25nymQcrSllhX42Ok8MRm1+hyBdHY0dCeiKZ9jpNGw github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.22.0 h1:rb93p9lokFEsctTys46VnV1kLCDpVZ0a/Y92Vm0Zc6Q= +github.com/prometheus/client_golang v1.22.0/go.mod h1:R7ljNsLXhuQXYZYtw6GAE9AZg8Y7vEW5scdCXrWRXC0= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io= +github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= @@ -232,27 +437,53 @@ github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0t github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ= -github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4= -github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE= -github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ= -github.com/secure-systems-lab/go-securesystemslib v0.8.0 h1:mr5An6X45Kb2nddcFlbmfHkLguCE9laoZCUzEEpIZXA= -github.com/secure-systems-lab/go-securesystemslib v0.8.0/go.mod h1:UH2VZVuJfCYR8WgMlCU1uFsOUU+KeyrTWcSS73NBOzU= +github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= +github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= +github.com/sagikazarmark/locafero v0.7.0 h1:5MqpDsTGNDhY8sGp0Aowyf0qKsPrhewaLSsFaodPcyo= +github.com/sagikazarmark/locafero v0.7.0/go.mod h1:2za3Cg5rMaTMoG/2Ulr9AwtFaIppKXTRYnozin4aB5k= +github.com/sassoftware/relic v7.2.1+incompatible h1:Pwyh1F3I0r4clFJXkSI8bOyJINGqpgjJU3DYAZeI05A= +github.com/sassoftware/relic v7.2.1+incompatible/go.mod h1:CWfAxv73/iLZ17rbyhIEq3K9hs5w6FpNMdUT//qR+zk= +github.com/sassoftware/relic/v7 v7.6.2 h1:rS44Lbv9G9eXsukknS4mSjIAuuX+lMq/FnStgmZlUv4= +github.com/sassoftware/relic/v7 v7.6.2/go.mod h1:kjmP0IBVkJZ6gXeAu35/KCEfca//+PKM6vTAsyDPY+k= +github.com/secure-systems-lab/go-securesystemslib v0.9.0 h1:rf1HIbL64nUpEIZnjLZ3mcNEL9NBPB0iuVjyxvq3LZc= +github.com/secure-systems-lab/go-securesystemslib v0.9.0/go.mod h1:DVHKMcZ+V4/woA/peqr+L0joiRXbPpQ042GgJckkFgw= github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8= github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4= +github.com/shibumi/go-pathspec v1.3.0 h1:QUyMZhFo0Md5B8zV8x2tesohbb5kfbpTi9rBnKh5dkI= +github.com/shibumi/go-pathspec v1.3.0/go.mod h1:Xutfslp817l2I1cZvgcfeMQJG5QnU2lh5tVaaMCl3jE= +github.com/sigstore/protobuf-specs v0.5.0 h1:F8YTI65xOHw70NrvPwJ5PhAzsvTnuJMGLkA4FIkofAY= +github.com/sigstore/protobuf-specs v0.5.0/go.mod h1:+gXR+38nIa2oEupqDdzg4qSBT0Os+sP7oYv6alWewWc= +github.com/sigstore/rekor v1.3.10 h1:/mSvRo4MZ/59ECIlARhyykAlQlkmeAQpvBPlmJtZOCU= +github.com/sigstore/rekor v1.3.10/go.mod h1:JvryKJ40O0XA48MdzYUPu0y4fyvqt0C4iSY7ri9iu3A= +github.com/sigstore/sigstore v1.9.4 h1:64+OGed80+A4mRlNzRd055vFcgBeDghjZw24rPLZgDU= +github.com/sigstore/sigstore v1.9.4/go.mod h1:Q7tGTC3gbtK7c3jcxEmGc2MmK4rRpIRzi3bxRFWKvEY= +github.com/sigstore/sigstore-go v1.0.0 h1:4N07S2zLxf09nTRwaPKyAxbKzpM8WJYUS8lWWaYxneU= +github.com/sigstore/sigstore-go v1.0.0/go.mod h1:UYsZ/XHE4eltv1o1Lu+n6poW1Z5to3f0+emvfXNxIN8= +github.com/sigstore/sigstore/pkg/signature/kms/aws v1.9.4 h1:kQqUJ1VuWdJltMkinFXAHTlJrzMRPoNgL+dy6WyJ/dA= +github.com/sigstore/sigstore/pkg/signature/kms/aws v1.9.4/go.mod h1:9miLz7c69vj/7VH7UpCKHDia41HCTIDJWJWf4Ex5yUk= +github.com/sigstore/sigstore/pkg/signature/kms/azure v1.9.4 h1:MHRm7YQuF4zFyoXRLgUdLaNxqVO6JlLGnkDUI9fm9ow= +github.com/sigstore/sigstore/pkg/signature/kms/azure v1.9.4/go.mod h1:899VNYSSnQ0QtcuhkW0gznzxn0cqhowTL3nzc/xnym8= +github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.9.4 h1:C2nSyTmTxpuamUmLCWWZwz+0Y1IQIig9XwAJ4UAn/SI= +github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.9.4/go.mod h1:vjDahU0sEw/WMkKkygZNH72EMg86iaFNLAaJFXhItXU= +github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.9.4 h1:t9yfb6yteIDv8CNRT6OHdqgTV6TSj+CdOtZP9dVhpsQ= +github.com/sigstore/sigstore/pkg/signature/kms/hashivault v1.9.4/go.mod h1:m7sQxVJmDa+rsmS1m6biQxaLX83pzNS7ThUEyjOqkCU= +github.com/sigstore/timestamp-authority v1.2.7 h1:HP/VT4wnL4uzP0fVo3eHXlt0reuNgW3PLt78+BV0I5I= +github.com/sigstore/timestamp-authority v1.2.7/go.mod h1:te4ThQ3Q/CX1bzVsf5mMN0K7Z/cgc2OcoEGxAJiFqqI= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/skeema/knownhosts v1.3.1 h1:X2osQ+RAjK76shCbvhHHHVl3ZlgDm8apHEHFqRjnBY8= github.com/skeema/knownhosts v1.3.1/go.mod h1:r7KTdC8l4uxWRyK2TpQZ/1o5HaSzh06ePQNxPwTcfiY= github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo= github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= -github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= -github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= -github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= -github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.19.0 h1:RWq5SEjt8o25SROyN3z2OrDB9l7RPd3lwTWU8EcEdcI= -github.com/spf13/viper v1.19.0/go.mod h1:GQUN9bilAbhU/jgc1bKs99f/suXKeUMct8Adx5+Ntkg= +github.com/spf13/afero v1.12.0 h1:UcOPyRBYczmFn6yvphxkn9ZEOY65cpwGKb5mL36mrqs= +github.com/spf13/afero v1.12.0/go.mod h1:ZTlWwG4/ahT8W7T0WQ5uYmjI9duaLQGy3Q2OAl4sk/4= +github.com/spf13/cast v1.7.1 h1:cuNEagBQEHWN1FnbGEjCXL2szYEXqfJPbP2HNUaca9Y= +github.com/spf13/cast v1.7.1/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= +github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo= +github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0= +github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= +github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/viper v1.20.1 h1:ZMi+z/lvLyPSCoNtFCpqjy0S4kPbirhpTMwl8BkW9X4= +github.com/spf13/viper v1.20.1/go.mod h1:P9Mdzt1zoHIG8m2eZQinpiBjo6kCmZSKBClNNqjJvu4= github.com/stoewer/go-strcase v1.3.0 h1:g0eASXYtp+yvN9fK8sH94oCIk0fau9uV1/ZdJ0AVEzs= github.com/stoewer/go-strcase v1.3.0/go.mod h1:fAH5hQ5pehh+j3nZfvwdk2RgEgQjAoM8wodgtPmh1xo= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -274,6 +505,22 @@ github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8 github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/terminalstatic/go-xsd-validate v0.1.6 h1:TenYeQ3eY631qNi1/cTmLH/s2slHPRKTTHT+XSHkepo= github.com/terminalstatic/go-xsd-validate v0.1.6/go.mod h1:18lsvYFofBflqCrvo1umpABZ99+GneNTw2kEEc8UPJw= +github.com/theupdateframework/go-tuf v0.7.0 h1:CqbQFrWo1ae3/I0UCblSbczevCCbS31Qvs5LdxRWqRI= +github.com/theupdateframework/go-tuf v0.7.0/go.mod h1:uEB7WSY+7ZIugK6R1hiBMBjQftaFzn7ZCDJcp1tCUug= +github.com/theupdateframework/go-tuf/v2 v2.1.1 h1:OWcoHItwsGO+7m0wLa7FDWPR4oB1cj0zOr1kosE4G+I= +github.com/theupdateframework/go-tuf/v2 v2.1.1/go.mod h1:V675cQGhZONR0OGQ8r1feO0uwtsTBYPDWHzAAPn5rjE= +github.com/tink-crypto/tink-go-awskms/v2 v2.1.0 h1:N9UxlsOzu5mttdjhxkDLbzwtEecuXmlxZVo/ds7JKJI= +github.com/tink-crypto/tink-go-awskms/v2 v2.1.0/go.mod h1:PxSp9GlOkKL9rlybW804uspnHuO9nbD98V/fDX4uSis= +github.com/tink-crypto/tink-go-gcpkms/v2 v2.2.0 h1:3B9i6XBXNTRspfkTC0asN5W0K6GhOSgcujNiECNRNb0= +github.com/tink-crypto/tink-go-gcpkms/v2 v2.2.0/go.mod h1:jY5YN2BqD/KSCHM9SqZPIpJNG/u3zwfLXHgws4x2IRw= +github.com/tink-crypto/tink-go-hcvault/v2 v2.3.0 h1:6nAX1aRGnkg2SEUMwO5toB2tQkP0Jd6cbmZ/K5Le1V0= +github.com/tink-crypto/tink-go-hcvault/v2 v2.3.0/go.mod h1:HOC5NWW1wBI2Vke1FGcRBvDATkEYE7AUDiYbXqi2sBw= +github.com/tink-crypto/tink-go/v2 v2.4.0 h1:8VPZeZI4EeZ8P/vB6SIkhlStrJfivTJn+cQ4dtyHNh0= +github.com/tink-crypto/tink-go/v2 v2.4.0/go.mod h1:l//evrF2Y3MjdbpNDNGnKgCpo5zSmvUvnQ4MU+yE2sw= +github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 h1:e/5i7d4oYZ+C1wj2THlRK+oAhjeS/TRQwMfkIuet3w0= +github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399/go.mod h1:LdwHTNJT99C5fTAzDz0ud328OgXz+gierycbcIx2fRs= +github.com/transparency-dev/merkle v0.0.2 h1:Q9nBoQcZcgPamMkGn7ghV8XiTZ/kRxn1yCG81+twTK4= +github.com/transparency-dev/merkle v0.0.2/go.mod h1:pqSy+OXefQ1EDUVmAJ8MUhHB9TXGuzVAT58PqBoHz1A= github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc= github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= @@ -300,6 +547,26 @@ github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3i github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +github.com/zalando/go-keyring v0.2.3 h1:v9CUu9phlABObO4LPWycf+zwMG7nlbb3t/B5wa97yms= +github.com/zalando/go-keyring v0.2.3/go.mod h1:HL4k+OXQfJUWaMnqyuSOc0drfGPX2b51Du6K+MRgZMk= +go.mongodb.org/mongo-driver v1.14.0 h1:P98w8egYRjYe3XDjxhYJagTokP/H6HzlsnojRgZRd80= +go.mongodb.org/mongo-driver v1.14.0/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c= +go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= +go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0 h1:x7wzEgXfnzJcHDwStJT+mxOz4etr2EcexjqhBvmoakw= +go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.60.0/go.mod h1:rg+RlpR5dKwaS95IyyZqj5Wd4E13lk/msnTS0Xl9lJM= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 h1:sbiXRNDSWJOTobXh5HyQKjq6wUC5tNybqjIqDpAY4CU= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0/go.mod h1:69uWxva0WgAA/4bu2Yy70SLDBwZXuQ6PbBpbsa5iZrQ= +go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ= +go.opentelemetry.io/otel v1.35.0/go.mod h1:UEqy8Zp11hpkUrL73gSlELM0DupHoiq72dR+Zqel/+Y= +go.opentelemetry.io/otel/metric v1.35.0 h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M= +go.opentelemetry.io/otel/metric v1.35.0/go.mod h1:nKVFgxBZ2fReX6IlyW28MgZojkoAkJGaE8CpgeAU3oE= +go.opentelemetry.io/otel/sdk v1.34.0 h1:95zS4k/2GOy069d321O8jWgYsW3MzVV+KuSPKp7Wr1A= +go.opentelemetry.io/otel/sdk v1.34.0/go.mod h1:0e/pNiaMAqaykJGKbi+tSjWfNNHMTxoC9qANsCzbyxU= +go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs= +go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc= +go.step.sm/crypto v0.63.0 h1:U1QGELQqJ85oDfeNFE2V52cow1rvy0m3MekG3wFmyXY= +go.step.sm/crypto v0.63.0/go.mod h1:aj3LETmCZeSil1DMq3BlbhDBcN86+mmKrHZtXWyc0L4= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU= @@ -315,8 +582,8 @@ golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= -golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34= -golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc= +golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8= +golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw= golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 h1:nDVHiLt8aIbd/VzvPWN6kSOPE7+F/fNFDSXLVYkE/Iw= golang.org/x/exp v0.0.0-20250305212735-054e65f0b394/go.mod h1:sIifuuw/Yco/y6yb6+bDNfyeQ/MdPUy/hKEMYQV17cM= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -339,20 +606,20 @@ golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= -golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8= -golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= +golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY= +golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.20.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= -golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs= -golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.29.0 h1:WdYw2tdTK1S8olAzWHdgeqfy+Mtm9XNhv/xJsY65d98= +golang.org/x/oauth2 v0.29.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw= -golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= +golang.org/x/sync v0.14.0 h1:woo0S4Yywslg6hp4eUFjTVOyKt0RookbpAHG4c1HmhQ= +golang.org/x/sync v0.14.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -380,16 +647,16 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik= -golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= +golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw= +golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= -golang.org/x/term v0.30.0 h1:PQ39fJZ+mfadBm0y5WlL4vlM7Sx1Hgf13sMIY2+QS9Y= -golang.org/x/term v0.30.0/go.mod h1:NYYFdzHoI5wRh/h5tDMdMqCqPJZEuNqVR5xJLd/n67g= +golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg= +golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -397,10 +664,10 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY= -golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= -golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ= -golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/text v0.25.0 h1:qVyWApTSYLk/drJRO5mDlNYskwQznZmkpV2c8q9zls4= +golang.org/x/text v0.25.0/go.mod h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA= +golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0= +golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= @@ -413,7 +680,19 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/api v0.230.0 h1:2u1hni3E+UXAXrONrrkfWpi/V6cyKVAbfGVeGtC3OxM= +google.golang.org/api v0.230.0/go.mod h1:aqvtoMk7YkiXx+6U12arQFExiRV9D/ekvMCwCd/TksQ= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb h1:ITgPrl429bc6+2ZraNSzMDk3I95nmQln2fuPstKwFDE= +google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb/go.mod h1:sAo5UzpjUwgFBCzupwhcLcxHVDK7vG5IqI30YnwX2eE= +google.golang.org/genproto/googleapis/api v0.0.0-20250414145226-207652e42e2e h1:UdXH7Kzbj+Vzastr5nVfccbmFsmYNygVLSPk1pEfDoY= +google.golang.org/genproto/googleapis/api v0.0.0-20250414145226-207652e42e2e/go.mod h1:085qFyf2+XaZlRdCgKNCIZ3afY2p4HHZdoIRpId8F4A= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e h1:ztQaXfzEXTmCBvbtWYRhJxW+0iJcz2qXfd38/e9l7bA= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A= +google.golang.org/grpc v1.72.0 h1:S7UkcVa60b5AAQTaO6ZKamFp1zMZSU0fGDK2WZLbBnM= +google.golang.org/grpc v1.72.0/go.mod h1:wH5Aktxcg25y1I3w7H69nHfXdOG3UiadoBtjh3izSDM= +google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= +google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= @@ -449,3 +728,5 @@ sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+s sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= +software.sslmate.com/src/go-pkcs12 v0.4.0 h1:H2g08FrTvSFKUj+D309j1DPfk5APnIdAQAB8aEykJ5k= +software.sslmate.com/src/go-pkcs12 v0.4.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI=