Bump go-kit to 0.12.0

Through the dependency on go-kit/k...@v0.11.0, jaegertracing/jaeger depends on github.com/dgrijalva/jwt-go. There are a slew of vulns against that repo and it is abandoned in favour of https://github.com/golang-jwt/jwt . go-kit 0.12.0 upgrades to the new repo, so this commit bumps go kit to 0.12.0 to mitigate this Signed-off-by: sinkingpoint <colin@quirl.co.nz>
jaegertracing · Jun 22, 2022 · 609acd9 · 609acd9
1 parent dfcded2
commit 609acd9
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 118 deletions.
diff --git a/go.mod b/go.mod
@@ -59,7 +59,7 @@ require (
 )
 
 require (
-	github.com/HdrHistogram/hdrhistogram-go v1.0.1 // indirect
+	github.com/HdrHistogram/hdrhistogram-go v1.1.2 // indirect
 	github.com/VividCortex/gohistogram v1.0.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
 	github.com/benbjohnson/clock v1.3.0 // indirect
@@ -75,7 +75,7 @@ require (
 	github.com/eapache/queue v1.1.0 // indirect
 	github.com/fatih/color v1.13.0 // indirect
 	github.com/felixge/httpsnoop v1.0.2 // indirect
-	github.com/go-kit/kit v0.11.0 // indirect
+	github.com/go-kit/kit v0.12.0 // indirect
 	github.com/go-logr/logr v1.2.3 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/analysis v0.21.2 // indirect