From de8631ca2547f417766ca7f7e0de100714932f9e Mon Sep 17 00:00:00 2001
From: Jon Johnson <jon.johnson@chainguard.dev>
Date: Tue, 29 Oct 2024 15:51:04 -0700
Subject: [PATCH] mutate: Create a defensive annotations copy

Since this is computed lazily, the caller can modify the map, which
would break the ~immutable nature of this API, so we create a defensive
copy.

Signed-off-by: Jon Johnson <jon.johnson@chainguard.dev>
---
 pkg/v1/mutate/mutate.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/pkg/v1/mutate/mutate.go b/pkg/v1/mutate/mutate.go
index 1a24b10d7..4207740c3 100644
--- a/pkg/v1/mutate/mutate.go
+++ b/pkg/v1/mutate/mutate.go
@@ -21,6 +21,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"maps"
 	"path/filepath"
 	"strings"
 	"time"
@@ -165,16 +166,16 @@ func Annotations(f partial.WithRawManifest, anns map[string]string) partial.With
 	if img, ok := f.(v1.Image); ok {
 		return &image{
 			base:        img,
-			annotations: anns,
+			annotations: maps.Clone(anns),
 		}
 	}
 	if idx, ok := f.(v1.ImageIndex); ok {
 		return &index{
 			base:        idx,
-			annotations: anns,
+			annotations: maps.Clone(anns),
 		}
 	}
-	return arbitraryRawManifest{a: f, anns: anns}
+	return arbitraryRawManifest{a: f, anns: maps.Clone(anns)}
 }
 
 type arbitraryRawManifest struct {