diff options
Diffstat (limited to 'workhorse/go.mod')
-rw-r--r-- | workhorse/go.mod | 44 |
1 files changed, 31 insertions, 13 deletions
diff --git a/workhorse/go.mod b/workhorse/go.mod index 10a0b13b50e..e2191c1a749 100644 --- a/workhorse/go.mod +++ b/workhorse/go.mod @@ -4,7 +4,7 @@ go 1.17 require ( github.com/Azure/azure-storage-blob-go v0.14.0 - github.com/BurntSushi/toml v1.1.0 + github.com/BurntSushi/toml v1.2.0 github.com/FZambia/sentinel v1.1.0 github.com/alecthomas/chroma/v2 v2.2.0 github.com/aws/aws-sdk-go v1.43.31 @@ -20,13 +20,13 @@ require ( github.com/johannesboyne/gofakes3 v0.0.0-20220627085814-c3ac35da23b2 github.com/jpillora/backoff v1.0.0 github.com/mitchellh/copystructure v1.2.0 - github.com/prometheus/client_golang v1.12.2 + github.com/prometheus/client_golang v1.13.0 github.com/rafaeljusto/redigomock/v3 v3.1.1 github.com/sebest/xff v0.0.0-20210106013422-671bd2870b3a - github.com/sirupsen/logrus v1.8.1 + github.com/sirupsen/logrus v1.9.0 github.com/smartystreets/goconvey v1.7.2 github.com/stretchr/testify v1.8.0 - gitlab.com/gitlab-org/gitaly/v15 v15.1.2 + gitlab.com/gitlab-org/gitaly/v15 v15.2.2 gitlab.com/gitlab-org/golang-archive-zip v0.1.1 gitlab.com/gitlab-org/labkit v1.16.0 gocloud.dev v0.25.0 @@ -34,9 +34,9 @@ require ( golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 golang.org/x/net v0.0.0-20220531201128-c960675eff93 golang.org/x/tools v0.1.11 - google.golang.org/grpc v1.45.0 - google.golang.org/protobuf v1.28.0 - honnef.co/go/tools v0.3.2 + google.golang.org/grpc v1.48.0 + google.golang.org/protobuf v1.28.1 + honnef.co/go/tools v0.3.3 ) require ( @@ -68,15 +68,16 @@ require ( github.com/go-ole/go-ole v1.2.4 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/google/go-cmp v0.5.7 // indirect + github.com/google/go-cmp v0.5.8 // indirect github.com/google/pprof v0.0.0-20210804190019-f964ff605595 // indirect github.com/google/uuid v1.3.0 // indirect github.com/google/wire v0.5.0 // indirect github.com/googleapis/gax-go/v2 v2.2.0 // indirect github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 // indirect - github.com/hashicorp/yamux v0.0.0-20210316155119-a95892c5f864 // indirect + github.com/hashicorp/yamux v0.0.0-20211028200310-0bc27b27de87 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/jtolds/gls v4.20.0+incompatible // indirect + github.com/kr/text v0.2.0 // indirect github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20210210170715-a8dfcb80d3a7 // indirect github.com/lightstep/lightstep-tracer-go v0.25.0 // indirect github.com/mattn/go-ieproxy v0.0.6 // indirect @@ -88,8 +89,8 @@ require ( github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_model v0.2.0 // indirect - github.com/prometheus/common v0.32.1 // indirect - github.com/prometheus/procfs v0.7.3 // indirect + github.com/prometheus/common v0.37.0 // indirect + github.com/prometheus/procfs v0.8.0 // indirect github.com/ryszard/goskiplist v0.0.0-20150312221310-2dfbae5fcf46 // indirect github.com/shabbyrobe/gocovmerge v0.0.0-20190829150210-3e036491d500 // indirect github.com/shirou/gopsutil/v3 v3.21.2 // indirect @@ -97,7 +98,7 @@ require ( github.com/tinylib/msgp v1.1.2 // indirect github.com/tklauser/go-sysconf v0.3.4 // indirect github.com/tklauser/numcpus v0.2.1 // indirect - github.com/uber/jaeger-client-go v2.29.1+incompatible // indirect + github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect github.com/uber/jaeger-lib v2.4.1+incompatible // indirect go.opencensus.io v0.23.0 // indirect go.uber.org/atomic v1.9.0 // indirect @@ -106,7 +107,7 @@ require ( golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a // indirect golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f // indirect - golang.org/x/sys v0.0.0-20220614162138-6c1b26c55098 // indirect + golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect golang.org/x/text v0.3.7 // indirect golang.org/x/time v0.0.0-20220609170525-579cf78fd858 // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect @@ -116,3 +117,20 @@ require ( gopkg.in/DataDog/dd-trace-go.v1 v1.32.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) + +exclude ( + // CVE-2019-0205 + github.com/apache/thrift v0.12.0 + github.com/apache/thrift v0.13.0 + + // CVE-2020-28483 + github.com/gin-gonic/gin v1.4.0 + github.com/gin-gonic/gin v1.6.3 + + // CVE-2021-42576 + github.com/microcosm-cc/bluemonday v1.0.2 + github.com/nats-io/jwt v0.3.0 + + // CVE-2020-26892 + github.com/nats-io/nats-server/v2 v2.1.2 +) |