-
Notifications
You must be signed in to change notification settings - Fork 506
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
go.mod: bump dependencies to latest version #312
Conversation
github.com/pkg/sftp v1.10.1 | ||
golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586 | ||
golang.org/x/text v0.3.3 | ||
github.com/pkg/sftp v1.13.1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This also fixes a security vulnerability marked by Snyk, which has been fixed in v1.11.0.
To fix snyk security scan. Upstream update is pending here: spf13/afero#312 Signed-off-by: Mateusz Gozdek <[email protected]>
To fix snyk security scan. Upstream update is pending here: spf13/afero#312 Signed-off-by: Mateusz Gozdek <[email protected]>
* Make golangci.yml effective again Signed-off-by: Mateusz Gozdek <[email protected]> * internal/utils: remove dead code Signed-off-by: Mateusz Gozdek <[email protected]> * internal: fix found linter warnings After making linter configuration effective, linter popped up new issues. This commit addresses them in a minimal way. Signed-off-by: Mateusz Gozdek <[email protected]> * Hide goreleaser.yml file As usually it is hidden. Signed-off-by: Mateusz Gozdek <[email protected]> * Update Go Kubernetes modules to v1.22.0 As part of #45 Signed-off-by: Mateusz Gozdek <[email protected]> * go.mod: update viper to latest version Signed-off-by: Mateusz Gozdek <[email protected]> * go.mod: update nri-kubernetes to latest version Signed-off-by: Mateusz Gozdek <[email protected]> * .github/workflows/push_pr.yml: fix link to Kubernetes releases Previous link now redirects to new link and old link will be not available by the end of this year. Signed-off-by: Mateusz Gozdek <[email protected]> * deploy: make manifests compatible with Kubernetes v1.22+ As part of #45. Signed-off-by: Mateusz Gozdek <[email protected]> * .github/workflows/push_pr.yml: test against Kubernetes v1.22.X Closes #45 Signed-off-by: Mateusz Gozdek <[email protected]> * .golangci.yml: increase timeout Closes #38 Signed-off-by: Mateusz Gozdek <[email protected]> * go.mod: force-update github.com/pkg/sftp to latest version To fix snyk security scan. Upstream update is pending here: spf13/afero#312 Signed-off-by: Mateusz Gozdek <[email protected]> * .github/workflows/push_pr.yml: drop support for Kubernetes v1.15 Signed-off-by: Mateusz Gozdek <[email protected]> * .github/workflows/push_pr.yml: bump patch versions for Kubernetes Signed-off-by: Mateusz Gozdek <[email protected]>
github.com/pkg/sftp to v1.13.1 (this fixes a security vulnerability) golang.org/x/crypto to v0.0.0-20211108221036-ceb1ce70b4fa golang.org/x/text to v0.3.7
Updated to the latest versions of all dependencies as of today: github.com/pkg/sftp to v1.13.1 (this fixes a security vulnerability as pointed out by @invidian) Could one of the maintainers please take a look? /cc @spf13 @Kargakis |
No description provided.