diff --git a/go.mod b/go.mod index 5e7132d0..a14b55a7 100644 --- a/go.mod +++ b/go.mod @@ -12,9 +12,9 @@ require ( k8s.io/api v0.34.3 k8s.io/apimachinery v0.34.3 k8s.io/client-go v0.34.3 - knative.dev/hack v0.0.0-20260120115810-bf6758cba446 - knative.dev/operator v0.48.0 - knative.dev/pkg v0.0.0-20260120122510-4a022ed9999a + knative.dev/hack v0.0.0-20260420222011-c985ed3cefe8 + knative.dev/operator v0.48.2 + knative.dev/pkg v0.0.0-20260531000707-c085a76e54cc ) require ( @@ -62,7 +62,7 @@ require ( go.yaml.in/yaml/v2 v2.4.3 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect golang.org/x/net v0.49.0 // indirect - golang.org/x/oauth2 v0.32.0 // indirect + golang.org/x/oauth2 v0.34.0 // indirect golang.org/x/sys v0.40.0 // indirect golang.org/x/term v0.39.0 // indirect golang.org/x/text v0.33.0 // indirect diff --git a/go.sum b/go.sum index ca6f1d2d..2a06497c 100644 --- a/go.sum +++ b/go.sum @@ -835,8 +835,8 @@ golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I= golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4= -golang.org/x/oauth2 v0.32.0 h1:jsCblLleRMDrxMN29H3z/k1KliIvpLgCkE6R8FXXNgY= -golang.org/x/oauth2 v0.32.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= +golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw= +golang.org/x/oauth2 v0.34.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1306,12 +1306,12 @@ k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8 k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= knative.dev/caching v0.0.0-20260120130310-f1fc03b7f5ee h1:PQeck4SikqOc1i/VS1I4EV1vXM5xCuiZvGXLnPTpffQ= knative.dev/caching v0.0.0-20260120130310-f1fc03b7f5ee/go.mod h1:zvYGzvJrjoLGJ3NHV/J6KIiJsvK8vm32V/xpTB/FLwc= -knative.dev/hack v0.0.0-20260120115810-bf6758cba446 h1:Y8raYHIuAL9/gUKGYD9/dD+EqUTmrpqVDowzfUVSlGs= -knative.dev/hack v0.0.0-20260120115810-bf6758cba446/go.mod h1:L5RzHgbvam0u8QFHfzCX6MKxu/a/gIGEdaRBqNiVbl0= -knative.dev/operator v0.48.0 h1:vtLAICKxB3I46fDdQUe+F0zZDKTMP702ivlkEWQU8mo= -knative.dev/operator v0.48.0/go.mod h1:WuBTs1FE7xFrG9gur2kJWJ5jh/rOoiXFk4vBq0GWPgg= -knative.dev/pkg v0.0.0-20260120122510-4a022ed9999a h1:9f29OTA7w/iVIX6PS6yveVVzNbcUS74eQfchVe8o2/4= -knative.dev/pkg v0.0.0-20260120122510-4a022ed9999a/go.mod h1:Tz3GoxcNC5vH3Zo//cW3mnHL474u+Y1wbsUIZ11p8No= +knative.dev/hack v0.0.0-20260420222011-c985ed3cefe8 h1:IrUBuFRxzqUm+f//hY6XGPzXozcoXD/dSsqcid84/Eg= +knative.dev/hack v0.0.0-20260420222011-c985ed3cefe8/go.mod h1:L5RzHgbvam0u8QFHfzCX6MKxu/a/gIGEdaRBqNiVbl0= +knative.dev/operator v0.48.2 h1:WfSxgCLiMIdBE9XYp0fL1dIR5kyJnw4O2h8MeL3CQos= +knative.dev/operator v0.48.2/go.mod h1:v0Pr4vRl9u7DU9y9ox7kuTFj8ESezimq3+QUKGY/j6w= +knative.dev/pkg v0.0.0-20260531000707-c085a76e54cc h1:cwemQFdQtoXRgsb7mfuV0IB+CYVY2mXQhizqKXCbrr0= +knative.dev/pkg v0.0.0-20260531000707-c085a76e54cc/go.mod h1:MO0fpS2gSc+yVOKvJiaLYoXVC/ZrK0BT2qopLjXK5rE= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/vendor/golang.org/x/oauth2/deviceauth.go b/vendor/golang.org/x/oauth2/deviceauth.go index e99c92f3..e783a943 100644 --- a/vendor/golang.org/x/oauth2/deviceauth.go +++ b/vendor/golang.org/x/oauth2/deviceauth.go @@ -6,6 +6,7 @@ import ( "errors" "fmt" "io" + "mime" "net/http" "net/url" "strings" @@ -116,10 +117,38 @@ func retrieveDeviceAuth(ctx context.Context, c *Config, v url.Values) (*DeviceAu return nil, fmt.Errorf("oauth2: cannot auth device: %v", err) } if code := r.StatusCode; code < 200 || code > 299 { - return nil, &RetrieveError{ + retrieveError := &RetrieveError{ Response: r, Body: body, } + + content, _, _ := mime.ParseMediaType(r.Header.Get("Content-Type")) + switch content { + case "application/x-www-form-urlencoded", "text/plain": + // some endpoints return a query string + vals, err := url.ParseQuery(string(body)) + if err != nil { + return nil, retrieveError + } + retrieveError.ErrorCode = vals.Get("error") + retrieveError.ErrorDescription = vals.Get("error_description") + retrieveError.ErrorURI = vals.Get("error_uri") + default: + var tj struct { + // https://datatracker.ietf.org/doc/html/rfc6749#section-5.2 + ErrorCode string `json:"error"` + ErrorDescription string `json:"error_description"` + ErrorURI string `json:"error_uri"` + } + if json.Unmarshal(body, &tj) != nil { + return nil, retrieveError + } + retrieveError.ErrorCode = tj.ErrorCode + retrieveError.ErrorDescription = tj.ErrorDescription + retrieveError.ErrorURI = tj.ErrorURI + } + + return nil, retrieveError } da := &DeviceAuthResponse{} diff --git a/vendor/golang.org/x/oauth2/oauth2.go b/vendor/golang.org/x/oauth2/oauth2.go index 3e3b6306..5c527d31 100644 --- a/vendor/golang.org/x/oauth2/oauth2.go +++ b/vendor/golang.org/x/oauth2/oauth2.go @@ -98,7 +98,7 @@ const ( // in the POST body as application/x-www-form-urlencoded parameters. AuthStyleInParams AuthStyle = 1 - // AuthStyleInHeader sends the client_id and client_password + // AuthStyleInHeader sends the client_id and client_secret // using HTTP Basic Authorization. This is an optional style // described in the OAuth2 RFC 6749 section 2.3.1. AuthStyleInHeader AuthStyle = 2 diff --git a/vendor/golang.org/x/oauth2/pkce.go b/vendor/golang.org/x/oauth2/pkce.go index cea8374d..f99384f0 100644 --- a/vendor/golang.org/x/oauth2/pkce.go +++ b/vendor/golang.org/x/oauth2/pkce.go @@ -51,7 +51,7 @@ func S256ChallengeFromVerifier(verifier string) string { return base64.RawURLEncoding.EncodeToString(sha[:]) } -// S256ChallengeOption derives a PKCE code challenge derived from verifier with +// S256ChallengeOption derives a PKCE code challenge from the verifier with // method S256. It should be passed to [Config.AuthCodeURL] or [Config.DeviceAuth] // only. func S256ChallengeOption(verifier string) AuthCodeOption { diff --git a/vendor/golang.org/x/oauth2/token.go b/vendor/golang.org/x/oauth2/token.go index 239ec329..e995eebb 100644 --- a/vendor/golang.org/x/oauth2/token.go +++ b/vendor/golang.org/x/oauth2/token.go @@ -103,7 +103,7 @@ func (t *Token) WithExtra(extra any) *Token { } // Extra returns an extra field. -// Extra fields are key-value pairs returned by the server as a +// Extra fields are key-value pairs returned by the server as // part of the token retrieval response. func (t *Token) Extra(key string) any { if raw, ok := t.raw.(map[string]any); ok { diff --git a/vendor/golang.org/x/oauth2/transport.go b/vendor/golang.org/x/oauth2/transport.go index 8bbebbac..9922ec33 100644 --- a/vendor/golang.org/x/oauth2/transport.go +++ b/vendor/golang.org/x/oauth2/transport.go @@ -58,7 +58,7 @@ func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error) { var cancelOnce sync.Once // CancelRequest does nothing. It used to be a legacy cancellation mechanism -// but now only it only logs on first use to warn that it's deprecated. +// but now only logs on first use to warn that it's deprecated. // // Deprecated: use contexts for cancellation instead. func (t *Transport) CancelRequest(req *http.Request) { diff --git a/vendor/knative.dev/hack/library.sh b/vendor/knative.dev/hack/library.sh index 447484b6..c0a536f8 100644 --- a/vendor/knative.dev/hack/library.sh +++ b/vendor/knative.dev/hack/library.sh @@ -35,6 +35,13 @@ if [[ ! -v GOPATH ]]; then fi fi +# Pinned tool versions +readonly GUM_VERSION="v0.14.1" +readonly GOTESTSUM_VERSION="v1.13.0" +readonly GOTESTFMT_VERSION="v2.5.0" +readonly TERMINAL_TO_HTML_VERSION="v3.10.0" +readonly GO_LICENSES_VERSION="v2.0.1" + # Useful environment variables [[ -v PROW_JOB_ID ]] && IS_PROW=1 || IS_PROW=0 readonly IS_PROW @@ -265,7 +272,7 @@ function gum_banner() { # Simple info banner for logging purposes. function gum_style() { - go_run github.com/charmbracelet/gum@v0.14.1 style "$@" + go_run "github.com/charmbracelet/gum@${GUM_VERSION}" style "$@" } # Checks whether the given function exists. @@ -588,7 +595,7 @@ function report_go_test() { logfile="${logfile/.xml/.jsonl}" echo "Running go test with args: ${go_test_args[*]}" local gotest_retcode=0 - go_run gotest.tools/gotestsum@v1.13.0 \ + go_run "gotest.tools/gotestsum@${GOTESTSUM_VERSION}" \ --format "${GO_TEST_VERBOSITY:-testname}" \ --junitfile "${xml}" \ --junitfile-testsuite-name relative \ @@ -601,14 +608,14 @@ function report_go_test() { echo "Test log (JSONL) written to ${logfile}" ansilog="${logfile/.jsonl/-ansi.log}" - go_run github.com/gotesttools/gotestfmt/v2/cmd/gotestfmt@v2.5.0 \ + go_run "github.com/gotesttools/gotestfmt/v2/cmd/gotestfmt@${GOTESTFMT_VERSION}" \ -input "${logfile}" \ -showteststatus \ -nofail > "$ansilog" echo "Test log (ANSI) written to ${ansilog}" htmllog="${logfile/.jsonl/.html}" - go_run github.com/buildkite/terminal-to-html/v3/cmd/terminal-to-html@v3.10.0 \ + go_run "github.com/buildkite/terminal-to-html/v3/cmd/terminal-to-html@${TERMINAL_TO_HTML_VERSION}" \ --preview < "$ansilog" > "$htmllog" echo "Test log (HTML) written to ${htmllog}" @@ -921,10 +928,10 @@ function run_kntest() { } # Run go-licenses to check for forbidden licenses. +# Extra flags can be passed via the GO_LICENSES_FLAGS environment variable. function check_licenses() { - # Check that we don't have any forbidden licenses. - go_run github.com/google/go-licenses@v1.6.0 \ - check "${REPO_ROOT_DIR}/..." || \ + go_run "github.com/google/go-licenses/v2@${GO_LICENSES_VERSION}" \ + check ${GO_LICENSES_FLAGS:-} "${REPO_ROOT_DIR}/..." || \ { echo "--- FAIL: go-licenses failed the license check"; return 1; } } diff --git a/vendor/knative.dev/pkg/tracker/enqueue.go b/vendor/knative.dev/pkg/tracker/enqueue.go index 88d0254b..f04928d3 100644 --- a/vendor/knative.dev/pkg/tracker/enqueue.go +++ b/vendor/knative.dev/pkg/tracker/enqueue.go @@ -277,8 +277,8 @@ func (i *impl) GetObservers(obj interface{}) []types.NamespacedName { keys = append(keys, key) } } - if len(s) == 0 { - delete(i.exact, ref) + if len(ms) == 0 { + delete(i.inexact, ref) } } @@ -309,7 +309,7 @@ func (i *impl) OnDeletedObserver(obj interface{}) { for ref, matchers := range i.inexact { delete(matchers, key) if len(matchers) == 0 { - delete(i.exact, ref) + delete(i.inexact, ref) } } } diff --git a/vendor/modules.txt b/vendor/modules.txt index bfc438e7..88929962 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -224,7 +224,7 @@ golang.org/x/net/http2 golang.org/x/net/http2/hpack golang.org/x/net/idna golang.org/x/net/internal/httpcommon -# golang.org/x/oauth2 v0.32.0 +# golang.org/x/oauth2 v0.34.0 ## explicit; go 1.24.0 golang.org/x/oauth2 golang.org/x/oauth2/internal @@ -600,10 +600,10 @@ k8s.io/utils/internal/third_party/forked/golang/net k8s.io/utils/net k8s.io/utils/ptr k8s.io/utils/trace -# knative.dev/hack v0.0.0-20260120115810-bf6758cba446 +# knative.dev/hack v0.0.0-20260420222011-c985ed3cefe8 ## explicit; go 1.24 knative.dev/hack -# knative.dev/operator v0.48.0 +# knative.dev/operator v0.48.2 ## explicit; go 1.24.0 knative.dev/operator/pkg/apis/operator knative.dev/operator/pkg/apis/operator/base @@ -613,7 +613,7 @@ knative.dev/operator/pkg/client/clientset/versioned/scheme knative.dev/operator/pkg/client/clientset/versioned/typed/operator/v1beta1 knative.dev/operator/test knative.dev/operator/test/client -# knative.dev/pkg v0.0.0-20260120122510-4a022ed9999a +# knative.dev/pkg v0.0.0-20260531000707-c085a76e54cc ## explicit; go 1.24.0 knative.dev/pkg/apis knative.dev/pkg/apis/duck