Skip to content

Commit 5d0019b

Browse files
agneumagneum
committed
fix(engine): mitigate CVE scanner warnings related to Engine
1 parent 93467cc commit 5d0019b

12 files changed

+136
-39
lines changed

go.mod

+13-13
Original file line numberDiff line numberDiff line change
@@ -26,13 +26,13 @@ require (
2626
github.com/stretchr/testify v1.7.0
2727
github.com/testcontainers/testcontainers-go v0.11.1
2828
github.com/urfave/cli/v2 v2.1.1
29-
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2
30-
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
29+
golang.org/x/crypto v0.0.0-20210817164053-32db794688a5
30+
golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f
3131
gopkg.in/yaml.v2 v2.4.0
3232
)
3333

3434
require (
35-
github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
35+
github.com/Azure/go-ansiterm v0.0.0-20210608223527-2377c96fe795 // indirect
3636
github.com/Microsoft/go-winio v0.4.17 // indirect
3737
github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d // indirect
3838
github.com/cenkalti/backoff v2.2.1+incompatible // indirect
@@ -42,7 +42,7 @@ require (
4242
github.com/docker/distribution v2.8.0+incompatible // indirect
4343
github.com/go-ole/go-ole v1.2.4 // indirect
4444
github.com/gogo/protobuf v1.3.2 // indirect
45-
github.com/golang/protobuf v1.5.0 // indirect
45+
github.com/golang/protobuf v1.5.2 // indirect
4646
github.com/google/go-querystring v1.0.0 // indirect
4747
github.com/google/uuid v1.2.0 // indirect
4848
github.com/jackc/chunkreader/v2 v2.0.1 // indirect
@@ -55,25 +55,25 @@ require (
5555
github.com/klauspost/compress v1.11.13 // indirect
5656
github.com/moby/sys/mount v0.3.0 // indirect
5757
github.com/moby/sys/mountinfo v0.5.0 // indirect
58-
github.com/moby/term v0.0.0-20201216013528-df9cb8a40635 // indirect
58+
github.com/moby/term v0.0.0-20210610120745-9d4ed1856297 // indirect
5959
github.com/morikuni/aec v1.0.0 // indirect
6060
github.com/opencontainers/go-digest v1.0.0 // indirect
6161
github.com/opencontainers/image-spec v1.0.2 // indirect
62-
github.com/opencontainers/runc v1.0.2 // indirect
62+
github.com/opencontainers/runc v1.1.0 // indirect
6363
github.com/pmezard/go-difflib v1.0.0 // indirect
6464
github.com/russross/blackfriday/v2 v2.0.1 // indirect
6565
github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
6666
github.com/sirupsen/logrus v1.8.1 // indirect
6767
github.com/stretchr/objx v0.2.0 // indirect
68-
golang.org/x/net v0.0.0-20211108170745-6635138e15ea // indirect
69-
golang.org/x/sys v0.0.0-20211109184856-51b60fd695b3 // indirect
68+
golang.org/x/net v0.0.0-20211216030914-fe4d6282115f // indirect
69+
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e // indirect
7070
golang.org/x/text v0.3.7 // indirect
7171
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
72-
google.golang.org/appengine v1.6.5 // indirect
73-
google.golang.org/genproto v0.0.0-20201110150050-8816d57aaa9a // indirect
74-
google.golang.org/grpc v1.38.0 // indirect
72+
google.golang.org/appengine v1.6.7 // indirect
73+
google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa // indirect
74+
google.golang.org/grpc v1.43.0 // indirect
7575
google.golang.org/protobuf v1.27.1 // indirect
76-
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect
76+
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
7777
)
7878

7979
// Include the single version of the dependency to clean up go.sum from old revisions.
@@ -87,6 +87,6 @@ replace (
8787
github.com/gogo/protobuf => github.com/gogo/protobuf v1.3.2 // mitigate CVE-2021-3121
8888
github.com/opencontainers/image-spec => github.com/opencontainers/image-spec v1.0.2 // mitigate CVE-2021-41190
8989
github.com/opencontainers/runc => github.com/opencontainers/runc v1.0.3 // mitigate CVE-2021-30465
90-
golang.org/x/crypto => golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 // mitigate CVE-2018-16875 and CVE-2020-29652
90+
golang.org/x/crypto => golang.org/x/crypto v0.0.0-20220214200702-86341886e292 // mitigate CVE-2021-43565, CVE-2020-29652, and CVE-2018-16875
9191
k8s.io/kubernetes v1.13.0 => k8s.io/kubernetes v1.23.3 // mitigate CVE-2020-8559 and CVE-2020-8565
9292
)

go.sum

+113-16
Large diffs are not rendered by default.

web/swagger-ui-bundle.js

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

web/swagger-ui-bundle.js.map

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

web/swagger-ui-es-bundle-core.js

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

web/swagger-ui-es-bundle-core.js.map

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

web/swagger-ui-es-bundle.js

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

web/swagger-ui-es-bundle.js.map

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

web/swagger-ui-standalone-preset.js

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

web/swagger-ui-standalone-preset.js.map

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

web/swagger-ui.js

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

web/swagger-ui.js.map

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)