Skip to content

Commit 60f8334

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request kubernetes-sigs#4108 from zac-nixon/znixon/vuln-fix
update helm to upgrade containerd
2 parents 858b93b + 7b6a197 commit 60f8334

File tree

2 files changed

+201
-291
lines changed

2 files changed

+201
-291
lines changed

go.mod

+60-62
Original file line numberDiff line numberDiff line change
@@ -19,45 +19,45 @@ require (
1919
github.com/aws/aws-sdk-go-v2/service/wafregional v1.23.3
2020
github.com/aws/aws-sdk-go-v2/service/wafv2 v1.51.4
2121
github.com/aws/smithy-go v1.22.2
22-
github.com/evanphx/json-patch v5.7.0+incompatible
22+
github.com/evanphx/json-patch v5.9.0+incompatible
2323
github.com/gavv/httpexpect/v2 v2.9.0
2424
github.com/go-logr/logr v1.4.2
2525
github.com/golang/mock v1.6.0
2626
github.com/google/go-cmp v0.6.0
2727
github.com/google/uuid v1.6.0
28-
github.com/onsi/ginkgo/v2 v2.19.0
29-
github.com/onsi/gomega v1.33.1
28+
github.com/onsi/ginkgo/v2 v2.21.0
29+
github.com/onsi/gomega v1.35.1
3030
github.com/pkg/errors v0.9.1
3131
github.com/prometheus/client_golang v1.20.4
3232
github.com/spf13/pflag v1.0.5
33-
github.com/stretchr/testify v1.9.0
34-
go.uber.org/zap v1.26.0
35-
golang.org/x/time v0.5.0
33+
github.com/stretchr/testify v1.10.0
34+
go.uber.org/zap v1.27.0
35+
golang.org/x/time v0.7.0
3636
gomodules.xyz/jsonpatch/v2 v2.4.0
37-
helm.sh/helm/v3 v3.15.0
38-
k8s.io/api v0.31.3
39-
k8s.io/apimachinery v0.31.3
40-
k8s.io/cli-runtime v0.30.0
41-
k8s.io/client-go v0.31.3
37+
helm.sh/helm/v3 v3.17.2
38+
k8s.io/api v0.32.2
39+
k8s.io/apimachinery v0.32.2
40+
k8s.io/cli-runtime v0.32.2
41+
k8s.io/client-go v0.32.2
4242
k8s.io/klog/v2 v2.130.1
43-
k8s.io/utils v0.0.0-20240711033017-18e509b52bc8
43+
k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738
4444
sigs.k8s.io/controller-runtime v0.19.3
4545
sigs.k8s.io/yaml v1.4.0
4646
)
4747

4848
require (
49+
dario.cat/mergo v1.0.1 // indirect
4950
github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect
50-
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
51-
github.com/BurntSushi/toml v1.3.2 // indirect
51+
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
52+
github.com/BurntSushi/toml v1.4.0 // indirect
5253
github.com/MakeNowJust/heredoc v1.0.0 // indirect
5354
github.com/Masterminds/goutils v1.1.1 // indirect
54-
github.com/Masterminds/semver/v3 v3.2.1 // indirect
55-
github.com/Masterminds/sprig/v3 v3.2.3 // indirect
55+
github.com/Masterminds/semver/v3 v3.3.0 // indirect
56+
github.com/Masterminds/sprig/v3 v3.3.0 // indirect
5657
github.com/Masterminds/squirrel v1.5.4 // indirect
57-
github.com/Microsoft/hcsshim v0.11.4 // indirect
5858
github.com/ajg/form v1.5.1 // indirect
5959
github.com/andybalholm/brotli v1.0.4 // indirect
60-
github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 // indirect
60+
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
6161
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect
6262
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect
6363
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
@@ -66,22 +66,25 @@ require (
6666
github.com/aws/aws-sdk-go-v2/service/sso v1.22.4 // indirect
6767
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.4 // indirect
6868
github.com/beorn7/perks v1.0.1 // indirect
69+
github.com/blang/semver/v4 v4.0.0 // indirect
6970
github.com/cespare/xxhash/v2 v2.3.0 // indirect
7071
github.com/chai2010/gettext-go v1.0.2 // indirect
71-
github.com/containerd/containerd v1.7.12 // indirect
72+
github.com/containerd/containerd v1.7.27 // indirect
73+
github.com/containerd/errdefs v0.3.0 // indirect
7274
github.com/containerd/log v0.1.0 // indirect
73-
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
75+
github.com/containerd/platforms v0.2.1 // indirect
76+
github.com/cyphar/filepath-securejoin v0.3.6 // indirect
7477
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
75-
github.com/docker/cli v24.0.6+incompatible // indirect
76-
github.com/docker/distribution v2.8.2+incompatible // indirect
77-
github.com/docker/docker v24.0.9+incompatible // indirect
78+
github.com/distribution/reference v0.6.0 // indirect
79+
github.com/docker/cli v25.0.1+incompatible // indirect
80+
github.com/docker/distribution v2.8.3+incompatible // indirect
81+
github.com/docker/docker v25.0.6+incompatible // indirect
7882
github.com/docker/docker-credential-helpers v0.7.0 // indirect
79-
github.com/docker/go-connections v0.4.0 // indirect
83+
github.com/docker/go-connections v0.5.0 // indirect
8084
github.com/docker/go-metrics v0.0.1 // indirect
81-
github.com/docker/go-units v0.5.0 // indirect
8285
github.com/emicklei/go-restful/v3 v3.12.0 // indirect
8386
github.com/evanphx/json-patch/v5 v5.9.0 // indirect
84-
github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect
87+
github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect
8588
github.com/fatih/color v1.17.0 // indirect
8689
github.com/fatih/structs v1.1.0 // indirect
8790
github.com/felixge/httpsnoop v1.0.4 // indirect
@@ -96,26 +99,24 @@ require (
9699
github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
97100
github.com/gobwas/glob v0.2.3 // indirect
98101
github.com/gogo/protobuf v1.3.2 // indirect
99-
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
100102
github.com/golang/protobuf v1.5.4 // indirect
101103
github.com/google/btree v1.0.1 // indirect
102104
github.com/google/gnostic-models v0.6.8 // indirect
103105
github.com/google/go-querystring v1.1.0 // indirect
104106
github.com/google/gofuzz v1.2.0 // indirect
105-
github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af // indirect
107+
github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db // indirect
106108
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
107109
github.com/gorilla/mux v1.8.0 // indirect
108110
github.com/gorilla/websocket v1.5.1 // indirect
109111
github.com/gosuri/uitable v0.0.4 // indirect
110-
github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect
112+
github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
111113
github.com/hashicorp/errwrap v1.1.0 // indirect
112114
github.com/hashicorp/go-multierror v1.1.1 // indirect
113-
github.com/huandu/xstrings v1.4.0 // indirect
114-
github.com/imdario/mergo v0.3.16 // indirect
115+
github.com/huandu/xstrings v1.5.0 // indirect
115116
github.com/imkira/go-interpol v1.1.0 // indirect
116117
github.com/inconshreveable/mousetrap v1.1.0 // indirect
117118
github.com/jmespath/go-jmespath v0.4.0 // indirect
118-
github.com/jmoiron/sqlx v1.3.5 // indirect
119+
github.com/jmoiron/sqlx v1.4.0 // indirect
119120
github.com/josharian/intern v1.0.0 // indirect
120121
github.com/json-iterator/go v1.1.12 // indirect
121122
github.com/klauspost/compress v1.17.9 // indirect
@@ -132,28 +133,27 @@ require (
132133
github.com/mitchellh/go-wordwrap v1.0.1 // indirect
133134
github.com/mitchellh/reflectwalk v1.0.2 // indirect
134135
github.com/moby/locker v1.0.1 // indirect
135-
github.com/moby/spdystream v0.4.0 // indirect
136+
github.com/moby/spdystream v0.5.0 // indirect
136137
github.com/moby/term v0.5.0 // indirect
137138
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
138139
github.com/modern-go/reflect2 v1.0.2 // indirect
139140
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
140-
github.com/morikuni/aec v1.0.0 // indirect
141141
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
142142
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
143143
github.com/opencontainers/go-digest v1.0.0 // indirect
144-
github.com/opencontainers/image-spec v1.1.0-rc5 // indirect
144+
github.com/opencontainers/image-spec v1.1.0 // indirect
145145
github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
146146
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
147147
github.com/prometheus/client_model v0.6.1 // indirect
148148
github.com/prometheus/common v0.55.0 // indirect
149149
github.com/prometheus/procfs v0.15.1 // indirect
150-
github.com/rubenv/sql-migrate v1.5.2 // indirect
150+
github.com/rubenv/sql-migrate v1.7.1 // indirect
151151
github.com/russross/blackfriday/v2 v2.1.0 // indirect
152152
github.com/sanity-io/litter v1.5.5 // indirect
153-
github.com/sergi/go-diff v1.1.0 // indirect
154-
github.com/shopspring/decimal v1.3.1 // indirect
153+
github.com/sergi/go-diff v1.2.0 // indirect
154+
github.com/shopspring/decimal v1.4.0 // indirect
155155
github.com/sirupsen/logrus v1.9.3 // indirect
156-
github.com/spf13/cast v1.5.0 // indirect
156+
github.com/spf13/cast v1.7.0 // indirect
157157
github.com/spf13/cobra v1.8.1 // indirect
158158
github.com/valyala/bytebufferpool v1.0.0 // indirect
159159
github.com/valyala/fasthttp v1.34.0 // indirect
@@ -169,33 +169,31 @@ require (
169169
go.opentelemetry.io/otel v1.28.0 // indirect
170170
go.opentelemetry.io/otel/metric v1.28.0 // indirect
171171
go.opentelemetry.io/otel/trace v1.28.0 // indirect
172-
go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
173172
go.uber.org/multierr v1.11.0 // indirect
174-
golang.org/x/crypto v0.31.0 // indirect
175-
golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f // indirect
176-
golang.org/x/net v0.33.0 // indirect
177-
golang.org/x/oauth2 v0.21.0 // indirect
178-
golang.org/x/sync v0.10.0 // indirect
179-
golang.org/x/sys v0.28.0 // indirect
180-
golang.org/x/term v0.27.0 // indirect
181-
golang.org/x/text v0.21.0 // indirect
182-
golang.org/x/tools v0.24.0 // indirect
183-
google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect
173+
golang.org/x/crypto v0.36.0 // indirect
174+
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
175+
golang.org/x/net v0.37.0 // indirect
176+
golang.org/x/oauth2 v0.23.0 // indirect
177+
golang.org/x/sync v0.12.0 // indirect
178+
golang.org/x/sys v0.31.0 // indirect
179+
golang.org/x/term v0.30.0 // indirect
180+
golang.org/x/text v0.23.0 // indirect
181+
golang.org/x/tools v0.26.0 // indirect
182+
google.golang.org/genproto/googleapis/rpc v0.0.0-20240826202546-f6391c0de4c7 // indirect
184183
google.golang.org/grpc v1.66.2 // indirect
185-
google.golang.org/protobuf v1.34.2 // indirect
184+
google.golang.org/protobuf v1.35.2 // indirect
186185
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
187186
gopkg.in/inf.v0 v0.9.1 // indirect
188-
gopkg.in/yaml.v2 v2.4.0 // indirect
189187
gopkg.in/yaml.v3 v3.0.1 // indirect
190-
k8s.io/apiextensions-apiserver v0.31.1 // indirect
191-
k8s.io/apiserver v0.31.1 // indirect
192-
k8s.io/component-base v0.31.1 // indirect
193-
k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108 // indirect
194-
k8s.io/kubectl v0.30.0 // indirect
188+
k8s.io/apiextensions-apiserver v0.32.2 // indirect
189+
k8s.io/apiserver v0.32.2 // indirect
190+
k8s.io/component-base v0.32.2 // indirect
191+
k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect
192+
k8s.io/kubectl v0.32.2 // indirect
195193
moul.io/http2curl/v2 v2.3.0 // indirect
196-
oras.land/oras-go v1.2.4 // indirect
197-
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
198-
sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect
199-
sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect
200-
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
194+
oras.land/oras-go v1.2.5 // indirect
195+
sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect
196+
sigs.k8s.io/kustomize/api v0.18.0 // indirect
197+
sigs.k8s.io/kustomize/kyaml v0.18.1 // indirect
198+
sigs.k8s.io/structured-merge-diff/v4 v4.4.2 // indirect
201199
)

0 commit comments

Comments
 (0)