Skip to content

Commit 9f46e4e

Browse files
vroldanbetvroldanbet
committed
Fix CVE in x/net and SpiceDB
1 parent 5f573aa commit 9f46e4e

File tree

2 files changed

+184
-179
lines changed

2 files changed

+184
-179
lines changed

go.mod

+49-51
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,15 @@
11
module github.com/authzed/zed
22

3-
go 1.21
4-
5-
toolchain go1.21.3
3+
go 1.22.2
64

75
require (
86
github.com/99designs/keyring v1.2.2
97
github.com/TylerBrock/colorjson v0.0.0-20200706003622-8a50f05110d2
108
github.com/authzed/authzed-go v0.11.2-0.20240320204618-9622b72a72c6
119
github.com/authzed/grpcutil v0.0.0-20240123194739-2ea1e3d2d98b
12-
github.com/authzed/spicedb v1.29.5
10+
github.com/authzed/spicedb v1.31.0
1311
github.com/brianvoe/gofakeit/v6 v6.28.0
14-
github.com/cenkalti/backoff/v4 v4.2.1
12+
github.com/cenkalti/backoff/v4 v4.3.0
1513
github.com/charmbracelet/lipgloss v0.9.1
1614
github.com/google/uuid v1.6.0
1715
github.com/gookit/color v1.5.4
@@ -30,25 +28,26 @@ require (
3028
github.com/stretchr/testify v1.9.0
3129
github.com/xlab/treeprint v1.2.0
3230
golang.org/x/exp v0.0.0-20240205201215-2c58cdc269a3
33-
golang.org/x/mod v0.15.0
31+
golang.org/x/mod v0.16.0
3432
golang.org/x/sync v0.6.0
35-
golang.org/x/term v0.17.0
36-
google.golang.org/genproto/googleapis/rpc v0.0.0-20240205150955-31a09d347014
33+
golang.org/x/term v0.19.0
34+
google.golang.org/genproto/googleapis/rpc v0.0.0-20240318140521-94a12d6c2237
3735
google.golang.org/grpc v1.62.1
3836
google.golang.org/protobuf v1.33.0
3937
gopkg.in/yaml.v3 v3.0.1
4038
)
4139

4240
require (
43-
buf.build/gen/go/gogo/protobuf/protocolbuffers/go v1.31.0-20210810001428-4df00b267f94.1 // indirect
44-
buf.build/gen/go/prometheus/prometheus/protocolbuffers/go v1.31.0-20231010075520-899dbbfd2c07.1 // indirect
45-
cloud.google.com/go v0.112.0 // indirect
46-
cloud.google.com/go/compute v1.23.4 // indirect
41+
buf.build/gen/go/gogo/protobuf/protocolbuffers/go v1.33.0-20210810001428-4df00b267f94.1 // indirect
42+
buf.build/gen/go/prometheus/prometheus/protocolbuffers/go v1.33.0-20240125203449-c3402bbea49b.1 // indirect
43+
cloud.google.com/go v0.112.1 // indirect
44+
cloud.google.com/go/compute v1.24.0 // indirect
4745
cloud.google.com/go/compute/metadata v0.2.3 // indirect
4846
cloud.google.com/go/iam v1.1.6 // indirect
4947
cloud.google.com/go/longrunning v0.5.5 // indirect
50-
cloud.google.com/go/spanner v1.56.0 // indirect
48+
cloud.google.com/go/spanner v1.60.0 // indirect
5149
contrib.go.opencensus.io/exporter/prometheus v0.4.2 // indirect
50+
filippo.io/edwards25519 v1.1.0 // indirect
5251
github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 // indirect
5352
github.com/IBM/pgxpoolprometheus v1.1.1 // indirect
5453
github.com/Masterminds/squirrel v1.5.4 // indirect
@@ -59,7 +58,7 @@ require (
5958
github.com/benbjohnson/clock v1.3.5 // indirect
6059
github.com/beorn7/perks v1.0.1 // indirect
6160
github.com/bits-and-blooms/bitset v1.13.0 // indirect
62-
github.com/bits-and-blooms/bloom/v3 v3.6.0 // indirect
61+
github.com/bits-and-blooms/bloom/v3 v3.7.0 // indirect
6362
github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect
6463
github.com/certifi/gocertifi v0.0.0-20210507211836-431795d63e8d // indirect
6564
github.com/cespare/xxhash/v2 v2.2.0 // indirect
@@ -74,11 +73,11 @@ require (
7473
github.com/dustin/go-humanize v1.0.1 // indirect
7574
github.com/dvsekhvalnov/jose2go v1.6.0 // indirect
7675
github.com/ecordell/optgen v0.0.10-0.20230609182709-018141bf9698 // indirect
77-
github.com/emicklei/go-restful/v3 v3.9.0 // indirect
76+
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
7877
github.com/emirpasic/gods v1.18.1 // indirect
7978
github.com/envoyproxy/go-control-plane v0.12.0 // indirect
8079
github.com/envoyproxy/protoc-gen-validate v1.0.4 // indirect
81-
github.com/exaring/otelpgx v0.5.2 // indirect
80+
github.com/exaring/otelpgx v0.5.4 // indirect
8281
github.com/fatih/color v1.16.0 // indirect
8382
github.com/felixge/httpsnoop v1.0.4 // indirect
8483
github.com/fsnotify/fsnotify v1.7.0 // indirect
@@ -91,11 +90,11 @@ require (
9190
github.com/go-openapi/jsonpointer v0.19.6 // indirect
9291
github.com/go-openapi/jsonreference v0.20.2 // indirect
9392
github.com/go-openapi/swag v0.22.3 // indirect
94-
github.com/go-sql-driver/mysql v1.7.1 // indirect
93+
github.com/go-sql-driver/mysql v1.8.1 // indirect
9594
github.com/godbus/dbus v0.0.0-20190726142602-4481cbc300e2 // indirect
9695
github.com/gogo/protobuf v1.3.2 // indirect
9796
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
98-
github.com/golang/protobuf v1.5.3 // indirect
97+
github.com/golang/protobuf v1.5.4 // indirect
9998
github.com/golang/snappy v0.0.4 // indirect
10099
github.com/google/gnostic-models v0.6.8 // indirect
101100
github.com/google/go-cmp v0.6.0 // indirect
@@ -104,10 +103,10 @@ require (
104103
github.com/google/gofuzz v1.2.0 // indirect
105104
github.com/google/s2a-go v0.1.7 // indirect
106105
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
107-
github.com/googleapis/gax-go/v2 v2.12.0 // indirect
106+
github.com/googleapis/gax-go/v2 v2.12.3 // indirect
108107
github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
109-
github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.0.1 // indirect
110-
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
108+
github.com/grpc-ecosystem/go-grpc-middleware/providers/prometheus v1.0.0 // indirect
109+
github.com/grpc-ecosystem/go-grpc-middleware/v2 v2.1.0 // indirect
111110
github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.1 // indirect
112111
github.com/gsterjov/go-libsecret v0.0.0-20161001094733-a6f4afe4910c // indirect
113112
github.com/hashicorp/errwrap v1.1.0 // indirect
@@ -151,18 +150,18 @@ require (
151150
github.com/onsi/gomega v1.31.1 // indirect
152151
github.com/outcaste-io/ristretto v0.2.3 // indirect
153152
github.com/pbnjay/memory v0.0.0-20210728143218-7b4eea64cf58 // indirect
154-
github.com/pelletier/go-toml/v2 v2.1.1 // indirect
153+
github.com/pelletier/go-toml/v2 v2.2.0 // indirect
155154
github.com/pkg/errors v0.9.1 // indirect
156155
github.com/planetscale/vtprotobuf v0.6.0 // indirect
157156
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
158-
github.com/prometheus/client_golang v1.18.0 // indirect
159-
github.com/prometheus/client_model v0.5.0 // indirect
160-
github.com/prometheus/common v0.46.0 // indirect
157+
github.com/prometheus/client_golang v1.19.0 // indirect
158+
github.com/prometheus/client_model v0.6.0 // indirect
159+
github.com/prometheus/common v0.51.1 // indirect
161160
github.com/prometheus/procfs v0.12.0 // indirect
162161
github.com/prometheus/statsd_exporter v0.22.7 // indirect
163162
github.com/rivo/uniseg v0.4.7 // indirect
164-
github.com/rogpeppe/go-internal v1.12.0 // indirect
165163
github.com/rs/cors v1.10.1 // indirect
164+
github.com/rs/xid v1.5.0 // indirect
166165
github.com/sagikazarmark/locafero v0.4.0 // indirect
167166
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
168167
github.com/scylladb/go-set v1.0.2 // indirect
@@ -173,47 +172,46 @@ require (
173172
github.com/spf13/cast v1.6.0 // indirect
174173
github.com/spf13/viper v1.18.2 // indirect
175174
github.com/stoewer/go-strcase v1.3.0 // indirect
176-
github.com/stretchr/objx v0.5.2 // indirect
177175
github.com/subosito/gotenv v1.6.0 // indirect
178176
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
179177
go.opencensus.io v0.24.0 // indirect
180-
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 // indirect
181-
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 // indirect
178+
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.49.0 // indirect
179+
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
182180
go.opentelemetry.io/contrib/propagators/b3 v1.20.0 // indirect
183181
go.opentelemetry.io/contrib/propagators/ot v1.20.0 // indirect
184-
go.opentelemetry.io/otel v1.23.1 // indirect
185-
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0 // indirect
182+
go.opentelemetry.io/otel v1.24.0 // indirect
183+
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.22.0 // indirect
186184
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0 // indirect
187-
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.19.0 // indirect
188-
go.opentelemetry.io/otel/metric v1.23.1 // indirect
189-
go.opentelemetry.io/otel/sdk v1.21.0 // indirect
190-
go.opentelemetry.io/otel/trace v1.23.1 // indirect
185+
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.22.0 // indirect
186+
go.opentelemetry.io/otel/metric v1.24.0 // indirect
187+
go.opentelemetry.io/otel/sdk v1.24.0 // indirect
188+
go.opentelemetry.io/otel/trace v1.24.0 // indirect
191189
go.opentelemetry.io/proto/otlp v1.0.0 // indirect
192190
go.uber.org/atomic v1.11.0 // indirect
193191
go.uber.org/multierr v1.11.0 // indirect
194-
golang.org/x/crypto v0.19.0 // indirect
195-
golang.org/x/net v0.21.0 // indirect
196-
golang.org/x/oauth2 v0.16.0 // indirect
197-
golang.org/x/sys v0.17.0 // indirect
192+
golang.org/x/crypto v0.22.0 // indirect
193+
golang.org/x/net v0.24.0 // indirect
194+
golang.org/x/oauth2 v0.18.0 // indirect
195+
golang.org/x/sys v0.19.0 // indirect
198196
golang.org/x/text v0.14.0 // indirect
199197
golang.org/x/time v0.5.0 // indirect
200198
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
201-
google.golang.org/api v0.161.0 // indirect
199+
google.golang.org/api v0.172.0 // indirect
202200
google.golang.org/appengine v1.6.8 // indirect
203-
google.golang.org/genproto v0.0.0-20240205150955-31a09d347014 // indirect
204-
google.golang.org/genproto/googleapis/api v0.0.0-20240205150955-31a09d347014 // indirect
201+
google.golang.org/genproto v0.0.0-20240213162025-012b6fc9bca9 // indirect
202+
google.golang.org/genproto/googleapis/api v0.0.0-20240311132316-a219d84964c2 // indirect
205203
gopkg.in/inf.v0 v0.9.1 // indirect
206204
gopkg.in/ini.v1 v1.67.0 // indirect
207205
gopkg.in/yaml.v2 v2.4.0 // indirect
208-
k8s.io/api v0.28.1 // indirect
209-
k8s.io/apimachinery v0.28.1 // indirect
210-
k8s.io/client-go v0.28.1 // indirect
211-
k8s.io/klog/v2 v2.100.1 // indirect
212-
k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect
213-
k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 // indirect
206+
k8s.io/api v0.29.0 // indirect
207+
k8s.io/apimachinery v0.29.0 // indirect
208+
k8s.io/client-go v0.29.0 // indirect
209+
k8s.io/klog/v2 v2.110.1 // indirect
210+
k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
211+
k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
214212
resenje.org/singleflight v0.4.1 // indirect
215-
sigs.k8s.io/controller-runtime v0.16.2 // indirect
213+
sigs.k8s.io/controller-runtime v0.17.2 // indirect
216214
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
217-
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
218-
sigs.k8s.io/yaml v1.3.0 // indirect
215+
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
216+
sigs.k8s.io/yaml v1.4.0 // indirect
219217
)

0 commit comments

Comments
 (0)