From 3f0d133870ba3a1fe6a3a73be2b2ae3aa2d8d7fb Mon Sep 17 00:00:00 2001 From: Tuomas Katila Date: Fri, 17 May 2024 12:00:31 +0300 Subject: [PATCH 1/6] workflow: pin actions to sha sums Signed-off-by: Tuomas Katila --- .github/workflows/lib-build.yaml | 4 ++-- .github/workflows/lib-codeql.yaml | 8 ++++---- .github/workflows/lib-e2e.yaml | 2 +- .github/workflows/lib-publish.yaml | 8 ++++---- .github/workflows/lib-scorecard.yaml | 6 +++--- .github/workflows/lib-trivy.yaml | 26 +++++++++++++------------- .github/workflows/lib-validate.yaml | 16 ++++++++-------- .github/workflows/publish.yml | 8 ++++---- 8 files changed, 39 insertions(+), 39 deletions(-) diff --git a/.github/workflows/lib-build.yaml b/.github/workflows/lib-build.yaml index d44b4e663..e64483ed1 100644 --- a/.github/workflows/lib-build.yaml +++ b/.github/workflows/lib-build.yaml @@ -45,8 +45,8 @@ jobs: - dlb-libdlb-demo builder: [buildah, docker] steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5 with: go-version-file: go.mod check-latest: true diff --git a/.github/workflows/lib-codeql.yaml b/.github/workflows/lib-codeql.yaml index 8365c754b..4db2c1d72 100644 --- a/.github/workflows/lib-codeql.yaml +++ b/.github/workflows/lib-codeql.yaml @@ -18,19 +18,19 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5 with: go-version-file: go.mod check-latest: true - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@187e591bef188a41dd329c95d7905134173654ae # v3 with: languages: 'go' - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@187e591bef188a41dd329c95d7905134173654ae # v3 with: category: "/language:go" diff --git a/.github/workflows/lib-e2e.yaml b/.github/workflows/lib-e2e.yaml index 9752373db..17501571b 100644 --- a/.github/workflows/lib-e2e.yaml +++ b/.github/workflows/lib-e2e.yaml @@ -67,7 +67,7 @@ jobs: IMAGES: ${{ join(matrix.images, ' ') }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 with: fetch-depth: 0 - name: Describe test environment diff --git a/.github/workflows/lib-publish.yaml b/.github/workflows/lib-publish.yaml index 93b2fd8d0..35fe3e91c 100644 --- a/.github/workflows/lib-publish.yaml +++ b/.github/workflows/lib-publish.yaml @@ -42,8 +42,8 @@ jobs: #- crypto-perf #- opae-nlb-demo steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5 with: go-version-file: go.mod check-latest: true @@ -54,7 +54,7 @@ jobs: run: | REG=intel/ make ${IMAGE_NAME} BUILDER=docker - name: Trivy scan for image - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0 with: scan-type: image image-ref: intel/${{ matrix.image }}:${{ inputs.image_tag }} @@ -64,7 +64,7 @@ jobs: if: ${{ !contains(fromJson(env.no_base_check), matrix.image) }} run: IMG=intel/${{ matrix.image }}:${{ inputs.image_tag }} make test-image-base-layer BUILDER=docker - name: Login - uses: docker/login-action@v3 + uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_PASS }} diff --git a/.github/workflows/lib-scorecard.yaml b/.github/workflows/lib-scorecard.yaml index 4d0edb1b6..e5b7e68ed 100644 --- a/.github/workflows/lib-scorecard.yaml +++ b/.github/workflows/lib-scorecard.yaml @@ -16,18 +16,18 @@ jobs: id-token: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 with: persist-credentials: false - name: "Analyze project" - uses: ossf/scorecard-action@v2.3.3 + uses: ossf/scorecard-action@e4c423540e964e15ccadc56558705ba15136265c # v2.3.3 with: results_file: results.sarif results_format: sarif publish_results: true - name: "Upload results to security" - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@187e591bef188a41dd329c95d7905134173654ae # v3 with: sarif_file: results.sarif diff --git a/.github/workflows/lib-trivy.yaml b/.github/workflows/lib-trivy.yaml index 7afe9796f..c030100ae 100644 --- a/.github/workflows/lib-trivy.yaml +++ b/.github/workflows/lib-trivy.yaml @@ -30,10 +30,10 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 - name: Run Trivy in config mode for deployments - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0 with: scan-type: config scan-ref: deployments/ @@ -49,10 +49,10 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 - name: Run Trivy in config mode for dockerfiles - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0 with: scan-type: config scan-ref: build/docker/ @@ -64,10 +64,10 @@ jobs: name: Scan licenses steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 - name: Run Trivy in fs mode - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0 with: scan-type: fs scan-ref: . @@ -83,11 +83,11 @@ jobs: name: Scan vulnerabilities steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 - name: Run Trivy in fs mode continue-on-error: true - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0 with: scan-type: fs scan-ref: . @@ -97,7 +97,7 @@ jobs: output: trivy-report.json - name: Show report in human-readable format - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0 with: scan-type: convert vuln-type: '' @@ -107,7 +107,7 @@ jobs: - name: Convert report to sarif if: ${{ inputs.upload-to-github-security-tab }} - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0 with: scan-type: convert vuln-type: '' @@ -118,13 +118,13 @@ jobs: - name: Upload sarif report to GitHub Security tab if: ${{ inputs.upload-to-github-security-tab }} - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@187e591bef188a41dd329c95d7905134173654ae # v3 with: sarif_file: trivy-report.sarif - name: Convert report to csv if: ${{ inputs.export-csv }} - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0 with: scan-type: convert vuln-type: '' @@ -136,7 +136,7 @@ jobs: - name: Upload CSV report as an artifact if: ${{ inputs.export-csv }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4 with: name: trivy-report path: trivy-report.csv \ No newline at end of file diff --git a/.github/workflows/lib-validate.yaml b/.github/workflows/lib-validate.yaml index caa0ef04a..f640e8066 100644 --- a/.github/workflows/lib-validate.yaml +++ b/.github/workflows/lib-validate.yaml @@ -14,7 +14,7 @@ jobs: run: | sudo apt-get update sudo apt-get install -y python3-venv - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 with: fetch-depth: 0 - name: Set up doc directory @@ -35,13 +35,13 @@ jobs: name: lint runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5 with: go-version-file: go.mod check-latest: true - name: golangci-lint - uses: golangci/golangci-lint-action@v6 + uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6 with: version: v1.57.2 args: -v --timeout 5m @@ -50,8 +50,8 @@ jobs: name: Build and check device plugins runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5 with: go-version-file: go.mod check-latest: true @@ -74,8 +74,8 @@ jobs: - 1.29.x - 1.30.x steps: - - uses: actions/checkout@v4 - - uses: actions/setup-go@v5 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 + - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5 with: go-version-file: go.mod check-latest: true diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 13d5fccc8..225c95bf8 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -23,7 +23,7 @@ jobs: run: | sudo apt-get update sudo apt-get install -y python3-venv git - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 with: fetch-depth: 0 ref: main @@ -44,7 +44,7 @@ jobs: rm -rf _work/venv make vhtml mv _build/html/* $HOME/output/ - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 with: fetch-depth: 0 ref: release-0.28 @@ -55,7 +55,7 @@ jobs: rm -rf _work/venv make vhtml mv _build/html $HOME/output/0.28 - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 with: fetch-depth: 0 ref: release-0.29 @@ -66,7 +66,7 @@ jobs: rm -rf _work/venv make vhtml mv _build/html $HOME/output/0.29 - - uses: actions/checkout@v4 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 with: fetch-depth: 0 ref: release-0.30 From 4cd556b206f6e661cf98a8357d3488420e0b652c Mon Sep 17 00:00:00 2001 From: Tuomas Katila Date: Fri, 17 May 2024 12:12:30 +0300 Subject: [PATCH 2/6] decrease flows for testing Signed-off-by: Tuomas Katila --- .github/workflows/devel.yaml | 20 ++++++------- .github/workflows/lib-build.yaml | 48 ++++++++++++++++---------------- 2 files changed, 34 insertions(+), 34 deletions(-) diff --git a/.github/workflows/devel.yaml b/.github/workflows/devel.yaml index cf5bb5a40..99f1f7493 100644 --- a/.github/workflows/devel.yaml +++ b/.github/workflows/devel.yaml @@ -41,15 +41,15 @@ jobs: - trivy uses: "./.github/workflows/lib-build.yaml" - e2e: - needs: - - build - uses: "./.github/workflows/lib-e2e.yaml" +# e2e: +# needs: +# - build +# uses: "./.github/workflows/lib-e2e.yaml" # devel image push - publish: - needs: - - e2e - - build - uses: "./.github/workflows/lib-publish.yaml" - secrets: inherit +# publish: +# needs: +# - e2e +# - build +# uses: "./.github/workflows/lib-publish.yaml" +# secrets: inherit diff --git a/.github/workflows/lib-build.yaml b/.github/workflows/lib-build.yaml index e64483ed1..c6325d88e 100644 --- a/.github/workflows/lib-build.yaml +++ b/.github/workflows/lib-build.yaml @@ -18,31 +18,31 @@ jobs: - intel-gpu-fakedev - intel-gpu-initcontainer - intel-gpu-plugin - - intel-fpga-plugin - - intel-qat-initcontainer - - intel-qat-plugin - - intel-qat-plugin-kerneldrv - - intel-deviceplugin-operator - - intel-sgx-admissionwebhook - - intel-sgx-plugin - - intel-sgx-initcontainer - - intel-dsa-plugin - - intel-iaa-plugin - - intel-idxd-config-initcontainer - - intel-dlb-plugin - - intel-dlb-initcontainer - - intel-xpumanager-sidecar + # - intel-fpga-plugin + # - intel-qat-initcontainer + # - intel-qat-plugin + # - intel-qat-plugin-kerneldrv + # - intel-deviceplugin-operator + # - intel-sgx-admissionwebhook + # - intel-sgx-plugin + # - intel-sgx-initcontainer + # - intel-dsa-plugin + # - intel-iaa-plugin + # - intel-idxd-config-initcontainer + # - intel-dlb-plugin + # - intel-dlb-initcontainer + # - intel-xpumanager-sidecar - # # Demo images - - crypto-perf - - accel-config-demo - - intel-opencl-icd - - opae-nlb-demo - - openssl-qat-engine - - sgx-sdk-demo - - sgx-aesmd-demo - - dlb-dpdk-demo - - dlb-libdlb-demo + # # # Demo images + # - crypto-perf + # - accel-config-demo + # - intel-opencl-icd + # - opae-nlb-demo + # - openssl-qat-engine + # - sgx-sdk-demo + # - sgx-aesmd-demo + # - dlb-dpdk-demo + # - dlb-libdlb-demo builder: [buildah, docker] steps: - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4 From 45577199a914fd35ea34e69139df1dc7ac0be61b Mon Sep 17 00:00:00 2001 From: Tuomas Katila Date: Fri, 17 May 2024 12:16:19 +0300 Subject: [PATCH 3/6] update scorecard url Signed-off-by: Tuomas Katila --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 862c87eb7..adc65673e 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ [![Build Status](https://github.com/intel/intel-device-plugins-for-kubernetes/actions/workflows/devel.yaml/badge.svg)](https://github.com/intel/intel-device-plugins-for-kubernetes/actions?query=workflow%3ADevel) [![Go Report Card](https://goreportcard.com/badge/github.com/intel/intel-device-plugins-for-kubernetes)](https://goreportcard.com/report/github.com/intel/intel-device-plugins-for-kubernetes) [![GoDoc](https://godoc.org/github.com/intel/intel-device-plugins-for-kubernetes/pkg/deviceplugin?status.svg)](https://godoc.org/github.com/intel/intel-device-plugins-for-kubernetes/pkg/deviceplugin) -[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/intel/intel-device-plugins-for-kubernetes/badge)](https://api.securityscorecards.dev/projects/intel/intel-device-plugins-for-kubernetes) +[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/tkatila/intel-device-plugins-for-kubernetes/badge)](https://api.securityscorecards.dev/projects/intel/intel-device-plugins-for-kubernetes) This repository contains a framework for developing plugins for the Kubernetes [device plugins framework](https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/), From addef585618e2b81c93b9e1366aa76781c654b9e Mon Sep 17 00:00:00 2001 From: Tuomas Katila Date: Fri, 17 May 2024 12:18:11 +0300 Subject: [PATCH 4/6] ignore check-github-actions Signed-off-by: Tuomas Katila --- .github/workflows/lib-validate.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lib-validate.yaml b/.github/workflows/lib-validate.yaml index f640e8066..afd4f9069 100644 --- a/.github/workflows/lib-validate.yaml +++ b/.github/workflows/lib-validate.yaml @@ -60,7 +60,7 @@ jobs: - run: make go-mod-tidy - run: make BUILDTAGS=kerneldrv - run: make test BUILDTAGS=kerneldrv - - run: make check-github-actions + #- run: make check-github-actions #- name: Codecov report # run: bash <(curl -s https://codecov.io/bash) From ccb8ee0501e02b51c62c728ebc9fd3dbf578ba3c Mon Sep 17 00:00:00 2001 From: Tuomas Katila Date: Fri, 17 May 2024 12:54:09 +0300 Subject: [PATCH 5/6] move scorecard to old version Signed-off-by: Tuomas Katila --- .github/workflows/lib-scorecard.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lib-scorecard.yaml b/.github/workflows/lib-scorecard.yaml index e5b7e68ed..073da1f59 100644 --- a/.github/workflows/lib-scorecard.yaml +++ b/.github/workflows/lib-scorecard.yaml @@ -21,7 +21,7 @@ jobs: persist-credentials: false - name: "Analyze project" - uses: ossf/scorecard-action@e4c423540e964e15ccadc56558705ba15136265c # v2.3.3 + uses: ossf/scorecard-action@v2.3.1 with: results_file: results.sarif results_format: sarif From 3b7c072b0ed8af54f800b9888df9ef926ea53d26 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 17 May 2024 09:55:45 +0000 Subject: [PATCH 6/6] build(deps): bump github.com/prometheus/common from 0.47.0 to 0.53.0 Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.47.0 to 0.53.0. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](https://github.com/prometheus/common/compare/v0.47.0...v0.53.0) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 55bebdfb4..0dcb306a9 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/onsi/gomega v1.33.1 github.com/pkg/errors v0.9.1 github.com/prometheus/client_model v0.6.1 - github.com/prometheus/common v0.47.0 + github.com/prometheus/common v0.53.0 golang.org/x/sys v0.20.0 golang.org/x/text v0.15.0 google.golang.org/grpc v1.63.2 @@ -74,7 +74,7 @@ require ( github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect github.com/opencontainers/go-digest v1.0.0 // indirect - github.com/prometheus/client_golang v1.18.0 // indirect + github.com/prometheus/client_golang v1.19.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect github.com/spf13/cobra v1.7.0 // indirect github.com/spf13/pflag v1.0.5 // indirect diff --git a/go.sum b/go.sum index 908becf26..06901730f 100644 --- a/go.sum +++ b/go.sum @@ -152,12 +152,12 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk= -github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA= +github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU= +github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.47.0 h1:p5Cz0FNHo7SnWOmWmoRozVcjEp0bIVU8cV7OShpjL1k= -github.com/prometheus/common v0.47.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc= +github.com/prometheus/common v0.53.0 h1:U2pL9w9nmJwJDa4qqLQ3ZaePJ6ZTwt7cMD3AG3+aLCE= +github.com/prometheus/common v0.53.0/go.mod h1:BrxBKv3FWBIGXw89Mg1AeBq7FSyRzXWI3l3e7W3RN5U= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=