Skip to content

Commit 433560f

Browse files
jalsethjalseth
authored
build(deps): bump github.com/hashicorp/go-getter to v1.7.3 (#899)
This bumps the indirect dependency on golang.org/x/crypto to v0.17.0 which addresses CVE-2023-48795. Signed-off-by: James Alseth <james@jalseth.me>
1 parent 6e5f656 commit 433560f

File tree

2 files changed

+63
-51
lines changed

2 files changed

+63
-51
lines changed

go.mod

Lines changed: 21 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ require (
1414
github.com/go-ini/ini v1.67.0
1515
github.com/google/go-cmp v0.6.0
1616
github.com/google/go-jsonnet v0.20.0
17-
github.com/hashicorp/go-getter v1.7.2
17+
github.com/hashicorp/go-getter v1.7.3
1818
github.com/hashicorp/hcl v1.0.0
1919
github.com/jstemmer/go-junit-report v1.0.0
2020
github.com/logrusorgru/aurora v2.0.3+incompatible
@@ -39,17 +39,17 @@ require (
3939
)
4040

4141
require (
42-
cloud.google.com/go v0.110.8 // indirect
43-
cloud.google.com/go/compute v1.23.0 // indirect
42+
cloud.google.com/go v0.111.0 // indirect
43+
cloud.google.com/go/compute v1.23.3 // indirect
4444
cloud.google.com/go/compute/metadata v0.2.3 // indirect
45-
cloud.google.com/go/iam v1.1.2 // indirect
46-
cloud.google.com/go/storage v1.30.1 // indirect
45+
cloud.google.com/go/iam v1.1.5 // indirect
46+
cloud.google.com/go/storage v1.36.0 // indirect
4747
github.com/OneOfOne/xxhash v1.2.8 // indirect
4848
github.com/agext/levenshtein v1.2.3 // indirect
4949
github.com/agnivade/levenshtein v1.1.1 // indirect
5050
github.com/anchore/go-struct-converter v0.0.0-20221118182256-c68fdcfa2092 // indirect
5151
github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
52-
github.com/aws/aws-sdk-go v1.44.258 // indirect
52+
github.com/aws/aws-sdk-go v1.49.6 // indirect
5353
github.com/beorn7/perks v1.0.1 // indirect
5454
github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
5555
github.com/bitly/go-simplejson v0.5.0 // indirect
@@ -59,6 +59,7 @@ require (
5959
github.com/docker/docker v23.0.3+incompatible // indirect
6060
github.com/docker/go-connections v0.4.0 // indirect
6161
github.com/docker/go-units v0.5.0 // indirect
62+
github.com/felixge/httpsnoop v1.0.4 // indirect
6263
github.com/fsnotify/fsnotify v1.7.0 // indirect
6364
github.com/go-logr/logr v1.3.0 // indirect
6465
github.com/go-logr/stdr v1.2.2 // indirect
@@ -67,9 +68,9 @@ require (
6768
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
6869
github.com/golang/protobuf v1.5.3 // indirect
6970
github.com/google/flatbuffers v22.9.29+incompatible // indirect
70-
github.com/google/s2a-go v0.1.4 // indirect
71+
github.com/google/s2a-go v0.1.7 // indirect
7172
github.com/google/uuid v1.5.0 // indirect
72-
github.com/googleapis/enterprise-certificate-proxy v0.2.4 // indirect
73+
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
7374
github.com/googleapis/gax-go/v2 v2.12.0 // indirect
7475
github.com/gorilla/mux v1.8.1 // indirect
7576
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
@@ -78,7 +79,7 @@ require (
7879
github.com/hashicorp/hcl/v2 v2.17.0 // indirect
7980
github.com/inconshreveable/mousetrap v1.1.0 // indirect
8081
github.com/jmespath/go-jmespath v0.4.0 // indirect
81-
github.com/klauspost/compress v1.16.5 // indirect
82+
github.com/klauspost/compress v1.17.4 // indirect
8283
github.com/mattn/go-runewidth v0.0.14 // indirect
8384
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
8485
github.com/mitchellh/go-homedir v1.1.0 // indirect
@@ -106,22 +107,25 @@ require (
106107
github.com/yashtewari/glob-intersection v0.2.0 // indirect
107108
github.com/zclconf/go-cty v1.13.2 // indirect
108109
go.opencensus.io v0.24.0 // indirect
110+
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.1 // indirect
111+
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 // indirect
109112
go.opentelemetry.io/otel v1.21.0 // indirect
110113
go.opentelemetry.io/otel/metric v1.21.0 // indirect
111114
go.opentelemetry.io/otel/sdk v1.21.0 // indirect
112115
go.opentelemetry.io/otel/trace v1.21.0 // indirect
113-
golang.org/x/crypto v0.16.0 // indirect
116+
golang.org/x/crypto v0.17.0 // indirect
114117
golang.org/x/net v0.19.0 // indirect
115-
golang.org/x/oauth2 v0.13.0 // indirect
116-
golang.org/x/sync v0.4.0 // indirect
118+
golang.org/x/oauth2 v0.15.0 // indirect
119+
golang.org/x/sync v0.5.0 // indirect
117120
golang.org/x/sys v0.15.0 // indirect
118121
golang.org/x/text v0.14.0 // indirect
119-
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
120-
google.golang.org/api v0.128.0 // indirect
122+
golang.org/x/time v0.5.0 // indirect
123+
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
124+
google.golang.org/api v0.154.0 // indirect
121125
google.golang.org/appengine v1.6.8 // indirect
122-
google.golang.org/genproto v0.0.0-20231002182017-d307bd883b97 // indirect
123-
google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97 // indirect
124-
google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 // indirect
126+
google.golang.org/genproto v0.0.0-20231212172506-995d672761c0 // indirect
127+
google.golang.org/genproto/googleapis/api v0.0.0-20231212172506-995d672761c0 // indirect
128+
google.golang.org/genproto/googleapis/rpc v0.0.0-20231212172506-995d672761c0 // indirect
125129
google.golang.org/grpc v1.60.1 // indirect
126130
gopkg.in/ini.v1 v1.67.0 // indirect
127131
gopkg.in/yaml.v2 v2.4.0 // indirect

0 commit comments

Comments
 (0)