Skip to content

Commit

Permalink
bump up version of docker depdendency (#180)
Browse files Browse the repository at this point in the history 
docker v1.4.2 is quite old and considered vulnerable (CVSv3 > 9) for
some scanners.

This commit bumps up its version and does minor cleanup to go.mod

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
  • Loading branch information
@reasonerjt
reasonerjt committed Sep 28, 2020
1 parent eeb3b5f commit 73b72c5
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 5 deletions.
7 changes: 3 additions & 4 deletions go.mod
View file
Expand Up @@ -3,20 +3,19 @@ module github.com/deislabs/oras
go 1.13

replace (
github.com/Azure/go-autorest => github.com/Azure/go-autorest v13.3.2+incompatible
github.com/Sirupsen/logrus => github.com/sirupsen/logrus v1.4.2
github.com/docker/docker => github.com/moby/moby v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible
github.com/docker/distribution => github.com/docker/distribution v0.0.0-20191216044856-a8371794149d
github.com/docker/docker => github.com/moby/moby v1.4.2-0.20200203170920-46ec8731fbce
)


require (
github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
github.com/Microsoft/hcsshim v0.8.8 // indirect
github.com/containerd/containerd v1.3.2
github.com/containerd/continuity v0.0.0-20200107194136-26c1120b8d41 // indirect
github.com/docker/cli v0.0.0-20200130152716-5d0cf8839492
github.com/docker/distribution v0.0.0-20191216044856-a8371794149d
github.com/docker/docker v1.4.2-0.20200203170920-46ec8731fbce
github.com/docker/docker v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible
github.com/docker/docker-credential-helpers v0.6.3 // indirect
github.com/docker/go-connections v0.4.0 // indirect
github.com/google/go-cmp v0.4.0 // indirect
Expand Down
4 changes: 3 additions & 1 deletion go.sum
View file
Expand Up @@ -4,7 +4,7 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT
github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8=
github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8=
github.com/Azure/go-autorest v13.3.2+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
github.com/Azure/go-autorest v10.8.1+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5 h1:ygIc8M6trr62pF5DucadTWGdEB4mEyvzi0e2nbcmcyA=
github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw=
Expand Down Expand Up @@ -123,6 +123,8 @@ github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f h1:2+myh5ml7lgEU/5
github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A=
github.com/moby/moby v1.4.2-0.20200203170920-46ec8731fbce h1:ZuDDjqUI/HjNqxat753hIMBiy4qm4iFF8hI4xZ/+oY8=
github.com/moby/moby v1.4.2-0.20200203170920-46ec8731fbce/go.mod h1:fDXVQ6+S340veQPv35CzDahGBmHsiclFwfEygB/TWMc=
github.com/moby/moby v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible h1:NT0cwArZg/wGdvY8pzej4tPr+9WGmDdkF8Suj+mkz2g=
github.com/moby/moby v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible/go.mod h1:fDXVQ6+S340veQPv35CzDahGBmHsiclFwfEygB/TWMc=
github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM=
Expand Down

0 comments on commit 73b72c5

Please sign in to comment.