Skip to content

Commit

Permalink
Update vulnerable deps
Browse files Browse the repository at this point in the history 
Signed-off-by: Tamal Saha <tamal@appscode.com>
  • Loading branch information
@tamalsaha
tamalsaha committed Dec 11, 2022
1 parent 2c846f5 commit 2fa4b08
Show file tree
Hide file tree
Showing 134 changed files with 14,040 additions and 1,630 deletions.
16 changes: 8 additions & 8 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ require (
github.com/robfig/cron/v3 v3.0.1
github.com/spf13/cobra v1.5.0
github.com/spf13/pflag v1.0.5
go.bytebuilders.dev/license-verifier v0.11.0
go.bytebuilders.dev/license-verifier v0.12.1
gomodules.xyz/logs v0.0.6
gomodules.xyz/pointer v0.1.0
gomodules.xyz/x v0.0.14
Expand All @@ -17,11 +17,11 @@ require (
k8s.io/client-go v0.25.1
k8s.io/klog/v2 v2.80.1
kmodules.xyz/authorizer v0.25.0
kmodules.xyz/client-go v0.25.6
kmodules.xyz/client-go v0.25.12
kmodules.xyz/custom-resources v0.25.0
kmodules.xyz/resource-metrics v0.25.0
sigs.k8s.io/controller-runtime v0.13.0
stash.appscode.dev/apimachinery v0.23.0
stash.appscode.dev/apimachinery v0.23.1-0.20221211083833-8be49b48f769
)

require (
Expand Down Expand Up @@ -107,12 +107,12 @@ require (
go.uber.org/multierr v1.6.0 // indirect
go.uber.org/zap v1.21.0 // indirect
golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd // indirect
golang.org/x/net v0.0.0-20220909164309-bea034e7d591 // indirect
golang.org/x/net v0.4.1-0.20221210045730-e1ec361d0b39 // indirect
golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 // indirect
golang.org/x/sys v0.0.0-20220906135438-9e1f76180b77 // indirect
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
golang.org/x/text v0.3.7 // indirect
golang.org/x/sys v0.3.0 // indirect
golang.org/x/term v0.3.0 // indirect
golang.org/x/text v0.5.0 // indirect
golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9 // indirect
gomodules.xyz/clock v0.0.0-20200817085942-06523dba733f // indirect
gomodules.xyz/encoding v0.0.7 // indirect
Expand All @@ -134,7 +134,7 @@ require (
k8s.io/component-helpers v0.25.1 // indirect
k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect
k8s.io/utils v0.0.0-20220823124924-e9cbc92d1a73 // indirect
kmodules.xyz/objectstore-api v0.25.0 // indirect
kmodules.xyz/objectstore-api v0.25.1-0.20221104003322-f0289b5b6ca2 // indirect
kmodules.xyz/offshoot-api v0.25.0 // indirect
kmodules.xyz/prober v0.25.0 // indirect
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.32 // indirect
Expand Down
30 changes: 16 additions & 14 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -494,8 +494,8 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
go.bytebuilders.dev/license-verifier v0.11.0 h1:hCu0TZJz6nWgFYj20l5AZuwAvOvB1++awrHyMfVjXQ8=
go.bytebuilders.dev/license-verifier v0.11.0/go.mod h1:k7d5itEzk8O81PBbIrHXe8oXIm0sajrRvPyTXkINrjs=
go.bytebuilders.dev/license-verifier v0.12.1 h1:2bQJ8naHTv0a04/x+luoabCGQ37VuaccA7Yz5fVPHaU=
go.bytebuilders.dev/license-verifier v0.12.1/go.mod h1:47HPt3RVp9gsujYpOeXi28IsTV5lilZ+EOpuhz/DIJM=
go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU=
go.etcd.io/etcd/api/v3 v3.5.4 h1:OHVyt3TopwtUQ2GKdd5wu3PmmipR4FTwCqoEjSyRdIc=
Expand Down Expand Up @@ -645,8 +645,8 @@ golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qx
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
golang.org/x/net v0.0.0-20220909164309-bea034e7d591 h1:D0B/7al0LLrVC8aWF4+oxpv/m8bc7ViFfVS8/gXGdqI=
golang.org/x/net v0.0.0-20220909164309-bea034e7d591/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
golang.org/x/net v0.4.1-0.20221210045730-e1ec361d0b39 h1:h6TDUk/ULS3xaEwMrL72O9H+aKq9TZF668Thx2lI0zk=
golang.org/x/net v0.4.1-0.20221210045730-e1ec361d0b39/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
Expand Down Expand Up @@ -739,11 +739,12 @@ golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220906135438-9e1f76180b77 h1:C1tElbkWrsSkn3IRl1GCW/gETw1TywWIPgwZtXTZbYg=
golang.org/x/sys v0.0.0-20220906135438-9e1f76180b77/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ=
golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.3.0 h1:qoo4akIqOcDME5bhc/NgxUdovd6BSS2uMsVjB56q1xI=
golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
Expand All @@ -752,8 +753,9 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM=
golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
Expand Down Expand Up @@ -1038,13 +1040,13 @@ k8s.io/utils v0.0.0-20220823124924-e9cbc92d1a73 h1:H9TCJUUx+2VA0ZiD9lvtaX8fthFsM
k8s.io/utils v0.0.0-20220823124924-e9cbc92d1a73/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
kmodules.xyz/authorizer v0.25.0 h1:yRrLtMOdlU1p4mLzaSz5pmSLpBLsVXLQHkUfiME12iQ=
kmodules.xyz/authorizer v0.25.0/go.mod h1:Jb99YsLRJE4R4d8F5fFtlxEaxk0prdSk2LApZl4JdyI=
kmodules.xyz/client-go v0.25.6 h1:59mMNoanKrqOFYqDMtqYU5caFxd+7YrfNqpvyKYWqNE=
kmodules.xyz/client-go v0.25.6/go.mod h1:NgLAVr+IEAFpI9g7FhZF5qG0SG+SBADxknWu5jp0m8M=
kmodules.xyz/client-go v0.25.12 h1:Ym/YUZzA/B3n+4v9dRw77Z2O06cvzzQcpqwRzJKgCQI=
kmodules.xyz/client-go v0.25.12/go.mod h1:6VSRxDP2UqoWUcF0aSpWu3m/56bEUzuuvZUrAxSFBr8=
kmodules.xyz/crd-schema-fuzz v0.25.0 h1:c5ZxNRqJak1bkGhECmyrKpzKGThFMB4088Kynyvngbc=
kmodules.xyz/custom-resources v0.25.0 h1:5JQTEuiv6lC/+VVFNKqzfX4YtJCmN5E7mcNtGnHGVQM=
kmodules.xyz/custom-resources v0.25.0/go.mod h1:ULwzvLmOqZJcPSXKI7iLclYL5eYRlKx8Nbex28Ht19E=
kmodules.xyz/objectstore-api v0.25.0 h1:xT7+SXBqAMtVkfOdp4espHAfZ6MYUC4G1OgzTkURNnU=
kmodules.xyz/objectstore-api v0.25.0/go.mod h1:X5aCkyU91p9TOn4jcWw0cfcJL0HCKd/Z6FJHdzKz1ZU=
kmodules.xyz/objectstore-api v0.25.1-0.20221104003322-f0289b5b6ca2 h1:efc0glYeBw+ok5s5ZecKdB9zgnRo/IvsLlSaQUPQjZE=
kmodules.xyz/objectstore-api v0.25.1-0.20221104003322-f0289b5b6ca2/go.mod h1:X5aCkyU91p9TOn4jcWw0cfcJL0HCKd/Z6FJHdzKz1ZU=
kmodules.xyz/offshoot-api v0.25.0 h1:Svq9da/+sg5afOjpgo9vx2J/Lu90Mo0aFxkdQmgKnGI=
kmodules.xyz/offshoot-api v0.25.0/go.mod h1:ysEBn7LJuT3+s8ynAQA/OG0BSsJugXa6KGtDLMRjlKo=
kmodules.xyz/prober v0.25.0 h1:R5uRLHJEvEtEoogj+vaTAob0Btph6+PX5IlS6hPh8PA=
Expand All @@ -1069,5 +1071,5 @@ sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ih
sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc=
sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=
stash.appscode.dev/apimachinery v0.23.0 h1:wEOxoVsnF7LtOFxgQyvW+5dlVe8bw6kLhUm2LrQM41s=
stash.appscode.dev/apimachinery v0.23.0/go.mod h1:Tb1y/+h1r3+YdBvI5RYIC0tW1b8S+0pIb3iG0X7BOjo=
stash.appscode.dev/apimachinery v0.23.1-0.20221211083833-8be49b48f769 h1:tu1/RYM8IYnzG50MUvvfHk0kQaxWngGe+lhAsCbVzoc=
stash.appscode.dev/apimachinery v0.23.1-0.20221211083833-8be49b48f769/go.mod h1:AdK7wfKZXqlL5g30ceuMw/7nEVW3AOemQVWjc03sI3k=
20 changes: 20 additions & 0 deletions vendor/go.bytebuilders.dev/license-verifier/apis/licenses/register.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
/*
Copyright AppsCode Inc. and Contributors
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package licenses

// GroupName is the group name use in this package
const GroupName = "licenses.appscode.com"
63 changes: 60 additions & 3 deletions vendor/go.bytebuilders.dev/license-verifier/info/lib.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,22 @@ limitations under the License.
package info

import (
"bytes"
"crypto/x509"
"encoding/pem"
"errors"
"io"
"net/http"
"net/url"
"path"
"strconv"
"strings"
"unicode"

"go.bytebuilders.dev/license-verifier/apis/licenses"

apierrors "k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/apimachinery/pkg/util/sets"
)

Expand All @@ -36,9 +46,10 @@ var (
ProductName string // This has been renamed to Features
ProductUID string

prodAddress = "https://byte.builders"
qaAddress = "https://appscode.ninja"
registrationAPIPath = "api/v1/register"
prodAddress = "https://byte.builders"
qaAddress = "https://appscode.ninja"
registrationAPIPath = "api/v1/register"
LicenseIssuerAPIPath = "api/v1/license/issue"
)

func Features() []string {
Expand All @@ -63,6 +74,12 @@ func RegistrationAPIEndpoint() string {
return u.String()
}

func LicenseIssuerAPIEndpoint() string {
u := APIServerAddress()
u.Path = path.Join(u.Path, LicenseIssuerAPIPath)
return u.String()
}

func APIServerAddress() *url.URL {
if SkipLicenseVerification() {
u, _ := url.Parse(qaAddress)
Expand All @@ -71,3 +88,43 @@ func APIServerAddress() *url.URL {
u, _ := url.Parse(prodAddress)
return u
}

func LoadLicenseCA() ([]byte, error) {
if LicenseCA != "" {
return []byte(LicenseCA), nil
}

resp, err := http.Get("https://licenses.appscode.com/certificates/ca.crt")
if err != nil {
return nil, err
}
defer resp.Body.Close()

var buf bytes.Buffer
_, err = io.Copy(&buf, resp.Body)
if err != nil {
return nil, err
}

if resp.StatusCode != http.StatusOK {
return nil, apierrors.NewGenericServerResponse(
resp.StatusCode,
http.MethodPost,
schema.GroupResource{Group: licenses.GroupName, Resource: "License"},
"LicenseCA",
buf.String(),
0,
false,
)
}
return buf.Bytes(), nil
}

func ParseCertificate(data []byte) (*x509.Certificate, error) {
block, _ := pem.Decode(data)
if block == nil {
// This probably is a JWT token, should be check for that when ready
return nil, errors.New("failed to parse certificate PEM")
}
return x509.ParseCertificate(block.Bytes)
}
18 changes: 18 additions & 0 deletions vendor/golang.org/x/net/http2/headermap.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions vendor/golang.org/x/net/http2/hpack/encode.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 2fa4b08

Please sign in to comment.