Skip to content

Commit

Permalink
Fix jwt-go security vulnerability (#129)
Browse files Browse the repository at this point in the history 
/cherry-pick

Signed-off-by: 1gtm <1gtm@appscode.com>
  • Loading branch information
@1gtm
1gtm committed Oct 9, 2021
1 parent 065a6d3 commit e5b1aae
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 4 deletions.
4 changes: 3 additions & 1 deletion go.mod
View file
Expand Up @@ -137,6 +137,8 @@ replace sigs.k8s.io/application => github.com/kmodules/application v0.8.4-0.2021

replace github.com/satori/go.uuid => github.com/gofrs/uuid v4.0.0+incompatible

replace github.com/dgrijalva/jwt-go => github.com/golang-jwt/jwt v3.2.2+incompatible
replace github.com/dgrijalva/jwt-go => github.com/gomodules/jwt v3.2.2+incompatible

replace github.com/form3tech-oss/jwt-go => github.com/form3tech-oss/jwt-go v3.2.5+incompatible

replace github.com/golang-jwt/jwt => github.com/golang-jwt/jwt v3.2.2+incompatible
4 changes: 2 additions & 2 deletions go.sum
View file
Expand Up @@ -234,8 +234,6 @@ github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5x
github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b h1:VKtxabqXZkF25pY9ekfRL6a582T4P37/31XEstQ5p58=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
Expand All @@ -252,6 +250,8 @@ github.com/golang/protobuf v1.4.3 h1:JjCZWpVbqXDqFVmTfYWEVTMIYrL/NPdPSCHPJ0T/raM
github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/golangplus/testing v0.0.0-20180327235837-af21d9c3145e/go.mod h1:0AA//k/eakGydO4jKRoRL2j92ZKSzTgj9tclaCrvXHk=
github.com/gomodules/jwt v3.2.2+incompatible h1:tEQKHcGKfDKsHLf5VmQvKf3YTmQPNt9GP5b4YF2jyDs=
github.com/gomodules/jwt v3.2.2+incompatible/go.mod h1:cOm5eKP+RVgQveNVZfQ7ZEc5KPmk2F2i/JNDKlkzzDQ=
github.com/gomodules/validate v0.19.8-1.16/go.mod h1:8DJv2CVJQ6kGNpFW6eV9N3JviE1C85nY1c2z52x1Gk4=
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/btree v1.0.0 h1:0udJVsspx3VBr5FwtLhQQtuAsVc79tTq0ocGIPAU6qo=
Expand Down
3 changes: 2 additions & 1 deletion vendor/modules.txt
View file
Expand Up @@ -904,5 +904,6 @@ sigs.k8s.io/yaml
# k8s.io/utils => k8s.io/utils v0.0.0-20201110183641-67b214c5f920
# sigs.k8s.io/application => github.com/kmodules/application v0.8.4-0.20210427030912-90eeee3bc4ad
# github.com/satori/go.uuid => github.com/gofrs/uuid v4.0.0+incompatible
# github.com/dgrijalva/jwt-go => github.com/golang-jwt/jwt v3.2.2+incompatible
# github.com/dgrijalva/jwt-go => github.com/gomodules/jwt v3.2.2+incompatible
# github.com/form3tech-oss/jwt-go => github.com/form3tech-oss/jwt-go v3.2.5+incompatible
# github.com/golang-jwt/jwt => github.com/golang-jwt/jwt v3.2.2+incompatible

0 comments on commit e5b1aae

Please sign in to comment.