diff --git a/head b/head index 13710f960..67ab57d9e 100644 --- a/head +++ b/head @@ -1 +1 @@ -3a1779e6db52fcf7a311bd52862dbe9ec889ed37 +18903cd4af51b0b441228d1edb12169a0befda14 diff --git a/upstream/go.mod b/upstream/go.mod index 31e4dcd46..68b6003cd 100644 --- a/upstream/go.mod +++ b/upstream/go.mod @@ -1,15 +1,13 @@ module github.com/tektoncd/pruner -go 1.24.0 - -toolchain go1.24.6 +go 1.24.13 // Retract v0.3.2 as it was an unintended release retract v0.3.2 require ( github.com/stretchr/testify v1.11.1 - github.com/tektoncd/pipeline v1.6.1 + github.com/tektoncd/pipeline v1.6.2 github.com/tektoncd/plumbing v0.0.0-20250805154627-25448098dea2 go.opentelemetry.io/otel v1.40.0 go.opentelemetry.io/otel/metric v1.40.0 diff --git a/upstream/go.sum b/upstream/go.sum index 46a90522b..022bced76 100644 --- a/upstream/go.sum +++ b/upstream/go.sum @@ -342,8 +342,8 @@ github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/stvp/go-udp-testing v0.0.0-20201019212854-469649b16807/go.mod h1:7jxmlfBCDBXRzr0eAQJ48XC1hBu1np4CS5+cHEYfwpc= -github.com/tektoncd/pipeline v1.6.1 h1:DLeA6gVQrDHw9hy7eI48rOp2MO+Fwawj1+AcgSpJysk= -github.com/tektoncd/pipeline v1.6.1/go.mod h1:5SNoYgRYPQopkv7ApVq5GO3JqPk2AjV+VMMjwBsbJOg= +github.com/tektoncd/pipeline v1.6.2 h1:lcpC4fuoc9Uy6uWjjNmtRJgYd+e6XIcFZKYitbVnORc= +github.com/tektoncd/pipeline v1.6.2/go.mod h1:lnC/pCLLG37eZE3B5QPCumkWZyY0Lb2LZBpQlJCNaio= github.com/tektoncd/plumbing v0.0.0-20250805154627-25448098dea2 h1:v4UPEbe6MEto5i4ELtiXWBxUAUIAWL5U1DznfPhi4WE= github.com/tektoncd/plumbing v0.0.0-20250805154627-25448098dea2/go.mod h1:BC6F3DlZc+wpUT9YcwG9MoSfb4tUiH2olB9xYoIsB4I= github.com/vbatts/tar-split v0.12.1 h1:CqKoORW7BUWBe7UL/iqTVvkTBOF8UvOMKOIZykxnnbo= diff --git a/upstream/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/container_validation.go b/upstream/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/container_validation.go index becf35411..5167e8bb9 100644 --- a/upstream/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/container_validation.go +++ b/upstream/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1/container_validation.go @@ -20,6 +20,7 @@ import ( "context" "errors" "fmt" + "path/filepath" "regexp" "slices" "strings" @@ -197,8 +198,9 @@ func (s *Step) Validate(ctx context.Context) (errs *apis.FieldError) { } for j, vm := range s.VolumeMounts { - if strings.HasPrefix(vm.MountPath, "/tekton/") && - !strings.HasPrefix(vm.MountPath, "/tekton/home") { + cleanMountPath := filepath.Clean(vm.MountPath) + if strings.HasPrefix(cleanMountPath, "/tekton/") && + !strings.HasPrefix(cleanMountPath, "/tekton/home") { errs = errs.Also(apis.ErrGeneric(fmt.Sprintf("volumeMount cannot be mounted under /tekton/ (volumeMount %q mounted at %q)", vm.Name, vm.MountPath), "mountPath").ViaFieldIndex("volumeMounts", j)) } if strings.HasPrefix(vm.Name, "tekton-internal-") { diff --git a/upstream/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_validation.go b/upstream/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_validation.go index c2d918d4b..8578375af 100644 --- a/upstream/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_validation.go +++ b/upstream/vendor/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1/task_validation.go @@ -434,8 +434,9 @@ func validateStep(ctx context.Context, s Step, names sets.String) (errs *apis.Fi } for j, vm := range s.VolumeMounts { - if strings.HasPrefix(vm.MountPath, "/tekton/") && - !strings.HasPrefix(vm.MountPath, "/tekton/home") { + cleanMountPath := filepath.Clean(vm.MountPath) + if strings.HasPrefix(cleanMountPath, "/tekton/") && + !strings.HasPrefix(cleanMountPath, "/tekton/home") { errs = errs.Also(apis.ErrGeneric(fmt.Sprintf("volumeMount cannot be mounted under /tekton/ (volumeMount %q mounted at %q)", vm.Name, vm.MountPath), "mountPath").ViaFieldIndex("volumeMounts", j)) } if strings.HasPrefix(vm.Name, "tekton-internal-") { diff --git a/upstream/vendor/modules.txt b/upstream/vendor/modules.txt index bd0d311ad..3c984d4fd 100644 --- a/upstream/vendor/modules.txt +++ b/upstream/vendor/modules.txt @@ -272,8 +272,8 @@ github.com/stoewer/go-strcase ## explicit; go 1.17 github.com/stretchr/testify/assert github.com/stretchr/testify/assert/yaml -# github.com/tektoncd/pipeline v1.6.1 -## explicit; go 1.24.0 +# github.com/tektoncd/pipeline v1.6.2 +## explicit; go 1.24.13 github.com/tektoncd/pipeline/internal/artifactref github.com/tektoncd/pipeline/pkg/apis/config github.com/tektoncd/pipeline/pkg/apis/pipeline