Request to upgrade EOL dependency github.com/munnerz/goautoneg:20191010-snapshot-a7dc8b61

[ShivaliBandi]

We are using github.com/prometheus/client_golang:v1.19.1 and during a security and version compliance assessment, we identified that it depends on github.com/munnerz/goautoneg:20191010-snapshot-a7dc8b61, which is End of Life (EOL) and no longer actively maintained.

This dependency also exists indirectly through github.com/prometheus/common:v0.55.0.

To maintain compliance and ensure long-term security, it is recommended to upgrade or replace this EOL dependency.

Details

Parent Component:

github.com/prometheus/client_golang:v1.19.1

github.com/prometheus/common:v0.55.0

EOL Dependency:

github.com/munnerz/goautoneg:20191010-snapshot-a7dc8b61

Impact:
Using an EOL dependency may expose projects to potential security, compatibility, and maintenance issues.

Request

Please consider upgrading github.com/munnerz/goautoneg to a maintained version or replace it with an actively supported alternative.

If an upgrade path already exists, kindly share guidance so dependent projects can align accordingly.