Skip to content

Commit 3cf227e

Browse files
JeromeJuJeromeJu
authored
fix: address outdated dependencies for go-git CVE upgrade (#3440)
1 parent 16c43bb commit 3cf227e

File tree

251 files changed

+34445
-5588
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

251 files changed

+34445
-5588
lines changed

go.mod

+10-10
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ require (
1313
github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589
1414
github.com/containerd/cgroups v1.1.0 // indirect
1515
github.com/docker/docker v27.0.3+incompatible
16-
github.com/go-git/go-billy/v5 v5.5.0
16+
github.com/go-git/go-billy/v5 v5.6.1
1717
github.com/go-git/go-git/v5 v5.13.1
1818
github.com/golang/mock v1.6.0
1919
github.com/google/go-cmp v0.6.0
@@ -29,9 +29,9 @@ require (
2929
github.com/spf13/afero v1.11.0
3030
github.com/spf13/cobra v1.8.1
3131
github.com/spf13/pflag v1.0.5
32-
golang.org/x/net v0.27.0
32+
golang.org/x/net v0.33.0
3333
golang.org/x/oauth2 v0.21.0
34-
golang.org/x/sync v0.7.0
34+
golang.org/x/sync v0.10.0
3535
)
3636

3737
require (
@@ -55,7 +55,7 @@ require (
5555
github.com/Azure/go-autorest/logger v0.2.1 // indirect
5656
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
5757
github.com/Microsoft/go-winio v0.6.2 // indirect
58-
github.com/ProtonMail/go-crypto v1.0.0 // indirect
58+
github.com/ProtonMail/go-crypto v1.1.3 // indirect
5959
github.com/agext/levenshtein v1.2.3 // indirect
6060
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.3 // indirect
6161
github.com/aws/aws-sdk-go-v2/credentials v1.17.27 // indirect
@@ -126,9 +126,9 @@ require (
126126
github.com/xanzy/ssh-agent v0.3.3 // indirect
127127
go.etcd.io/etcd/raft/v3 v3.5.6 // indirect
128128
go.opencensus.io v0.24.0 // indirect
129-
golang.org/x/crypto v0.25.0 // indirect
130-
golang.org/x/sys v0.22.0
131-
golang.org/x/text v0.16.0 // indirect
129+
golang.org/x/crypto v0.31.0 // indirect
130+
golang.org/x/sys v0.28.0
131+
golang.org/x/text v0.21.0 // indirect
132132
golang.org/x/time v0.5.0 // indirect
133133
google.golang.org/api v0.188.0
134134
google.golang.org/genproto v0.0.0-20240708141625-4ad9e859172b // indirect
@@ -156,7 +156,7 @@ require (
156156
github.com/containerd/platforms v0.2.1 // indirect
157157
github.com/containerd/ttrpc v1.2.5 // indirect
158158
github.com/containerd/typeurl/v2 v2.1.1 // indirect
159-
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
159+
github.com/cyphar/filepath-securejoin v0.3.6 // indirect
160160
github.com/distribution/reference v0.6.0 // indirect
161161
github.com/felixge/httpsnoop v1.0.4 // indirect
162162
github.com/fsnotify/fsnotify v1.7.0 // indirect
@@ -175,7 +175,7 @@ require (
175175
github.com/pjbgf/sha1cd v0.3.0 // indirect
176176
github.com/sagikazarmark/locafero v0.4.0 // indirect
177177
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
178-
github.com/skeema/knownhosts v1.2.2 // indirect
178+
github.com/skeema/knownhosts v1.3.0 // indirect
179179
github.com/sourcegraph/conc v0.3.0 // indirect
180180
github.com/spf13/cast v1.6.0 // indirect
181181
github.com/spf13/viper v1.18.2 // indirect
@@ -187,7 +187,7 @@ require (
187187
go.opentelemetry.io/otel/metric v1.24.0 // indirect
188188
go.opentelemetry.io/otel/trace v1.24.0 // indirect
189189
go.uber.org/multierr v1.11.0 // indirect
190-
golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f // indirect
190+
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
191191
google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094 // indirect
192192
google.golang.org/genproto/googleapis/rpc v0.0.0-20240708141625-4ad9e859172b // indirect
193193
gopkg.in/ini.v1 v1.67.0 // indirect

go.sum

+34-49
Large diffs are not rendered by default.

vendor/github.com/ProtonMail/go-crypto/ocb/ocb.go

+3-2
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/ProtonMail/go-crypto/openpgp/armor/armor.go

+9-57
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/ProtonMail/go-crypto/openpgp/armor/encode.go

+57-20
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/ProtonMail/go-crypto/openpgp/canonical_text.go

+9-3
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/ProtonMail/go-crypto/openpgp/ecdh/ecdh.go

+1-5
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)