-
Notifications
You must be signed in to change notification settings - Fork 51
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update dependencies to solve security issues pointed by trivy (#403)
* update all dependencies * replace third-party dependencies * add gomod to be skipped by codespell * fix(dependency): replace etcd to address vulnerability Co-authored-by: paologallinaharbur <paologallina1992@gmail.com>
- Loading branch information
1 parent
c9539b8
commit d54e0d2
Showing
5 changed files
with
785 additions
and
481 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,65 +1,74 @@ | ||
module github.com/newrelic/nri-kubernetes/v3 | ||
|
||
go 1.17 | ||
go 1.18 | ||
|
||
require ( | ||
github.com/google/go-cmp v0.5.7 | ||
github.com/newrelic/infra-integrations-sdk v3.7.2+incompatible | ||
github.com/pkg/errors v0.9.1 | ||
github.com/prometheus/client_model v0.2.0 | ||
github.com/prometheus/prom2json v1.3.0 | ||
github.com/prometheus/prom2json v1.3.1 | ||
github.com/segmentio/go-camelcase v0.0.0-20160726192923-7085f1e3c734 | ||
github.com/sethgrid/pester v1.2.0 | ||
github.com/sirupsen/logrus v1.8.1 | ||
github.com/spf13/viper v1.10.1 | ||
github.com/stretchr/testify v1.7.0 | ||
google.golang.org/protobuf v1.27.1 | ||
k8s.io/api v0.22.3 | ||
k8s.io/apimachinery v0.22.3 | ||
k8s.io/client-go v0.22.3 | ||
k8s.io/kubelet v0.22.3 | ||
github.com/spf13/viper v1.11.0 | ||
github.com/stretchr/testify v1.7.1 | ||
google.golang.org/protobuf v1.28.0 | ||
k8s.io/api v0.23.6 | ||
k8s.io/apimachinery v0.23.6 | ||
k8s.io/client-go v0.23.6 | ||
k8s.io/kubelet v0.23.6 | ||
) | ||
|
||
replace ( | ||
// To avoid CVE-2018-1098 triggering a security scan | ||
go.etcd.io/etcd v3.3.27+incompatible => go.etcd.io/etcd/v3 v3.5.4 | ||
// This is a dependency of golint, trivy is mixing up dependencies | ||
golang.org/x/crypto => golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd | ||
) | ||
|
||
require ( | ||
github.com/davecgh/go-spew v1.1.1 // indirect | ||
github.com/evanphx/json-patch v4.11.0+incompatible // indirect | ||
github.com/evanphx/json-patch v4.12.0+incompatible // indirect | ||
github.com/fsnotify/fsnotify v1.5.1 // indirect | ||
github.com/go-logr/logr v0.4.0 // indirect | ||
github.com/go-logr/logr v1.2.0 // indirect | ||
github.com/gogo/protobuf v1.3.2 // indirect | ||
github.com/golang/protobuf v1.5.2 // indirect | ||
github.com/google/gofuzz v1.1.0 // indirect | ||
github.com/googleapis/gnostic v0.5.5 // indirect | ||
github.com/hashicorp/hcl v1.0.0 // indirect | ||
github.com/imdario/mergo v0.3.5 // indirect | ||
github.com/json-iterator/go v1.1.12 // indirect | ||
github.com/magiconair/properties v1.8.5 // indirect | ||
github.com/magiconair/properties v1.8.6 // indirect | ||
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect | ||
github.com/mitchellh/mapstructure v1.4.3 // indirect | ||
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect | ||
github.com/modern-go/reflect2 v1.0.2 // indirect | ||
github.com/pelletier/go-toml v1.9.4 // indirect | ||
github.com/pelletier/go-toml/v2 v2.0.0-beta.8 // indirect | ||
github.com/pmezard/go-difflib v1.0.0 // indirect | ||
github.com/prometheus/common v0.26.0 // indirect | ||
github.com/spf13/afero v1.6.0 // indirect | ||
github.com/prometheus/common v0.33.0 // indirect | ||
github.com/spf13/afero v1.8.2 // indirect | ||
github.com/spf13/cast v1.4.1 // indirect | ||
github.com/spf13/jwalterweatherman v1.1.0 // indirect | ||
github.com/spf13/pflag v1.0.5 // indirect | ||
github.com/subosito/gotenv v1.2.0 // indirect | ||
golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d // indirect | ||
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 // indirect | ||
golang.org/x/sys v0.0.0-20211210111614-af8b64212486 // indirect | ||
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d // indirect | ||
golang.org/x/net v0.0.0-20220412020605-290c469a71a5 // indirect | ||
golang.org/x/oauth2 v0.0.0-20220411215720-9780585627b5 // indirect | ||
golang.org/x/sys v0.0.0-20220412211240-33da011f77ad // indirect | ||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect | ||
golang.org/x/text v0.3.7 // indirect | ||
golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect | ||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect | ||
golang.org/x/xerrors v0.0.0-20220411194840-2f41105eb62f // indirect | ||
google.golang.org/appengine v1.6.7 // indirect | ||
gopkg.in/inf.v0 v0.9.1 // indirect | ||
gopkg.in/ini.v1 v1.66.2 // indirect | ||
gopkg.in/ini.v1 v1.66.4 // indirect | ||
gopkg.in/yaml.v2 v2.4.0 // indirect | ||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect | ||
k8s.io/klog/v2 v2.9.0 // indirect | ||
k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e // indirect | ||
k8s.io/utils v0.0.0-20210819203725-bdf08cb9a70a // indirect | ||
sigs.k8s.io/structured-merge-diff/v4 v4.1.2 // indirect | ||
k8s.io/klog/v2 v2.30.0 // indirect | ||
k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65 // indirect | ||
k8s.io/utils v0.0.0-20211116205334-6203023598ed // indirect | ||
sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6 // indirect | ||
sigs.k8s.io/structured-merge-diff/v4 v4.2.1 // indirect | ||
sigs.k8s.io/yaml v1.2.0 // indirect | ||
) |
Oops, something went wrong.