Skip to content

Commit

Permalink
chore: bump google.golang.org/grpc to mitigate DoS vulnerability (k…
Browse files Browse the repository at this point in the history 
…edacore#5132)

Signed-off-by: Zbynek Roubalik <[email protected]>
  • Loading branch information
@zroubalik
zroubalik authored Oct 26, 2023
1 parent 0006e57 commit 567ea55
Show file tree
Hide file tree
Showing 46 changed files with 1,951 additions and 447 deletions.
15 changes: 9 additions & 6 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ require (
golang.org/x/oauth2 v0.12.0
golang.org/x/sync v0.3.0
google.golang.org/api v0.142.0
google.golang.org/grpc v1.58.2
google.golang.org/grpc v1.59.0
google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.3.0
google.golang.org/protobuf v1.31.0
k8s.io/api v0.28.2
Expand Down Expand Up @@ -123,12 +123,15 @@ replace (
// https://nvd.nist.gov/vuln/detail/CVE-2022-32149
golang.org/x/text => golang.org/x/text v0.13.0

// https://github.com/kedacore/keda/issues/5124
google.golang.org/grpc => google.golang.org/grpc v1.59.0

// Needed for CVE-2022-28948 https://www.cve.org/CVERecord?id=CVE-2022-28948
gopkg.in/yaml.v3 => gopkg.in/yaml.v3 v3.0.1
)

require (
cloud.google.com/go v0.110.6 // indirect
cloud.google.com/go v0.110.7 // indirect
cloud.google.com/go/compute v1.23.0 // indirect
cloud.google.com/go/iam v1.1.1 // indirect
code.cloudfoundry.org/clock v1.0.0 // indirect
Expand Down Expand Up @@ -273,7 +276,7 @@ require (
github.com/samber/lo v1.37.0 // indirect
github.com/shopspring/decimal v1.3.1 // indirect
github.com/sirupsen/logrus v1.9.0 // indirect
github.com/spf13/afero v1.6.0 // indirect
github.com/spf13/afero v1.9.2 // indirect
github.com/spf13/cobra v1.7.0 // indirect
github.com/stoewer/go-strcase v1.2.1 // indirect
github.com/stretchr/objx v0.5.0 // indirect
Expand Down Expand Up @@ -308,7 +311,7 @@ require (
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.26.0 // indirect
golang.org/x/crypto v0.14.0 // indirect
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect
golang.org/x/exp v0.0.0-20220827204233-334a2380cb91 // indirect
golang.org/x/mod v0.12.0 // indirect
golang.org/x/net v0.17.0 // indirect
golang.org/x/sys v0.13.0 // indirect
Expand All @@ -319,8 +322,8 @@ require (
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/genproto v0.0.0-20230803162519-f966b187b2e5 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20230803162519-f966b187b2e5 // indirect
google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20230913181813-007df8e322eb // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
Expand Down
1,385 changes: 1,348 additions & 37 deletions go.sum
View file

Large diffs are not rendered by default.

84 changes: 62 additions & 22 deletions vendor/cloud.google.com/go/internal/.repo-metadata-full.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

26 changes: 0 additions & 26 deletions vendor/github.com/spf13/afero/.travis.yml
View file

This file was deleted.

18 changes: 15 additions & 3 deletions vendor/github.com/spf13/afero/README.md
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions vendor/github.com/spf13/afero/afero.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 567ea55

Please sign in to comment.