Update osbuild/images v0.59.0

Pulling in:
- https://github.com/osbuild/images/pull/650
- https://github.com/osbuild/images/pull/651

go.mod

@@ -16,7 +16,7 @@ require (
 	github.com/Azure/go-autorest/autorest v0.11.29
 	github.com/Azure/go-autorest/autorest/azure/auth v0.5.12
 	github.com/BurntSushi/toml v1.3.2
-	github.com/aws/aws-sdk-go v1.52.0
+	github.com/aws/aws-sdk-go v1.52.1
 	github.com/coreos/go-semver v0.3.1
 	github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf
 	github.com/deepmap/oapi-codegen v1.8.2
@@ -36,7 +36,7 @@ require (
 	github.com/labstack/gommon v0.4.2
 	github.com/openshift-online/ocm-sdk-go v0.1.418
 	github.com/oracle/oci-go-sdk/v54 v54.0.0
-	github.com/osbuild/images v0.58.0
+	github.com/osbuild/images v0.59.0
 	github.com/osbuild/osbuild-composer/pkg/splunk_logger v0.0.0-20231117174845-e969a9dc3cd1
 	github.com/osbuild/pulp-client v0.1.0
 	github.com/prometheus/client_golang v1.19.0

go.sum

@@ -80,8 +80,8 @@ github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d/go.mod h1:asat6
 github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
-github.com/aws/aws-sdk-go v1.52.0 h1:ptgek/4B2v/ljsjYSEvLQ8LTD+SQyrqhOOWvHc/VGPI=
-github.com/aws/aws-sdk-go v1.52.0/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/aws/aws-sdk-go v1.52.1 h1:pYpPIuvVsawYDR0Nt3VrceizUAbtpTN3Z7xBzcZWwfI=
+github.com/aws/aws-sdk-go v1.52.1/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
 github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=
 github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
@@ -501,8 +501,8 @@ github.com/openshift-online/ocm-sdk-go v0.1.418 h1:UgMcx16YOS0cs6c0b0ZXbffnjciiu
 github.com/openshift-online/ocm-sdk-go v0.1.418/go.mod h1:CiAu2jwl3ITKOxkeV0Qnhzv4gs35AmpIzVABQLtcI2Y=
 github.com/oracle/oci-go-sdk/v54 v54.0.0 h1:CDLjeSejv2aDpElAJrhKpi6zvT/zhZCZuXchUUZ+LS4=
 github.com/oracle/oci-go-sdk/v54 v54.0.0/go.mod h1:+t+yvcFGVp+3ZnztnyxqXfQDsMlq8U25faBLa+mqCMc=
-github.com/osbuild/images v0.58.0 h1:BKmePx5SyOMPP5pQyi0X40iIO7vjdUCfhNsIqRzRQfU=
-github.com/osbuild/images v0.58.0/go.mod h1:nt/e/QnHQ0qdznAbfbLQs44Iz9kjV9NammmNZ7UI12U=
+github.com/osbuild/images v0.59.0 h1:6TmPP58/OWKz53fPeuJTQTv4gVzghPgAnYfxNh3frTU=
+github.com/osbuild/images v0.59.0/go.mod h1:wXimLIwsSsTFH8JyZOqwLNOPseCgzOH52DNGexJnL64=
 github.com/osbuild/osbuild-composer/pkg/splunk_logger v0.0.0-20231117174845-e969a9dc3cd1 h1:UFEJIcPa46W8gtWgOYzriRKYyy1t6SWL0BI7fPTuVvc=
 github.com/osbuild/osbuild-composer/pkg/splunk_logger v0.0.0-20231117174845-e969a9dc3cd1/go.mod h1:z+WA+dX6qMwc7fqY5jCzESDIlg4WR2sBQezxsoXv9Ik=
 github.com/osbuild/pulp-client v0.1.0 h1:L0C4ezBJGTamN3BKdv+rKLuq/WxXJbsFwz/Hj7aEmJ8=

vendor/github.com/aws/aws-sdk-go/aws/version.go

@@ -5,4 +5,4 @@ package aws
 const SDKName = "aws-sdk-go"
 
 // SDKVersion is the version of this SDK
-const SDKVersion = "1.52.0"
+const SDKVersion = "1.52.1"

vendor/github.com/aws/aws-sdk-go/service/ec2/api.go

@@ -41430,6 +41430,80 @@ func (c *EC2) GetInstanceMetadataDefaultsWithContext(ctx aws.Context, input *Get
 	return out, req.Send()
 }
 
+const opGetInstanceTpmEkPub = "GetInstanceTpmEkPub"
+
+// GetInstanceTpmEkPubRequest generates a "aws/request.Request" representing the
+// client's request for the GetInstanceTpmEkPub operation. The "output" return
+// value will be populated with the request's response once the request completes
+// successfully.
+//
+// Use "Send" method on the returned Request to send the API call to the service.
+// the "output" return value is not valid until after Send returns without error.
+//
+// See GetInstanceTpmEkPub for more information on using the GetInstanceTpmEkPub
+// API call, and error handling.
+//
+// This method is useful when you want to inject custom logic or configuration
+// into the SDK's request lifecycle. Such as custom headers, or retry logic.
+//
+//	// Example sending a request using the GetInstanceTpmEkPubRequest method.
+//	req, resp := client.GetInstanceTpmEkPubRequest(params)
+//
+//	err := req.Send()
+//	if err == nil { // resp is now filled
+//	    fmt.Println(resp)
+//	}
+//
+// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetInstanceTpmEkPub
+func (c *EC2) GetInstanceTpmEkPubRequest(input *GetInstanceTpmEkPubInput) (req *request.Request, output *GetInstanceTpmEkPubOutput) {
+	op := &request.Operation{
+		Name:       opGetInstanceTpmEkPub,
+		HTTPMethod: "POST",
+		HTTPPath:   "/",
+	}
+
+	if input == nil {
+		input = &GetInstanceTpmEkPubInput{}
+	}
+
+	output = &GetInstanceTpmEkPubOutput{}
+	req = c.newRequest(op, input, output)
+	return
+}
+
+// GetInstanceTpmEkPub API operation for Amazon Elastic Compute Cloud.
+//
+// Gets the public endorsement key associated with the Nitro Trusted Platform
+// Module (NitroTPM) for the specified instance.
+//
+// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
+// with awserr.Error's Code and Message methods to get detailed information about
+// the error.
+//
+// See the AWS API reference guide for Amazon Elastic Compute Cloud's
+// API operation GetInstanceTpmEkPub for usage and error information.
+// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetInstanceTpmEkPub
+func (c *EC2) GetInstanceTpmEkPub(input *GetInstanceTpmEkPubInput) (*GetInstanceTpmEkPubOutput, error) {
+	req, out := c.GetInstanceTpmEkPubRequest(input)
+	return out, req.Send()
+}
+
+// GetInstanceTpmEkPubWithContext is the same as GetInstanceTpmEkPub with the addition of
+// the ability to pass a context and additional request options.
+//
+// See GetInstanceTpmEkPub for details on how to use this API operation.
+//
+// The context must be non-nil and will be used for request cancellation. If
+// the context is nil a panic will occur. In the future the SDK may create
+// sub-contexts for http.Requests. See https://golang.org/pkg/context/
+// for more information on using Contexts.
+func (c *EC2) GetInstanceTpmEkPubWithContext(ctx aws.Context, input *GetInstanceTpmEkPubInput, opts ...request.Option) (*GetInstanceTpmEkPubOutput, error) {
+	req, out := c.GetInstanceTpmEkPubRequest(input)
+	req.SetContext(ctx)
+	req.ApplyOptions(opts...)
+	return out, req.Send()
+}
+
 const opGetInstanceTypesFromInstanceRequirements = "GetInstanceTypesFromInstanceRequirements"
 
 // GetInstanceTypesFromInstanceRequirementsRequest generates a "aws/request.Request" representing the
@@ -126617,6 +126691,155 @@ func (s *GetInstanceMetadataDefaultsOutput) SetAccountLevel(v *InstanceMetadataD
 	return s
 }
 
+type GetInstanceTpmEkPubInput struct {
+	_ struct{} `type:"structure"`
+
+	// Specify this parameter to verify whether the request will succeed, without
+	// actually making the request. If the request will succeed, the response is
+	// DryRunOperation. Otherwise, the response is UnauthorizedOperation.
+	DryRun *bool `type:"boolean"`
+
+	// The ID of the instance for which to get the public endorsement key.
+	//
+	// InstanceId is a required field
+	InstanceId *string `type:"string" required:"true"`
+
+	// The required public endorsement key format. Specify der for a DER-encoded
+	// public key that is compatible with OpenSSL. Specify tpmt for a TPM 2.0 format
+	// that is compatible with tpm2-tools. The returned key is base64 encoded.
+	//
+	// KeyFormat is a required field
+	KeyFormat *string `type:"string" required:"true" enum:"EkPubKeyFormat"`
+
+	// The required public endorsement key type.
+	//
+	// KeyType is a required field
+	KeyType *string `type:"string" required:"true" enum:"EkPubKeyType"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetInstanceTpmEkPubInput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetInstanceTpmEkPubInput) GoString() string {
+	return s.String()
+}
+
+// Validate inspects the fields of the type to determine if they are valid.
+func (s *GetInstanceTpmEkPubInput) Validate() error {
+	invalidParams := request.ErrInvalidParams{Context: "GetInstanceTpmEkPubInput"}
+	if s.InstanceId == nil {
+		invalidParams.Add(request.NewErrParamRequired("InstanceId"))
+	}
+	if s.KeyFormat == nil {
+		invalidParams.Add(request.NewErrParamRequired("KeyFormat"))
+	}
+	if s.KeyType == nil {
+		invalidParams.Add(request.NewErrParamRequired("KeyType"))
+	}
+
+	if invalidParams.Len() > 0 {
+		return invalidParams
+	}
+	return nil
+}
+
+// SetDryRun sets the DryRun field's value.
+func (s *GetInstanceTpmEkPubInput) SetDryRun(v bool) *GetInstanceTpmEkPubInput {
+	s.DryRun = &v
+	return s
+}
+
+// SetInstanceId sets the InstanceId field's value.
+func (s *GetInstanceTpmEkPubInput) SetInstanceId(v string) *GetInstanceTpmEkPubInput {
+	s.InstanceId = &v
+	return s
+}
+
+// SetKeyFormat sets the KeyFormat field's value.
+func (s *GetInstanceTpmEkPubInput) SetKeyFormat(v string) *GetInstanceTpmEkPubInput {
+	s.KeyFormat = &v
+	return s
+}
+
+// SetKeyType sets the KeyType field's value.
+func (s *GetInstanceTpmEkPubInput) SetKeyType(v string) *GetInstanceTpmEkPubInput {
+	s.KeyType = &v
+	return s
+}
+
+type GetInstanceTpmEkPubOutput struct {
+	_ struct{} `type:"structure"`
+
+	// The ID of the instance.
+	InstanceId *string `locationName:"instanceId" type:"string"`
+
+	// The public endorsement key format.
+	KeyFormat *string `locationName:"keyFormat" type:"string" enum:"EkPubKeyFormat"`
+
+	// The public endorsement key type.
+	KeyType *string `locationName:"keyType" type:"string" enum:"EkPubKeyType"`
+
+	// The public endorsement key material.
+	//
+	// KeyValue is a sensitive parameter and its value will be
+	// replaced with "sensitive" in string returned by GetInstanceTpmEkPubOutput's
+	// String and GoString methods.
+	KeyValue *string `locationName:"keyValue" type:"string" sensitive:"true"`
+}
+
+// String returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetInstanceTpmEkPubOutput) String() string {
+	return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation.
+//
+// API parameter values that are decorated as "sensitive" in the API will not
+// be included in the string output. The member name will be present, but the
+// value will be replaced with "sensitive".
+func (s GetInstanceTpmEkPubOutput) GoString() string {
+	return s.String()
+}
+
+// SetInstanceId sets the InstanceId field's value.
+func (s *GetInstanceTpmEkPubOutput) SetInstanceId(v string) *GetInstanceTpmEkPubOutput {
+	s.InstanceId = &v
+	return s
+}
+
+// SetKeyFormat sets the KeyFormat field's value.
+func (s *GetInstanceTpmEkPubOutput) SetKeyFormat(v string) *GetInstanceTpmEkPubOutput {
+	s.KeyFormat = &v
+	return s
+}
+
+// SetKeyType sets the KeyType field's value.
+func (s *GetInstanceTpmEkPubOutput) SetKeyType(v string) *GetInstanceTpmEkPubOutput {
+	s.KeyType = &v
+	return s
+}
+
+// SetKeyValue sets the KeyValue field's value.
+func (s *GetInstanceTpmEkPubOutput) SetKeyValue(v string) *GetInstanceTpmEkPubOutput {
+	s.KeyValue = &v
+	return s
+}
+
 type GetInstanceTypesFromInstanceRequirementsInput struct {
 	_ struct{} `type:"structure"`
 
@@ -192751,6 +192974,38 @@ func Ec2InstanceConnectEndpointState_Values() []string {
 	}
 }
 
+const (
+	// EkPubKeyFormatDer is a EkPubKeyFormat enum value
+	EkPubKeyFormatDer = "der"
+
+	// EkPubKeyFormatTpmt is a EkPubKeyFormat enum value
+	EkPubKeyFormatTpmt = "tpmt"
+)
+
+// EkPubKeyFormat_Values returns all elements of the EkPubKeyFormat enum
+func EkPubKeyFormat_Values() []string {
+	return []string{
+		EkPubKeyFormatDer,
+		EkPubKeyFormatTpmt,
+	}
+}
+
+const (
+	// EkPubKeyTypeRsa2048 is a EkPubKeyType enum value
+	EkPubKeyTypeRsa2048 = "rsa-2048"
+
+	// EkPubKeyTypeEccSecP384 is a EkPubKeyType enum value
+	EkPubKeyTypeEccSecP384 = "ecc-sec-p384"
+)
+
+// EkPubKeyType_Values returns all elements of the EkPubKeyType enum
+func EkPubKeyType_Values() []string {
+	return []string{
+		EkPubKeyTypeRsa2048,
+		EkPubKeyTypeEccSecP384,
+	}
+}
+
 const (
 	// ElasticGpuStateAttached is a ElasticGpuState enum value
 	ElasticGpuStateAttached = "ATTACHED"

vendor/github.com/osbuild/images/pkg/distro/rhel/images.go

@@ -524,7 +524,7 @@ func EdgeInstallerImage(workload workload.Workload,
 
 	img.Product = t.Arch().Distro().Product()
 	img.Variant = "edge"
-	img.OSName = "rhel"
+	img.OSName = "rhel-edge"
 	img.OSVersion = t.Arch().Distro().OsVersion()
 	img.Release = fmt.Sprintf("%s %s", t.Arch().Distro().Product(), t.Arch().Distro().OsVersion())
 	img.FIPS = customizations.GetFIPS()
@@ -561,7 +561,7 @@ func EdgeRawImage(workload workload.Workload,
 		URL:        options.OSTree.URL,
 		ContentURL: options.OSTree.ContentURL,
 	}
-	img.OSName = "redhat"
+	img.OSName = "rhel-edge"
 
 	// TODO: move generation into LiveImage
 	pt, err := t.GetPartitionTable(customizations.GetFilesystems(), options, rng)
@@ -603,7 +603,7 @@ func EdgeSimplifiedInstallerImage(workload workload.Workload,
 		URL:        options.OSTree.URL,
 		ContentURL: options.OSTree.ContentURL,
 	}
-	rawImg.OSName = "redhat"
+	rawImg.OSName = "rhel-edge"
 
 	// TODO: move generation into LiveImage
 	pt, err := t.GetPartitionTable(customizations.GetFilesystems(), options, rng)
@@ -641,7 +641,7 @@ func EdgeSimplifiedInstallerImage(workload workload.Workload,
 	d := t.arch.distro
 	img.Product = d.product
 	img.Variant = "edge"
-	img.OSName = "redhat"
+	img.OSName = "rhel-edge"
 	img.OSVersion = d.osVersion
 
 	installerConfig, err := t.getDefaultInstallerConfig()
@@ -708,7 +708,6 @@ func ImageInstallerImage(workload workload.Workload,
 
 	d := t.arch.distro
 	img.Product = d.product
-	img.OSName = "redhat"
 	img.OSVersion = d.osVersion
 	img.Release = fmt.Sprintf("%s %s", d.product, d.osVersion)
 

vendor/github.com/osbuild/images/pkg/dnfjson/dnfjson.go

@@ -50,6 +50,12 @@ type BaseSolver struct {
 // doesn't use libexec.
 func findDepsolveDnf() string {
 	locations := []string{"/usr/libexec/osbuild-depsolve-dnf", "/usr/lib/osbuild/osbuild-depsolve-dnf"}
+
+	// Override the default location
+	testLocation := os.Getenv("OSBUILD_DEPSOLVE_DNF")
+	if len(testLocation) > 0 {
+		locations = []string{testLocation}
+	}
 	for _, djPath := range locations {
 		_, err := os.Stat(djPath)
 		if !os.IsNotExist(err) {

vendor/github.com/osbuild/images/pkg/manifest/os.go

@@ -577,6 +577,9 @@ func (p *OS) serialize() osbuild.Pipeline {
 			commands = append(commands, "restorecon -R /root/.gnupg")
 			// execute the rhc post install script as the selinuxenabled check doesn't work in the buildroot container
 			commands = append(commands, "/usr/sbin/semanage permissive --add rhcd_t")
+			if p.OSTreeRef != "" {
+				p.runInsightsClientOnBoot()
+			}
 		} else {
 			commands = []string{fmt.Sprintf("/usr/sbin/subscription-manager register --org=${ORG_ID} --activationkey=${ACTIVATION_KEY} --serverurl %s --baseurl %s", p.Subscription.ServerUrl, p.Subscription.BaseUrl)}
 
@@ -585,6 +588,9 @@ func (p *OS) serialize() osbuild.Pipeline {
 				commands = append(commands, "/usr/bin/insights-client --register")
 				// insights-client creates the .gnupg directory during boot process, and is labeled incorrectly
 				commands = append(commands, "restorecon -R /root/.gnupg")
+				if p.OSTreeRef != "" {
+					p.runInsightsClientOnBoot()
+				}
 			}
 		}
 
@@ -882,3 +888,43 @@ func (p *OS) getInline() []string {
 
 	return inlineData
 }
+
+// For ostree-based systems, creates a drop-in file for the insights-client
+// service to run on boot and enables the service. This is only meant for
+// ostree-based systems.
+func (p *OS) runInsightsClientOnBoot() {
+	// Insights-client collection must occur at boot time  so
+	// that the current ostree commit hash can be reflected
+	// after upgrade. Otherwise, the upgrade shows as failed in
+	// the console UI.
+	// Add a drop-in file that enables insights-client.service to
+	// run on successful boot.
+	// See https://issues.redhat.com/browse/HMS-4031
+	//
+	// NOTE(akoutsou): drop-in files can normally be created with the
+	// org.osbuild.systemd.unit stage but the stage doesn't support
+	// all the options we need. This is a temporary workaround
+	// until we get the stage updated to support everything we need.
+	icDropinFilepath, icDropinContents := insightsClientDropin()
+	if icDropinDirectory, err := fsnode.NewDirectory(filepath.Dir(icDropinFilepath), nil, "root", "root", true); err == nil {
+		p.Directories = append(p.Directories, icDropinDirectory)
+	}
+	if icDropinFile, err := fsnode.NewFile(icDropinFilepath, nil, "root", "root", []byte(icDropinContents)); err == nil {
+		p.Files = append(p.Files, icDropinFile)
+	} else {
+		panic(err)
+	}
+	// Enable the service now that it's "enable-able"
+	p.EnabledServices = append(p.EnabledServices, "insights-client.service")
+}
+
+// Filename and contents for the insights-client service drop-in.
+// This is a temporary workaround until the org.osbuild.systemd.unit stage
+// gains support for all the options we need.
+func insightsClientDropin() (string, string) {
+	return "/etc/systemd/system/insights-client.service.d/override.conf", `[Unit]
+Requisite=greenboot-healthcheck.service
+After=network-online.target greenboot-healthcheck.service osbuild-first-boot.service
+[Install]
+WantedBy=multi-user.target`
+}

vendor/github.com/osbuild/images/pkg/manifest/raw_bootc.go

@@ -85,6 +85,39 @@ func (p *RawBootcImage) serializeEnd() {
 	p.containerSpecs = nil
 }
 
+func buildHomedirPaths(users []users.User) []osbuild.MkdirStagePath {
+	var containsRootUser, containsNormalUser bool
+
+	for _, user := range users {
+		if user.Name == "root" {
+			containsRootUser = true
+		} else {
+			containsNormalUser = true
+		}
+	}
+
+	rootHomePath := osbuild.MkdirStagePath{
+		Path:    "/var/roothome",
+		Mode:    common.ToPtr(os.FileMode(0700)),
+		ExistOk: true,
+	}
+	userHomePath := osbuild.MkdirStagePath{
+		Path:    "/var/home",
+		Mode:    common.ToPtr(os.FileMode(0755)),
+		ExistOk: true,
+	}
+	switch {
+	case containsRootUser && containsNormalUser:
+		return []osbuild.MkdirStagePath{rootHomePath, userHomePath}
+	case containsRootUser:
+		return []osbuild.MkdirStagePath{rootHomePath}
+	case containsNormalUser:
+		return []osbuild.MkdirStagePath{userHomePath}
+	default:
+		return nil
+	}
+}
+
 func (p *RawBootcImage) serialize() osbuild.Pipeline {
 	pipeline := p.Base.serialize()
 
@@ -148,16 +181,12 @@ func (p *RawBootcImage) serialize() osbuild.Pipeline {
 		groupsStage.Devices = devices
 		pipeline.AddStage(groupsStage)
 	}
+
 	if len(p.Users) > 0 {
-		// ensure /var/home is available
+		// ensure home root dir (currently /var/home, /var/roothome) is
+		// available
 		mkdirStage := osbuild.NewMkdirStage(&osbuild.MkdirStageOptions{
-			Paths: []osbuild.MkdirStagePath{
-				{
-					Path:    "/var/home",
-					Mode:    common.ToPtr(os.FileMode(0755)),
-					ExistOk: true,
-				},
-			},
+			Paths: buildHomedirPaths(p.Users),
 		})
 		mkdirStage.Mounts = mounts
 		mkdirStage.Devices = devices

vendor/modules.txt

@@ -212,7 +212,7 @@ github.com/acarl005/stripansi
 # github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2
 ## explicit; go 1.13
 github.com/asaskevich/govalidator
-# github.com/aws/aws-sdk-go v1.52.0
+# github.com/aws/aws-sdk-go v1.52.1
 ## explicit; go 1.19
 github.com/aws/aws-sdk-go/aws
 github.com/aws/aws-sdk-go/aws/arn
@@ -865,7 +865,7 @@ github.com/oracle/oci-go-sdk/v54/identity
 github.com/oracle/oci-go-sdk/v54/objectstorage
 github.com/oracle/oci-go-sdk/v54/objectstorage/transfer
 github.com/oracle/oci-go-sdk/v54/workrequests
-# github.com/osbuild/images v0.58.0
+# github.com/osbuild/images v0.59.0
 ## explicit; go 1.20
 github.com/osbuild/images/internal/common
 github.com/osbuild/images/internal/environment