From fe008debd96835c31c3597e5865b865dcce2bb18 Mon Sep 17 00:00:00 2001
From: CI <michael@crenshaw.dev>
Date: Mon, 25 Jul 2022 13:56:16 -0400
Subject: [PATCH] fix: avoid CVE-2022-28948

Signed-off-by: CI <michael@crenshaw.dev>
---
 .snyk  | 4 ----
 go.mod | 3 +++
 go.sum | 6 ++----
 3 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/.snyk b/.snyk
index 79bd7ac2b20e7..61286b6338dae 100644
--- a/.snyk
+++ b/.snyk
@@ -28,9 +28,5 @@ ignore:
     - '*':
         reason: >-
           Code is only run client-side. No risk of arbitrary file upload.
-  SNYK-GOLANG-GOPKGINYAMLV2-2840885:
-    - '*':
-        reason: >-
-          The package is used to parse configuration provided by the administrator and hence cannot cause DoS.
 patch: {}
 
diff --git a/go.mod b/go.mod
index 850a3b524dbd4..091983a581a11 100644
--- a/go.mod
+++ b/go.mod
@@ -261,6 +261,9 @@ replace (
 	github.com/grpc-ecosystem/grpc-gateway => github.com/grpc-ecosystem/grpc-gateway v1.16.0
 	github.com/improbable-eng/grpc-web => github.com/improbable-eng/grpc-web v0.0.0-20181111100011-16092bd1d58a
 
+	// Avoid CVE-2022-28948
+	gopkg.in/yaml.v3 => gopkg.in/yaml.v3 v3.0.1
+
 	// https://github.com/kubernetes/kubernetes/issues/79384#issuecomment-505627280
 	k8s.io/api => k8s.io/api v0.24.2
 	k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.24.2
diff --git a/go.sum b/go.sum
index b4ebb5b71f45a..9e2b9f61f645d 100644
--- a/go.sum
+++ b/go.sum
@@ -1831,10 +1831,8 @@ gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
-gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk=
 gotest.tools/v3 v3.0.3 h1:4AuOwCGf4lLR9u3YOe2awrHygurzhO/HeQ6laiA6Sx0=
 gotest.tools/v3 v3.0.3/go.mod h1:Z7Lb0S5l+klDB31fvDQX8ss/FlKDxtlFlw3Oa8Ymbl8=