From 3107921b5e32c860e476fe413dcd70174dd38401 Mon Sep 17 00:00:00 2001
From: zhongjiawei <zhongjiawei1@huawei.com>
Date: Thu, 23 May 2024 19:15:34 +0800
Subject: [PATCH] features: implement returning
 potentiallyUnsafeConfigAnnotations list

---
 features.go                | 5 +++++
 types/features/features.go | 6 ++++++
 2 files changed, 11 insertions(+)

diff --git a/features.go b/features.go
index c9cd15c..7f76e7a 100644
--- a/features.go
+++ b/features.go
@@ -55,6 +55,11 @@ var featuresCommand = cli.Command{
 					Enabled: &tru,
 				},
 			},
+			PotentiallyUnsafeConfigAnnotations: []string{
+				"bundle",
+				"org.systemd.property.", // prefix form
+				"org.criu.config",
+			},
 		}
 
 		if seccomp.Enabled {
diff --git a/types/features/features.go b/types/features/features.go
index c6269ca..8b467f7 100644
--- a/types/features/features.go
+++ b/types/features/features.go
@@ -25,6 +25,12 @@ type Features struct {
 	// Annotations contains implementation-specific annotation strings,
 	// such as the implementation version, and third-party extensions.
 	Annotations map[string]string `json:"annotations,omitempty"`
+
+	// PotentiallyUnsafeConfigAnnotations the list of the potential unsafe annotations
+	// that may appear in `config.json`.
+	//
+	// A value that ends with "." is interpreted as a prefix of annotations.
+	PotentiallyUnsafeConfigAnnotations []string `json:"potentiallyUnsafeConfigAnnotations,omitempty"`
 }
 
 // Linux is specific to Linux.
-- 
2.33.0