dependabot fixes

Venafi · Jun 17, 2024 · d814766 · d814766
1 parent 3710130
commit d814766
Show file tree

Hide file tree

Showing 4 changed files with 613 additions and 632 deletions.
diff --git a/cmd/sigscan/fs.go b/cmd/sigscan/fs.go
@@ -32,7 +32,7 @@ type FSInspectOptions struct {
 	Dir string
 }
 
-func newFSInspect(ctx context.Context) *cobra.Command {
+func newFSInspect(_ context.Context) *cobra.Command {
 
 	var (
 		outOpts    *options.Output
@@ -52,7 +52,6 @@ func newFSInspect(ctx context.Context) *cobra.Command {
 
 			dirs := cmd.Flags().Args()
 
-			var err error
 			var out output.FSJSONOutput
 			out.FileSystem = strings.Join(dirs, ",")
 
@@ -194,10 +193,6 @@ func newFSInspect(ctx context.Context) *cobra.Command {
 				fmt.Printf("Found %d signatures out of %d entries\n", sigCount, entryCount)
 			}
 
-			if err != nil {
-				return fmt.Errorf("sigscan error: %s", err.Error())
-			}
-
 			return nil
 		},
 	}

diff --git a/cmd/sigscan/repo.go b/cmd/sigscan/repo.go
@@ -150,7 +150,7 @@ func parseRepoPath(opts *repositoryOptions, arg string) error {
 	return nil
 }
 
-func newRepoInspect(ctx context.Context) *cobra.Command {
+func newRepoInspect(_ context.Context) *cobra.Command {
 
 	var (
 		outOpts    *options.Output
@@ -350,46 +350,29 @@ func newRepoInspect(ctx context.Context) *cobra.Command {
 										return fmt.Errorf("error reading referrer: %s", err.Error())
 									}
 
-									/* Until OCI 1.1 is released Notaryv2 signatures may be accessible via Image Manifest or Artifact Manifest
+									/* Notaryv2 signatures may be accessible via Image Manifest
 									https://github.com/opencontainers/image-spec/blob/main/specs-go/v1/manifest.go
-									https://github.com/opencontainers/image-spec/blob/main/specs-go/v1/artifact.go
 									*/
-
-									var artifact *ocispec.Artifact = &ocispec.Artifact{}
 									var manifest *ocispec.Manifest = &ocispec.Manifest{}
 
-									err = json.Unmarshal(pulledBlob, artifact)
-									if err != nil {
-										return fmt.Errorf(err.Error())
-									}
-
 									err = json.Unmarshal(pulledBlob, manifest)
 									if err != nil {
 										return fmt.Errorf(err.Error())
 									}
 
-									if manifest.Config.MediaType == registry.NotaryV2ArtifactType || artifact.ArtifactType == registry.NotaryV2ArtifactType {
+									if manifest.Config.MediaType == registry.NotaryV2ArtifactType {
 
 										// Found NotaryV2 signature
 										sigCount += 1
 
 										if outOpts.Mode == options.OutputModePretty {
-											if artifact.MediaType == registry.ImageManifestMediaType {
-												log.WithFields(logrus.Fields{
-													"repo":                      repo + ":" + tag,
-													"referrerMediaType":         referrer.MediaType,
-													"mediaType":                 manifest.MediaType,
-													"artifactType":              manifest.Config.MediaType,
-													"notaryV2EnvelopeMediaType": manifest.Layers[0].MediaType,
-												}).Trace("ImageManifest")
-											}
-											if artifact.MediaType == registry.ArtifactManifestMediaType {
-												log.WithFields(logrus.Fields{
-													"repo":                      repo + ":" + tag,
-													"referrerMediaType":         referrer.MediaType,
-													"notaryV2EnvelopeMediaType": artifact.Blobs[0].MediaType,
-												}).Trace("ArtifactManifest")
-											}
+											log.WithFields(logrus.Fields{
+												"repo":                      repo + ":" + tag,
+												"referrerMediaType":         referrer.MediaType,
+												"mediaType":                 manifest.MediaType,
+												"artifactType":              manifest.Config.MediaType,
+												"notaryV2EnvelopeMediaType": manifest.Layers[0].MediaType,
+											}).Trace("ImageManifest")
 										}
 
 										if outOpts.Mode == options.OutputModeJSON {