chore(deps): update module oras.land/oras-go/v2 to v2.6.1

go.mod

@@ -32,6 +32,7 @@ require (
 	github.com/argoproj/argo-cd/v3 v3.3.10
 	sigs.k8s.io/controller-runtime/tools/setup-envtest v0.0.0-20250308055145-5fe7bb3edc86
 	sigs.k8s.io/controller-tools v0.16.4
+	sigs.k8s.io/yaml v1.6.0
 )
 
 require (
@@ -204,13 +205,12 @@ require (
 	k8s.io/kubectl v0.35.1 // indirect
 	k8s.io/kubernetes v1.34.2 // indirect
 	k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect
-	oras.land/oras-go/v2 v2.6.0 // indirect
+	oras.land/oras-go/v2 v2.6.1 // indirect
 	sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect
 	sigs.k8s.io/kustomize/api v0.20.1 // indirect
 	sigs.k8s.io/kustomize/kyaml v0.20.1 // indirect
 	sigs.k8s.io/randfill v1.0.0 // indirect
 	sigs.k8s.io/structured-merge-diff/v6 v6.3.1-0.20251003215857-446d8398e19c // indirect
-	sigs.k8s.io/yaml v1.6.0 // indirect
 )
 
 replace (

go.sum

@@ -702,8 +702,8 @@ k8s.io/kubernetes v1.34.2 h1:WQdDvYJazkmkwSncgNwGvVtaCt4TYXIU3wSMRgvp3MI=
 k8s.io/kubernetes v1.34.2/go.mod h1:m6pZk6a179pRo2wsTiCPORJ86iOEQmfIzUvtyEF8BwA=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 h1:SjGebBtkBqHFOli+05xYbK8YF1Dzkbzn+gDM4X9T4Ck=
 k8s.io/utils v0.0.0-20251002143259-bc988d571ff4/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-oras.land/oras-go/v2 v2.6.0 h1:X4ELRsiGkrbeox69+9tzTu492FMUu7zJQW6eJU+I2oc=
-oras.land/oras-go/v2 v2.6.0/go.mod h1:magiQDfG6H1O9APp+rOsvCPcW1GD2MM7vgnKY0Y+u1o=
+oras.land/oras-go/v2 v2.6.1 h1:bonOEkjLfp8tt6qXWRRWP6p1F+9octchOf2EqnWB4Zs=
+oras.land/oras-go/v2 v2.6.1/go.mod h1:dhtFrFOuZuDtAVeZ9FUnaa5zfzplG3ZnFX9/uH1J/Yk=
 sigs.k8s.io/controller-runtime v0.21.0 h1:CYfjpEuicjUecRk+KAeyYh+ouUBn4llGyDYytIGcJS8=
 sigs.k8s.io/controller-runtime v0.21.0/go.mod h1:OSg14+F65eWqIu4DceX7k/+QRAbTTvxeQSNSOQpukWM=
 sigs.k8s.io/controller-runtime/tools/setup-envtest v0.0.0-20250308055145-5fe7bb3edc86 h1:96TA+X7D58V3065duUfj+p+Pp17q8U02+cSCmE3IsaU=

vendor/modules.txt

@@ -1762,8 +1762,8 @@ k8s.io/utils/lru
 k8s.io/utils/net
 k8s.io/utils/ptr
 k8s.io/utils/trace
-# oras.land/oras-go/v2 v2.6.0
-## explicit; go 1.23.0
+# oras.land/oras-go/v2 v2.6.1
+## explicit; go 1.25.0
 oras.land/oras-go/v2
 oras.land/oras-go/v2/content
 oras.land/oras-go/v2/content/file

vendor/oras.land/oras-go/v2/.goreleaser.yaml

@@ -0,0 +1,26 @@
+# Copyright The ORAS Authors.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+version: 2
+
+# oras-go is a library — no binary builds or archives needed.
+builds:
+  - skip: true
+
+checksum:
+  disable: true
+
+release:
+  # Tags containing -alpha, -beta, or -rc are automatically marked pre-release.
+  prerelease: auto
+  draft: false

vendor/oras.land/oras-go/v2/CODEOWNERS

@@ -1,2 +1,2 @@
 # Derived from OWNERS.md
-* @sajayantony @shizhMSFT @stevelasker @Wwwsylvia
+* @sabre1041 @shizhMSFT @TerryHowe @Wwwsylvia

vendor/oras.land/oras-go/v2/Makefile

@@ -26,12 +26,10 @@ clean:
 .PHONY: check-encoding
 check-encoding:
 	! find . -not -path "./vendor/*" -name "*.go" -type f -exec file "{}" ";" | grep CRLF
-	! find scripts -name "*.sh" -type f -exec file "{}" ";" | grep CRLF
 
 .PHONY: fix-encoding
 fix-encoding:
 	find . -not -path "./vendor/*" -name "*.go" -type f -exec sed -i -e "s/\r//g" {} +
-	find scripts -name "*.sh" -type f -exec sed -i -e "s/\r//g" {} +
 
 .PHONY: vendor
 vendor:

vendor/oras.land/oras-go/v2/OWNERS.md

@@ -1,11 +1,13 @@
 # Owners
 
 Owners:
-  - Sajay Antony (@sajayantony)
+  - Andrew Block (@sabre1041)
   - Shiwei Zhang (@shizhMSFT)
-  - Steve Lasker (@stevelasker)
   - Sylvia Lei (@Wwwsylvia)
+  - Terry Howe (@TerryHowe)
 
 Emeritus:
   - Avi Deitcher (@deitch)
   - Josh Dolitsky (@jdolitsky)
+  - Sajay Antony (@sajayantony)
+  - Steve Lasker (@stevelasker)

vendor/oras.land/oras-go/v2/README.md

@@ -12,7 +12,7 @@
 `oras-go` is a Go library for managing OCI artifacts, compliant with the [OCI Image Format Specification](https://github.com/opencontainers/image-spec) and the [OCI Distribution Specification](https://github.com/opencontainers/distribution-spec). It provides unified APIs for pushing, pulling, and managing artifacts across OCI-compliant registries, local file systems, and in-memory stores.
 
 > [!Note]
-> The `main` branch follows [Go's Security Policy](https://github.com/golang/go/security/policy) and supports the two latest versions of Go (currently `1.23` and `1.24`).
+> The `main` branch follows [Go's Security Policy](https://github.com/golang/go/security/policy) and supports the two latest versions of Go (currently `1.24` and `1.25`).
 
 ## Getting Started
 

vendor/oras.land/oras-go/v2/RELEASES.md

@@ -0,0 +1,108 @@
+# Releasing oras-go
+
+Releases are created via a GitOps workflow. Merging a `release/vX.Y.Z` branch
+into `v2` automatically tags the commit and publishes the GitHub Release.
+
+## Steps
+
+### 1. Create a release branch
+
+The release branch needs at least one commit so GitHub will allow a PR to be
+opened. Use an empty commit as a lightweight marker:
+
+```bash
+git fetch upstream
+git checkout -b release/v2.7.0 upstream/v2
+git commit --allow-empty -s -m "chore: prepare release v2.7.0"
+git push origin release/v2.7.0
+```
+
+The release does not need to contain the changes being released — those are
+already on `v2`. The PR is a trigger: when it merges, the workflow tags the
+PR's `merge_commit_sha` (the exact commit that landed on `v2`), which includes
+all prior work on the branch.
+
+### 2. Open a pull request
+
+Open a PR from `release/v2.7.0` targeting the `v2` branch. Write the release
+notes directly in the PR description using the format from prior releases:
+
+```markdown
+## New Features
+...
+
+## Bug Fixes
+...
+
+## Documentation
+...
+
+## Other Changes
+...
+```
+
+The PR description becomes the GitHub Release body verbatim, so write it in
+its final form.
+
+### 3. Get approvals
+
+Branch protection on `v2` requires approval from at least 3 of the 4 owners
+listed in [OWNERS.md](OWNERS.md). Reviewers should verify:
+
+- The target commit is correct
+- The release notes are accurate and complete
+- All CI checks pass
+
+### 4. Merge
+
+Merge the PR. The [release workflow](.github/workflows/release.yml)
+automatically:
+
+1. Extracts the version from the branch name (`release/v2.7.0` → `v2.7.0`)
+2. Creates and pushes the git tag
+3. Publishes the GitHub Release with the PR body as release notes
+
+## Pre-releases
+
+Tags containing `-alpha`, `-beta`, or `-rc` (e.g., `v2.7.0-rc.1`) are
+automatically marked as pre-release on GitHub. Use the same branch naming
+convention: `release/v2.7.0-rc.1`.
+
+## Testing the workflow locally
+
+Three levels of local validation are available without triggering a real release:
+
+**1. Validate the goreleaser config:**
+```bash
+goreleaser check
+```
+
+**2. Validate workflow structure and job matching (dry run):**
+```bash
+act pull_request \
+  -e .github/act/release-event.json \
+  -W .github/workflows/release.yml \
+  -n
+```
+
+**3. Run the workflow end-to-end with a fake token (Colima + cached actions required):**
+```bash
+act pull_request \
+  -e .github/act/release-event.json \
+  -W .github/workflows/release.yml \
+  -s GITHUB_TOKEN=fake \
+  --pull=false \
+  --action-offline-mode \
+  --container-daemon-socket -
+```
+
+This runs all steps up to and including version extraction (`version=vX.Y.Z` will
+appear in the output). The `git push` step then fails with a permission error —
+that is expected and confirms no tag was pushed. The mock event payload is at
+`.github/act/release-event.json`.
+
+## Updating the documentation site
+
+After a release, update [oras-www](https://github.com/oras-project/oras-www)
+to reflect the new version. See the `CLAUDE.md` in that repository for the
+exact steps.

vendor/oras.land/oras-go/v2/content/file/file.go

@@ -39,7 +39,7 @@ import (
 // bufPool is a pool of byte buffers that can be reused for copying content
 // between files.
 var bufPool = sync.Pool{
-	New: func() interface{} {
+	New: func() any {
 		// the buffer size should be larger than or equal to 128 KiB
 		// for performance considerations.
 		// we choose 1 MiB here so there will be less disk I/O.
@@ -174,7 +174,7 @@ func (s *Store) Close() error {
 	s.setClosed()
 
 	var errs []string
-	s.tmpFiles.Range(func(name, _ interface{}) bool {
+	s.tmpFiles.Range(func(name, _ any) bool {
 		if err := os.Remove(name.(string)); err != nil {
 			errs = append(errs, err.Error())
 		}
@@ -625,6 +625,13 @@ func (s *Store) resolveWritePath(name string) (string, error) {
 		if strings.HasPrefix(rel, "../") || rel == ".." {
 			return "", ErrPathTraversalDisallowed
 		}
+		// The lexical check above prevents "../" escapes but does not resolve
+		// symlinks. A symlink component under workingDir (e.g. "out" -> "/outside")
+		// passes the lexical check yet directs writes outside workingDir.
+		// Re-check after resolving symlinks in the parent path to close that gap.
+		if err := checkSymlinkEscape(base, target); err != nil {
+			return "", err
+		}
 	}
 	if s.DisableOverwrite {
 		if _, err := os.Stat(path); err == nil {
@@ -686,3 +693,52 @@ func (s *Store) setClosed() {
 func ensureDir(path string) error {
 	return os.MkdirAll(path, 0777)
 }
+
+// checkSymlinkEscape returns ErrPathTraversalDisallowed if resolving symlinks
+// in target's ancestor directories causes it to escape base. target may not
+// yet exist, so symlinks are resolved on its deepest existing ancestor.
+func checkSymlinkEscape(base, target string) error {
+	realBase, err := filepath.EvalSymlinks(base)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return nil // base doesn't exist yet; no symlinks to follow
+		}
+		return err
+	}
+	realTarget, err := realPathForWrite(target)
+	if err != nil {
+		return err
+	}
+	rel, err := filepath.Rel(realBase, realTarget)
+	if err != nil {
+		return ErrPathTraversalDisallowed
+	}
+	rel = filepath.ToSlash(rel)
+	if strings.HasPrefix(rel, "../") || rel == ".." {
+		return ErrPathTraversalDisallowed
+	}
+	return nil
+}
+
+// realPathForWrite resolves symlinks in the deepest existing ancestor of path
+// and returns the resulting absolute path. Non-existent path components are
+// appended verbatim, matching the semantics of a file about to be created.
+func realPathForWrite(path string) (string, error) {
+	dir := filepath.Dir(path)
+	suffix := filepath.Base(path)
+	for {
+		real, err := filepath.EvalSymlinks(dir)
+		if err == nil {
+			return filepath.Join(real, suffix), nil
+		}
+		if !os.IsNotExist(err) {
+			return "", err
+		}
+		parent := filepath.Dir(dir)
+		if parent == dir {
+			return path, nil // reached filesystem root
+		}
+		suffix = filepath.Join(filepath.Base(dir), suffix)
+		dir = parent
+	}
+}

vendor/oras.land/oras-go/v2/content/oci/storage.go

@@ -33,7 +33,7 @@ import (
 // bufPool is a pool of byte buffers that can be reused for copying content
 // between files.
 var bufPool = sync.Pool{
-	New: func() interface{} {
+	New: func() any {
 		// the buffer size should be larger than or equal to 128 KiB
 		// for performance considerations.
 		// we choose 1 MiB here so there will be less disk I/O.

vendor/oras.land/oras-go/v2/content/reader.go

@@ -24,6 +24,12 @@ import (
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 )
 
+// maxDescriptorSize is the upper-bound for descriptor sizes accepted by
+// ReadAll. Descriptors sourced from attacker-supplied OCI layouts can carry
+// arbitrarily large Size values; without this cap, make([]byte, desc.Size)
+// triggers a runtime panic before any allocation occurs.
+const maxDescriptorSize = 32 * 1024 * 1024 // 32 MiB
+
 var (
 	// ErrInvalidDescriptorSize is returned by ReadAll() when
 	// the descriptor has an invalid size.
@@ -119,7 +125,7 @@ func NewVerifyReader(r io.Reader, desc ocispec.Descriptor) *VerifyReader {
 // The read content is verified against the size and the digest
 // using a VerifyReader.
 func ReadAll(r io.Reader, desc ocispec.Descriptor) ([]byte, error) {
-	if desc.Size < 0 {
+	if desc.Size < 0 || desc.Size > maxDescriptorSize {
 		return nil, ErrInvalidDescriptorSize
 	}
 	buf := make([]byte, desc.Size)

vendor/oras.land/oras-go/v2/internal/cas/memory.go

@@ -80,7 +80,7 @@ func (m *Memory) Exists(_ context.Context, target ocispec.Descriptor) (bool, err
 // necessarily correspond to any consistent snapshot of the storage contents.
 func (m *Memory) Map() map[descriptor.Descriptor][]byte {
 	res := make(map[descriptor.Descriptor][]byte)
-	m.content.Range(func(key, value interface{}) bool {
+	m.content.Range(func(key, value any) bool {
 		res[key.(descriptor.Descriptor)] = value.([]byte)
 		return true
 	})