Skip to content

Commit 1cd7cf0

Browse files
TylerHelmuthTylerHelmuth
authored
Update github.com/coreos/go-oidc to v3.9.0 (#31792)
Handles https://pkg.go.dev/vuln/GO-2024-2631
1 parent 794cd24 commit 1cd7cf0

File tree

9 files changed

+45
-29
lines changed

9 files changed

+45
-29
lines changed

cmd/configschema/go.mod

+2-2
Original file line numberDiff line numberDiff line change
@@ -298,7 +298,7 @@ require (
298298
github.com/containerd/cgroups/v3 v3.0.2 // indirect
299299
github.com/containerd/console v1.0.3 // indirect
300300
github.com/containerd/ttrpc v1.2.2 // indirect
301-
github.com/coreos/go-oidc v2.2.1+incompatible // indirect
301+
github.com/coreos/go-oidc/v3 v3.9.0 // indirect
302302
github.com/coreos/go-systemd/v22 v22.5.0 // indirect
303303
github.com/cskr/pubsub v1.0.2 // indirect
304304
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
@@ -334,6 +334,7 @@ require (
334334
github.com/getsentry/sentry-go v0.27.0 // indirect
335335
github.com/go-faster/city v1.0.1 // indirect
336336
github.com/go-faster/errors v0.7.1 // indirect
337+
github.com/go-jose/go-jose/v3 v3.0.3 // indirect
337338
github.com/go-kit/kit v0.13.0 // indirect
338339
github.com/go-kit/log v0.2.1 // indirect
339340
github.com/go-logfmt/logfmt v0.6.0 // indirect
@@ -700,7 +701,6 @@ require (
700701
gopkg.in/inf.v0 v0.9.1 // indirect
701702
gopkg.in/ini.v1 v1.67.0 // indirect
702703
gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
703-
gopkg.in/square/go-jose.v2 v2.5.1 // indirect
704704
gopkg.in/yaml.v3 v3.0.1 // indirect
705705
gopkg.in/zorkian/go-datadog-api.v2 v2.30.0 // indirect
706706
k8s.io/api v0.29.2 // indirect

cmd/configschema/go.sum

+6-4
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

cmd/otelcontribcol/go.mod

+2-2
Original file line numberDiff line numberDiff line change
@@ -348,7 +348,7 @@ require (
348348
github.com/containerd/cgroups/v3 v3.0.2 // indirect
349349
github.com/containerd/console v1.0.3 // indirect
350350
github.com/containerd/ttrpc v1.2.2 // indirect
351-
github.com/coreos/go-oidc v2.2.1+incompatible // indirect
351+
github.com/coreos/go-oidc/v3 v3.9.0 // indirect
352352
github.com/coreos/go-systemd/v22 v22.5.0 // indirect
353353
github.com/cskr/pubsub v1.0.2 // indirect
354354
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
@@ -384,6 +384,7 @@ require (
384384
github.com/getsentry/sentry-go v0.27.0 // indirect
385385
github.com/go-faster/city v1.0.1 // indirect
386386
github.com/go-faster/errors v0.7.1 // indirect
387+
github.com/go-jose/go-jose/v3 v3.0.3 // indirect
387388
github.com/go-kit/kit v0.13.0 // indirect
388389
github.com/go-kit/log v0.2.1 // indirect
389390
github.com/go-logfmt/logfmt v0.6.0 // indirect
@@ -715,7 +716,6 @@ require (
715716
gopkg.in/inf.v0 v0.9.1 // indirect
716717
gopkg.in/ini.v1 v1.67.0 // indirect
717718
gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
718-
gopkg.in/square/go-jose.v2 v2.5.1 // indirect
719719
gopkg.in/yaml.v2 v2.4.0 // indirect
720720
gopkg.in/yaml.v3 v3.0.1 // indirect
721721
gopkg.in/zorkian/go-datadog-api.v2 v2.30.0 // indirect

cmd/otelcontribcol/go.sum

+6-4
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

extension/oidcauthextension/extension.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ import (
1717
"strings"
1818
"time"
1919

20-
"github.com/coreos/go-oidc"
20+
"github.com/coreos/go-oidc/v3/oidc"
2121
"go.opentelemetry.io/collector/client"
2222
"go.opentelemetry.io/collector/component"
2323
"go.opentelemetry.io/collector/extension/auth"

extension/oidcauthextension/go.mod

+2-3
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ module github.com/open-telemetry/opentelemetry-collector-contrib/extension/oidca
33
go 1.21
44

55
require (
6-
github.com/coreos/go-oidc v2.2.1+incompatible
6+
github.com/coreos/go-oidc/v3 v3.9.0
77
github.com/stretchr/testify v1.9.0
88
go.opentelemetry.io/collector v0.96.1-0.20240306115632-b2693620eff6
99
go.opentelemetry.io/collector/component v0.96.1-0.20240306115632-b2693620eff6
@@ -19,6 +19,7 @@ require (
1919
github.com/beorn7/perks v1.0.1 // indirect
2020
github.com/cespare/xxhash/v2 v2.2.0 // indirect
2121
github.com/davecgh/go-spew v1.1.1 // indirect
22+
github.com/go-jose/go-jose/v3 v3.0.3 // indirect
2223
github.com/go-logr/logr v1.4.1 // indirect
2324
github.com/go-logr/stdr v1.2.2 // indirect
2425
github.com/go-viper/mapstructure/v2 v2.0.0-alpha.1 // indirect
@@ -30,7 +31,6 @@ require (
3031
github.com/mitchellh/copystructure v1.2.0 // indirect
3132
github.com/mitchellh/reflectwalk v1.0.2 // indirect
3233
github.com/pmezard/go-difflib v1.0.0 // indirect
33-
github.com/pquerna/cachecontrol v0.1.0 // indirect
3434
github.com/prometheus/client_golang v1.19.0 // indirect
3535
github.com/prometheus/client_model v0.6.0 // indirect
3636
github.com/prometheus/common v0.48.0 // indirect
@@ -51,7 +51,6 @@ require (
5151
google.golang.org/genproto/googleapis/rpc v0.0.0-20240123012728-ef4313101c80 // indirect
5252
google.golang.org/grpc v1.62.1 // indirect
5353
google.golang.org/protobuf v1.33.0 // indirect
54-
gopkg.in/square/go-jose.v2 v2.5.1 // indirect
5554
gopkg.in/yaml.v3 v3.0.1 // indirect
5655
)
5756

0 commit comments

Comments
 (0)