Skip to content

Commit 4acbe22

Browse files
EnriqueL8EnriqueL8
authored
Merge pull request #129 from kaleido-io/cve-fix
Fix CVE GHSA-m425-mq94-257g
2 parents 2b1cd9c + de84bf6 commit 4acbe22

File tree

2 files changed

+1234
-526
lines changed

2 files changed

+1234
-526
lines changed

go.mod

Lines changed: 7 additions & 150 deletions
Original file line numberDiff line numberDiff line change
@@ -29,92 +29,24 @@ require (
2929
)
3030

3131
require (
32-
4d63.com/gocheckcompilerdirectives v1.2.1 // indirect
33-
4d63.com/gochecknoglobals v0.2.1 // indirect
34-
github.com/4meepo/tagalign v1.3.3 // indirect
35-
github.com/Abirdcfly/dupword v0.0.13 // indirect
36-
github.com/Antonboom/errname v0.1.12 // indirect
37-
github.com/Antonboom/nilnil v0.1.7 // indirect
38-
github.com/Antonboom/testifylint v0.2.3 // indirect
39-
github.com/BurntSushi/toml v1.3.2 // indirect
40-
github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24 // indirect
41-
github.com/GaijinEntertainment/go-exhaustruct/v3 v3.1.0 // indirect
4232
github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible // indirect
43-
github.com/Masterminds/semver v1.5.0 // indirect
44-
github.com/OpenPeeDeeP/depguard/v2 v2.1.0 // indirect
45-
github.com/alecthomas/go-check-sumtype v0.1.3 // indirect
46-
github.com/alexkohler/nakedret/v2 v2.0.2 // indirect
47-
github.com/alexkohler/prealloc v1.0.0 // indirect
48-
github.com/alingse/asasalint v0.0.11 // indirect
49-
github.com/ashanbrown/forbidigo v1.6.0 // indirect
50-
github.com/ashanbrown/makezero v1.1.1 // indirect
5133
github.com/beorn7/perks v1.0.1 // indirect
52-
github.com/bkielbasa/cyclop v1.2.1 // indirect
53-
github.com/blizzy78/varnamelen v0.8.0 // indirect
54-
github.com/bombsimon/wsl/v3 v3.4.0 // indirect
55-
github.com/breml/bidichk v0.2.7 // indirect
56-
github.com/breml/errchkjson v0.3.6 // indirect
57-
github.com/butuzov/ireturn v0.2.2 // indirect
58-
github.com/butuzov/mirror v1.1.0 // indirect
59-
github.com/catenacyber/perfsprint v0.2.0 // indirect
60-
github.com/ccojocar/zxcvbn-go v1.0.1 // indirect
6134
github.com/cespare/xxhash/v2 v2.2.0 // indirect
62-
github.com/charithe/durationcheck v0.0.10 // indirect
63-
github.com/chavacava/garif v0.1.0 // indirect
6435
github.com/cloudflare/cfssl v1.6.4 // indirect
65-
github.com/curioswitch/go-reassign v0.2.0 // indirect
66-
github.com/daixiang0/gci v0.11.2 // indirect
6736
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
68-
github.com/denis-tingaikin/go-header v0.4.3 // indirect
6937
github.com/eapache/go-resiliency v1.5.0 // indirect
7038
github.com/eapache/go-xerial-snappy v0.0.0-20230731223053-c322873962e3 // indirect
7139
github.com/eapache/queue v1.1.0 // indirect
72-
github.com/esimonov/ifshort v1.0.4 // indirect
73-
github.com/ettle/strcase v0.1.1 // indirect
74-
github.com/fatih/color v1.15.0 // indirect
75-
github.com/fatih/structtag v1.2.0 // indirect
76-
github.com/firefart/nonamedreturns v1.0.4 // indirect
7740
github.com/fsnotify/fsnotify v1.7.0 // indirect
78-
github.com/fzipp/gocyclo v0.6.0 // indirect
79-
github.com/ghostiam/protogetter v0.2.3 // indirect
80-
github.com/go-critic/go-critic v0.9.0 // indirect
8141
github.com/go-kit/kit v0.13.0 // indirect
8242
github.com/go-kit/log v0.2.1 // indirect
8343
github.com/go-logfmt/logfmt v0.6.0 // indirect
84-
github.com/go-toolsmith/astcast v1.1.0 // indirect
85-
github.com/go-toolsmith/astcopy v1.1.0 // indirect
86-
github.com/go-toolsmith/astequal v1.1.0 // indirect
87-
github.com/go-toolsmith/astfmt v1.1.0 // indirect
88-
github.com/go-toolsmith/astp v1.1.0 // indirect
89-
github.com/go-toolsmith/strparse v1.1.0 // indirect
90-
github.com/go-toolsmith/typep v1.1.0 // indirect
91-
github.com/go-xmlfmt/xmlfmt v1.1.2 // indirect
92-
github.com/gobwas/glob v0.2.3 // indirect
93-
github.com/gofrs/flock v0.8.1 // indirect
9444
github.com/golang/mock v1.6.0 // indirect
9545
github.com/golang/snappy v0.0.4 // indirect
96-
github.com/golangci/check v0.0.0-20180506172741-cfe4005ccda2 // indirect
97-
github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a // indirect
98-
github.com/golangci/go-misc v0.0.0-20220329215616-d24fe342adfe // indirect
99-
github.com/golangci/gofmt v0.0.0-20231018234816-f50ced29576e // indirect
100-
github.com/golangci/golangci-lint v1.55.2 // indirect
101-
github.com/golangci/lint-1 v0.0.0-20191013205115-297bf364a8e0 // indirect
102-
github.com/golangci/maligned v0.0.0-20180506175553-b1d89398deca // indirect
103-
github.com/golangci/misspell v0.4.1 // indirect
104-
github.com/golangci/revgrep v0.5.2 // indirect
105-
github.com/golangci/unconvert v0.0.0-20180507085042-28b1c447d1f4 // indirect
106-
github.com/google/go-cmp v0.6.0 // indirect
107-
github.com/gordonklaus/ineffassign v0.0.0-20230610083614-0e73809eb601 // indirect
108-
github.com/gostaticanalysis/analysisutil v0.7.1 // indirect
109-
github.com/gostaticanalysis/comment v1.4.2 // indirect
110-
github.com/gostaticanalysis/forcetypeassert v0.1.0 // indirect
111-
github.com/gostaticanalysis/nilerr v0.1.1 // indirect
11246
github.com/hashicorp/errwrap v1.1.0 // indirect
11347
github.com/hashicorp/go-multierror v1.1.1 // indirect
11448
github.com/hashicorp/go-uuid v1.0.3 // indirect
115-
github.com/hashicorp/go-version v1.6.0 // indirect
11649
github.com/hashicorp/hcl v1.0.0 // indirect
117-
github.com/hexops/gotextdiff v1.0.3 // indirect
11850
github.com/hyperledger/fabric-config v0.2.1 // indirect
11951
github.com/hyperledger/fabric-lib-go v1.0.0 // indirect
12052
github.com/inconshreveable/mousetrap v1.1.0 // indirect
@@ -123,126 +55,51 @@ require (
12355
github.com/jcmturner/gofork v1.7.6 // indirect
12456
github.com/jcmturner/gokrb5/v8 v8.4.4 // indirect
12557
github.com/jcmturner/rpc/v2 v2.0.3 // indirect
126-
github.com/jgautheron/goconst v1.6.0 // indirect
127-
github.com/jingyugao/rowserrcheck v1.1.1 // indirect
128-
github.com/jirfag/go-printf-func-name v0.0.0-20200119135958-7558a9eaa5af // indirect
12958
github.com/jmoiron/sqlx v1.3.5 // indirect
130-
github.com/julz/importas v0.1.0 // indirect
131-
github.com/kisielk/errcheck v1.6.3 // indirect
132-
github.com/kisielk/gotool v1.0.0 // indirect
133-
github.com/kkHAIKE/contextcheck v1.1.4 // indirect
13459
github.com/klauspost/compress v1.17.4 // indirect
135-
github.com/kulti/thelper v0.6.3 // indirect
136-
github.com/kunwardeep/paralleltest v1.0.8 // indirect
137-
github.com/kyoh86/exportloopref v0.1.11 // indirect
138-
github.com/ldez/gomoddirectives v0.2.3 // indirect
139-
github.com/ldez/tagliatelle v0.5.0 // indirect
140-
github.com/leonklingele/grouper v1.1.1 // indirect
141-
github.com/lufeee/execinquery v1.2.1 // indirect
142-
github.com/macabu/inamedparam v0.1.2 // indirect
14360
github.com/magiconair/properties v1.8.7 // indirect
144-
github.com/maratori/testableexamples v1.0.0 // indirect
145-
github.com/maratori/testpackage v1.1.1 // indirect
146-
github.com/matoous/godox v0.0.0-20230222163458-006bad1f9d26 // indirect
14761
github.com/mattn/go-colorable v0.1.13 // indirect
14862
github.com/mattn/go-isatty v0.0.20 // indirect
149-
github.com/mattn/go-runewidth v0.0.13 // indirect
15063
github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
151-
github.com/mbilski/exhaustivestruct v1.2.0 // indirect
152-
github.com/mgechev/revive v1.3.4 // indirect
15364
github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
154-
github.com/mitchellh/go-homedir v1.1.0 // indirect
15565
github.com/mitchellh/mapstructure v1.5.0 // indirect
156-
github.com/moricho/tparallel v0.3.1 // indirect
157-
github.com/nakabonne/nestif v0.3.1 // indirect
158-
github.com/nishanths/exhaustive v0.11.0 // indirect
159-
github.com/nishanths/predeclared v0.2.2 // indirect
160-
github.com/nunnatsa/ginkgolinter v0.14.1 // indirect
161-
github.com/olekukonko/tablewriter v0.0.5 // indirect
16266
github.com/onsi/ginkgo v1.16.4 // indirect
16367
github.com/onsi/gomega v1.28.1 // indirect
16468
github.com/pelletier/go-toml v1.9.5 // indirect
16569
github.com/pelletier/go-toml/v2 v2.1.1 // indirect
16670
github.com/pierrec/lz4/v4 v4.1.21 // indirect
16771
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
168-
github.com/polyfloyd/go-errorlint v1.4.5 // indirect
16972
github.com/prometheus/client_golang v1.18.0 // indirect
17073
github.com/prometheus/client_model v0.5.0 // indirect
17174
github.com/prometheus/common v0.45.0 // indirect
17275
github.com/prometheus/procfs v0.12.0 // indirect
173-
github.com/quasilyte/go-ruleguard v0.4.0 // indirect
174-
github.com/quasilyte/gogrep v0.5.0 // indirect
175-
github.com/quasilyte/regex/syntax v0.0.0-20210819130434-b3f0c404a727 // indirect
176-
github.com/quasilyte/stdinfo v0.0.0-20220114132959-f7386bf02567 // indirect
17776
github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
178-
github.com/rivo/uniseg v0.4.4 // indirect
179-
github.com/ryancurrah/gomodguard v1.3.0 // indirect
180-
github.com/ryanrolds/sqlclosecheck v0.5.1 // indirect
18177
github.com/sagikazarmark/locafero v0.4.0 // indirect
18278
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
183-
github.com/sanposhiho/wastedassign/v2 v2.0.7 // indirect
184-
github.com/sashamelentyev/interfacebloat v1.1.0 // indirect
185-
github.com/sashamelentyev/usestdlibvars v1.24.0 // indirect
186-
github.com/securego/gosec/v2 v2.18.2 // indirect
187-
github.com/shazow/go-diff v0.0.0-20160112020656-b6b7b6733b8c // indirect
188-
github.com/sivchari/containedctx v1.0.3 // indirect
189-
github.com/sivchari/nosnakecase v1.7.0 // indirect
190-
github.com/sivchari/tenv v1.7.1 // indirect
191-
github.com/sonatard/noctx v0.0.2 // indirect
19279
github.com/sourcegraph/conc v0.3.0 // indirect
193-
github.com/sourcegraph/go-diff v0.7.0 // indirect
19480
github.com/spf13/afero v1.11.0 // indirect
19581
github.com/spf13/cast v1.6.0 // indirect
19682
github.com/spf13/pflag v1.0.5 // indirect
197-
github.com/ssgreg/nlreturn/v2 v2.2.1 // indirect
198-
github.com/stbenjam/no-sprintf-host-port v0.1.1 // indirect
19983
github.com/stretchr/objx v0.5.1 // indirect
20084
github.com/subosito/gotenv v1.6.0 // indirect
201-
github.com/t-yuki/gocover-cobertura v0.0.0-20180217150009-aaee18c8195c // indirect
202-
github.com/tdakkota/asciicheck v0.2.0 // indirect
203-
github.com/tetafro/godot v1.4.15 // indirect
204-
github.com/timakin/bodyclose v0.0.0-20230421092635-574207250966 // indirect
205-
github.com/timonwong/loggercheck v0.9.4 // indirect
206-
github.com/tomarrell/wrapcheck/v2 v2.8.1 // indirect
207-
github.com/tommy-muehle/go-mnd/v2 v2.5.1 // indirect
208-
github.com/ultraware/funlen v0.1.0 // indirect
209-
github.com/ultraware/whitespace v0.0.5 // indirect
210-
github.com/uudashr/gocognit v1.1.2 // indirect
211-
github.com/vektra/mockery v1.1.2 // indirect
21285
github.com/weppos/publicsuffix-go v0.30.2-0.20230730094716-a20f9abcc222 // indirect
21386
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
21487
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
215-
github.com/xen0n/gosmopolitan v1.2.2 // indirect
216-
github.com/yagipy/maintidx v1.0.0 // indirect
217-
github.com/yeya24/promlinter v0.2.0 // indirect
218-
github.com/ykadowak/zerologlint v0.1.3 // indirect
21988
github.com/zmap/zcrypto v0.0.0-20231219022726-a1f61fb1661c // indirect
22089
github.com/zmap/zlint/v3 v3.6.0 // indirect
221-
gitlab.com/bosi/decorder v0.4.1 // indirect
222-
go-simpler.org/sloglint v0.1.2 // indirect
223-
go.tmz.dev/musttag v0.7.2 // indirect
22490
go.uber.org/multierr v1.11.0 // indirect
225-
go.uber.org/zap v1.26.0 // indirect
226-
golang.org/x/crypto v0.18.0 // indirect
91+
golang.org/x/crypto v0.31.0 // indirect
22792
golang.org/x/exp v0.0.0-20240110193028-0dcbfd608b1e // indirect
228-
golang.org/x/exp/typeparams v0.0.0-20230307190834-24139beb5833 // indirect
229-
golang.org/x/mod v0.14.0 // indirect
230-
golang.org/x/net v0.20.0 // indirect
231-
golang.org/x/sync v0.5.0 // indirect
232-
golang.org/x/sys v0.16.0 // indirect
233-
golang.org/x/term v0.16.0 // indirect
234-
golang.org/x/text v0.14.0 // indirect
235-
golang.org/x/tools v0.16.0 // indirect
93+
golang.org/x/net v0.33.0 // indirect
94+
golang.org/x/sync v0.10.0 // indirect
95+
golang.org/x/sys v0.28.0 // indirect
96+
golang.org/x/term v0.27.0 // indirect
97+
golang.org/x/text v0.21.0 // indirect
23698
google.golang.org/genproto/googleapis/rpc v0.0.0-20240108191215-35c7eff3a6b1 // indirect
23799
google.golang.org/grpc v1.60.1 // indirect
238100
google.golang.org/protobuf v1.32.0 // indirect
239101
gopkg.in/ini.v1 v1.67.0 // indirect
240102
gopkg.in/yaml.v3 v3.0.1 // indirect
241-
honnef.co/go/tools v0.4.6 // indirect
242-
mvdan.cc/gofumpt v0.5.0 // indirect
243-
mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed // indirect
244-
mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b // indirect
245-
mvdan.cc/unparam v0.0.0-20221223090309-7455f1af531d // indirect
246103
)
247104

248-
replace google.golang.org/grpc => google.golang.org/grpc v1.29.0
105+
replace google.golang.org/grpc => google.golang.org/grpc v1.58.3

0 commit comments

Comments
 (0)