Skip to content

Commit 75de44c

Browse files
fix: vuln reported for http2 and grpc (#308)
* SNYK-GOLANG-GOLANGORGXNETHTTP2-5953327 * https://snyk.slack.com/archives/C04TMNMNPV0/p1697038962426139 * SNYK-GOLANG-GOOGLEGOLANGORGGRPC-5953328 * https://snyk.slack.com/archives/C04TMNMNPV0/p1697040127890489
1 parent 867df6c commit 75de44c

File tree

4 files changed

+1134
-154
lines changed

4 files changed

+1134
-154
lines changed

go.mod

+8-4
Original file line numberDiff line numberDiff line change
@@ -56,12 +56,16 @@ require (
5656
github.com/skeema/knownhosts v1.1.0 // indirect
5757
github.com/xanzy/ssh-agent v0.3.3 // indirect
5858
github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
59-
golang.org/x/crypto v0.7.0 // indirect
59+
golang.org/x/crypto v0.14.0 // indirect
6060
golang.org/x/mod v0.9.0 // indirect
61-
golang.org/x/net v0.8.0 // indirect
62-
golang.org/x/sys v0.6.0 // indirect
63-
golang.org/x/text v0.8.0 // indirect
61+
golang.org/x/net v0.10.0 // indirect
62+
golang.org/x/sys v0.13.0 // indirect
63+
golang.org/x/text v0.13.0 // indirect
6464
golang.org/x/tools v0.7.0 // indirect
6565
gopkg.in/warnings.v0 v0.1.2 // indirect
6666
gopkg.in/yaml.v2 v2.4.0 // indirect
6767
)
68+
69+
// Fixes:
70+
// SNYK-GOLANG-GOLANGORGXNETHTTP2-5953327
71+
replace golang.org/x/net => golang.org/x/net v0.17.0

go.sum

+14-30
Original file line numberDiff line numberDiff line change
@@ -211,54 +211,38 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t
211211
go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ=
212212
go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
213213
golang.org/x/arch v0.1.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
214-
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
215214
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
216-
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
217215
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
218216
golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
219217
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
220218
golang.org/x/crypto v0.0.0-20220826181053-bd7e27e6170d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
221219
golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw=
222220
golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4=
223-
golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A=
224-
golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
221+
golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
222+
golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
225223
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
226224
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
227225
golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI=
226+
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
228227
golang.org/x/mod v0.9.0 h1:KENHtAZL2y3NLMYZeHY9DW8HW8V+kQyJsY/V9JlKvCs=
229228
golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
230-
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
231-
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
232-
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
233-
golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
234-
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
235-
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
236-
golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
237-
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
238-
golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
239-
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
240-
golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
241-
golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
242-
golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY=
243-
golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ=
244-
golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
229+
golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
230+
golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
245231
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
246232
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
247233
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
248234
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
249235
golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o=
236+
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
250237
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
251238
golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
252-
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
253239
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
254240
golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
255241
golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
256242
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
257243
golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
258244
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
259245
golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
260-
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
261-
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
262246
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
263247
golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
264248
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -268,35 +252,35 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
268252
golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
269253
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
270254
golang.org/x/sys v0.0.0-20220310020820-b874c991c1a5/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
271-
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
272255
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
273256
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
274-
golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
275257
golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
276258
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
277259
golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
278260
golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
279-
golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
280-
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
261+
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
262+
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
263+
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
281264
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
282-
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
283265
golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
284266
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
285267
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
286-
golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw=
268+
golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
269+
golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
287270
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
288271
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
289272
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
290273
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
291274
golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
292275
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
293-
golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68=
294-
golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
276+
golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
277+
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
295278
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
296279
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
297280
golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
298281
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
299282
golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA=
283+
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
300284
golang.org/x/tools v0.7.0 h1:W4OVu8VVOaIO0yzWMNdepAulS7YfoS3Zabrm8DOXXU4=
301285
golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s=
302286
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

vervet-underground/go.mod

+36-25
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ module vervet-underground
33
go 1.20
44

55
require (
6-
cloud.google.com/go/storage v1.22.0
6+
cloud.google.com/go/storage v1.30.1
77
github.com/aws/aws-sdk-go-v2 v1.16.7
88
github.com/aws/aws-sdk-go-v2/config v1.15.14
99
github.com/aws/aws-sdk-go-v2/credentials v1.12.9
@@ -17,20 +17,21 @@ require (
1717
github.com/gorilla/mux v1.8.0
1818
github.com/pkg/errors v0.9.1
1919
github.com/prometheus/client_golang v1.12.1
20-
github.com/prometheus/client_model v0.2.0
20+
github.com/prometheus/client_model v0.4.0
2121
github.com/rs/zerolog v1.26.1
2222
github.com/slok/go-http-metrics v0.10.0
2323
github.com/snyk/vervet/v4 v4.25.1
2424
github.com/spf13/viper v1.11.0
2525
github.com/testcontainers/testcontainers-go v0.13.0
2626
go.uber.org/multierr v1.8.0
27-
google.golang.org/api v0.76.0
27+
google.golang.org/api v0.126.0
2828
)
2929

3030
require (
31-
cloud.google.com/go v0.101.0 // indirect
32-
cloud.google.com/go/compute v1.6.1 // indirect
33-
cloud.google.com/go/iam v0.3.0 // indirect
31+
cloud.google.com/go v0.110.4 // indirect
32+
cloud.google.com/go/compute v1.21.0 // indirect
33+
cloud.google.com/go/compute/metadata v0.2.3 // indirect
34+
cloud.google.com/go/iam v1.1.1 // indirect
3435
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
3536
github.com/Masterminds/semver/v3 v3.1.1 // indirect
3637
github.com/Microsoft/go-winio v0.5.2 // indirect
@@ -52,7 +53,7 @@ require (
5253
github.com/beorn7/perks v1.0.1 // indirect
5354
github.com/bmatcuk/doublestar/v4 v4.2.0 // indirect
5455
github.com/cenkalti/backoff/v4 v4.1.2 // indirect
55-
github.com/cespare/xxhash/v2 v2.1.2 // indirect
56+
github.com/cespare/xxhash/v2 v2.2.0 // indirect
5657
github.com/containerd/cgroups v1.0.1 // indirect
5758
github.com/containerd/containerd v1.5.9 // indirect
5859
github.com/docker/distribution v2.8.1+incompatible // indirect
@@ -64,11 +65,12 @@ require (
6465
github.com/go-openapi/swag v0.21.1 // indirect
6566
github.com/gogo/protobuf v1.3.2 // indirect
6667
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
67-
github.com/golang/protobuf v1.5.2 // indirect
68-
github.com/google/go-cmp v0.5.8 // indirect
68+
github.com/golang/protobuf v1.5.3 // indirect
69+
github.com/google/go-cmp v0.5.9 // indirect
70+
github.com/google/s2a-go v0.1.4 // indirect
6971
github.com/google/uuid v1.3.0 // indirect
70-
github.com/googleapis/gax-go/v2 v2.3.0 // indirect
71-
github.com/googleapis/go-type-adapters v1.0.0 // indirect
72+
github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect
73+
github.com/googleapis/gax-go/v2 v2.11.0 // indirect
7274
github.com/hashicorp/hcl v1.0.0 // indirect
7375
github.com/invopop/yaml v0.2.0 // indirect
7476
github.com/jmespath/go-jmespath v0.4.0 // indirect
@@ -92,26 +94,30 @@ require (
9294
github.com/pelletier/go-toml/v2 v2.0.0-beta.8 // indirect
9395
github.com/prometheus/common v0.34.0 // indirect
9496
github.com/prometheus/procfs v0.7.3 // indirect
95-
github.com/rogpeppe/go-internal v1.8.1 // indirect
97+
github.com/rogpeppe/go-internal v1.9.0 // indirect
9698
github.com/sirupsen/logrus v1.9.0 // indirect
97-
github.com/spf13/afero v1.8.2 // indirect
99+
github.com/spf13/afero v1.9.2 // indirect
98100
github.com/spf13/cast v1.4.1 // indirect
99101
github.com/spf13/jwalterweatherman v1.1.0 // indirect
100102
github.com/spf13/pflag v1.0.5 // indirect
101103
github.com/subosito/gotenv v1.2.0 // indirect
102-
go.opencensus.io v0.23.0 // indirect
104+
go.opencensus.io v0.24.0 // indirect
103105
go.uber.org/atomic v1.9.0 // indirect
104-
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect
105-
golang.org/x/net v0.0.0-20220722155237-a158d28d115b // indirect
106-
golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect
107-
golang.org/x/sys v0.5.0 // indirect
108-
golang.org/x/text v0.7.0 // indirect
109-
golang.org/x/tools v0.1.12 // indirect
110-
golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f // indirect
106+
golang.org/x/crypto v0.14.0 // indirect
107+
golang.org/x/mod v0.11.0 // indirect
108+
golang.org/x/net v0.12.0 // indirect
109+
golang.org/x/oauth2 v0.10.0 // indirect
110+
golang.org/x/sync v0.3.0 // indirect
111+
golang.org/x/sys v0.13.0 // indirect
112+
golang.org/x/text v0.13.0 // indirect
113+
golang.org/x/tools v0.10.0 // indirect
114+
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
111115
google.golang.org/appengine v1.6.7 // indirect
112-
google.golang.org/genproto v0.0.0-20220426171045-31bebdecfb46 // indirect
113-
google.golang.org/grpc v1.46.0 // indirect
114-
google.golang.org/protobuf v1.28.0 // indirect
116+
google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98 // indirect
117+
google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98 // indirect
118+
google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 // indirect
119+
google.golang.org/grpc v1.56.2 // indirect
120+
google.golang.org/protobuf v1.31.0 // indirect
115121
gopkg.in/ini.v1 v1.66.4 // indirect
116122
gopkg.in/yaml.v2 v2.4.0 // indirect
117123
gopkg.in/yaml.v3 v3.0.1 // indirect
@@ -141,5 +147,10 @@ replace (
141147

142148
// Fixes:
143149
// SNYK-GOLANG-GOLANGORGXNETHTTP2HPACK-3358253
144-
golang.org/x/net => golang.org/x/net v0.7.0
150+
// SNYK-GOLANG-GOLANGORGXNETHTTP2-5953327
151+
golang.org/x/net => golang.org/x/net v0.17.0
152+
153+
// Fixes:
154+
// SNYK-GOLANG-GOOGLEGOLANGORGGRPC-5953328
155+
google.golang.org/grpc => google.golang.org/grpc v1.58.3
145156
)

0 commit comments

Comments
 (0)