Skip to content

Commit bd89cbb

Browse files
Andreagit97Andreagit97
authored
Merge pull request #233 from StackVista/CVE-fix
address some CVEs bumping deps versions
2 parents 4f8c0a0 + b677892 commit bd89cbb

4 files changed

Lines changed: 71 additions & 65 deletions

File tree

.dockerignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1 +1,2 @@
11
/.go/
2+
.trivy-cache

.gitignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,8 @@ cmd/agent/windows_resources/*.bin
1414
# Rake
1515
.rake_tasks~
1616

17+
.trivy-cache
18+
1719
# file generated at build time by message compiler
1820
process-agent-msg.h
1921
process-agent

go.mod

Lines changed: 24 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
module github.com/StackVista/stackstate-process-agent
22

3-
go 1.24.0
3+
go 1.26.0
44

5-
toolchain go1.24.13
5+
toolchain go1.26.2
66

77
// From datadog-agent-upstream-for-process-agent, replaces done in that go mod file need to be done here too
88
replace github.com/pahanini/go-grpc-bidirectional-streaming-example v0.0.0-20211027164128-cc6111af44be => github.com/DataDog/go-grpc-bidirectional-streaming-example v0.0.0-20221024060302-b9cf785c02fe
@@ -53,7 +53,7 @@ require (
5353
github.com/patrickmn/go-cache v2.1.0+incompatible
5454
github.com/shirou/w32 v0.0.0-20160930032740-bb4de0191aa4 // indirect
5555
github.com/stretchr/testify v1.11.1
56-
golang.org/x/sys v0.39.0
56+
golang.org/x/sys v0.42.0
5757
gopkg.in/yaml.v2 v2.4.0
5858
)
5959

@@ -67,13 +67,12 @@ require (
6767
github.com/Microsoft/hcsshim v0.12.9 // indirect
6868
github.com/awalterschulze/gographviz v2.0.3+incompatible // indirect
6969
github.com/beorn7/perks v1.0.1 // indirect
70-
github.com/containerd/containerd v1.7.23 // indirect
71-
github.com/containerd/continuity v0.4.3 // indirect
70+
github.com/containerd/containerd v1.7.29 // indirect
71+
github.com/containerd/continuity v0.4.4 // indirect
7272
github.com/containerd/fifo v1.1.0 // indirect
73-
github.com/containerd/ttrpc v1.2.5 // indirect
73+
github.com/containerd/ttrpc v1.2.7 // indirect
7474
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
7575
github.com/docker/distribution v2.8.3+incompatible // indirect
76-
github.com/docker/docker v27.4.0+incompatible // indirect
7776
github.com/docker/go-connections v0.5.0 // indirect
7877
github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect
7978
github.com/docker/go-units v0.5.0 // indirect
@@ -142,7 +141,7 @@ require (
142141
github.com/tinylib/msgp v1.2.4 // indirect
143142
github.com/twmb/murmur3 v1.1.8 // indirect
144143
github.com/ugorji/go/codec v1.2.12 // indirect
145-
github.com/ulikunitz/xz v0.5.12 // indirect
144+
github.com/ulikunitz/xz v0.5.15 // indirect
146145
github.com/vishvananda/netlink v1.3.1 // indirect
147146
github.com/vishvananda/netns v0.0.5 // indirect
148147
github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
@@ -154,7 +153,7 @@ require (
154153
golang.org/x/oauth2 v0.34.0 // indirect
155154
golang.org/x/sync v0.19.0 // indirect
156155
golang.org/x/text v0.32.0 // indirect
157-
golang.org/x/time v0.8.0 // indirect
156+
golang.org/x/time v0.12.0 // indirect
158157
golang.org/x/tools v0.39.0 // indirect
159158
golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect
160159
google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 // indirect
@@ -182,12 +181,12 @@ require (
182181
github.com/hashicorp/golang-lru/v2 v2.0.7
183182
github.com/shirou/gopsutil/v4 v4.24.11
184183
go.opentelemetry.io/obi v0.0.0-20250723125336-35639ce473a0
185-
go.opentelemetry.io/otel v1.39.0
184+
go.opentelemetry.io/otel v1.43.0
186185
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.34.0
187186
go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.37.0
188-
go.opentelemetry.io/otel/metric v1.39.0
189-
go.opentelemetry.io/otel/sdk v1.39.0
190-
go.opentelemetry.io/otel/sdk/metric v1.39.0
187+
go.opentelemetry.io/otel/metric v1.43.0
188+
go.opentelemetry.io/otel/sdk v1.43.0
189+
go.opentelemetry.io/otel/sdk/metric v1.43.0
191190
k8s.io/kubelet v0.31.2
192191
)
193192

@@ -197,8 +196,9 @@ require (
197196
code.cloudfoundry.org/garden v0.0.0-20210208153517-580cadd489d2 // indirect
198197
code.cloudfoundry.org/lager v2.0.0+incompatible // indirect
199198
code.cloudfoundry.org/tlsconfig v0.0.0-20200131000646-bbe0f8da39b3 // indirect
199+
cyphar.com/go-pathrs v0.2.1 // indirect
200200
dario.cat/mergo v1.0.1 // indirect
201-
github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect
201+
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect
202202
github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 // indirect
203203
github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c // indirect
204204
github.com/CycloneDX/cyclonedx-go v0.9.1 // indirect
@@ -319,7 +319,7 @@ require (
319319
github.com/cheggaaa/pb/v3 v3.1.5 // indirect
320320
github.com/cilium/ebpf v0.19.0 // indirect
321321
github.com/cloudflare/cbpfc v0.0.0-20240920015331-ff978e94500b // indirect
322-
github.com/cloudflare/circl v1.3.8 // indirect
322+
github.com/cloudflare/circl v1.6.3 // indirect
323323
github.com/cloudfoundry-community/go-cfclient/v2 v2.0.1-0.20230503155151-3d15366c5820 // indirect
324324
github.com/containerd/cgroups/v3 v3.0.4 // indirect
325325
github.com/containerd/containerd/api v1.8.0 // indirect
@@ -335,12 +335,13 @@ require (
335335
github.com/cri-o/ocicni v0.4.3 // indirect
336336
github.com/csaf-poc/csaf_distribution/v3 v3.0.0 // indirect
337337
github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 // indirect
338-
github.com/cyphar/filepath-securejoin v0.3.4 // indirect
338+
github.com/cyphar/filepath-securejoin v0.6.0 // indirect
339339
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
340340
github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect
341341
github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 // indirect
342342
github.com/distribution/reference v0.6.0 // indirect
343343
github.com/docker/cli v27.4.0+incompatible // indirect
344+
github.com/docker/docker v27.4.0+incompatible // indirect
344345
github.com/docker/docker-credential-helpers v0.8.2 // indirect
345346
github.com/ebitengine/purego v0.8.1 // indirect
346347
github.com/emicklei/go-restful/v3 v3.12.1 // indirect
@@ -395,7 +396,7 @@ require (
395396
github.com/justincormack/go-memfd v0.0.0-20170219213707-6e4af0518993 // indirect
396397
github.com/karrick/godirwalk v1.17.0 // indirect
397398
github.com/kevinburke/ssh_config v1.2.0 // indirect
398-
github.com/klauspost/compress v1.18.0 // indirect
399+
github.com/klauspost/compress v1.18.2 // indirect
399400
github.com/knqyf263/go-apk-version v0.0.0-20200609155635-041fdbb8563f // indirect
400401
github.com/knqyf263/go-deb-version v0.0.0-20230223133812-3ed183d23422 // indirect
401402
github.com/knqyf263/go-rpm-version v0.0.0-20220614171824-631e686d1075 // indirect
@@ -423,18 +424,18 @@ require (
423424
github.com/moby/buildkit v0.16.0 // indirect
424425
github.com/moby/docker-image-spec v1.3.1 // indirect
425426
github.com/moby/locker v1.0.1 // indirect
426-
github.com/moby/spdystream v0.4.0 // indirect
427+
github.com/moby/spdystream v0.5.1 // indirect
427428
github.com/moby/sys/mountinfo v0.7.2 // indirect
428-
github.com/moby/sys/sequential v0.5.0 // indirect
429+
github.com/moby/sys/sequential v0.6.0 // indirect
429430
github.com/moby/sys/signal v0.7.1 // indirect
430-
github.com/moby/sys/user v0.3.0 // indirect
431+
github.com/moby/sys/user v0.4.0 // indirect
431432
github.com/moby/sys/userns v0.1.0 // indirect
432433
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
433434
github.com/montanaflynn/stats v0.7.0 // indirect
434435
github.com/ncruces/go-strftime v0.1.9 // indirect
435436
github.com/nozzle/throttler v0.0.0-20180817012639-2ea982251481 // indirect
436437
github.com/oklog/ulid v1.3.1 // indirect
437-
github.com/opencontainers/selinux v1.11.0 // indirect
438+
github.com/opencontainers/selinux v1.13.0 // indirect
438439
github.com/opentracing/opentracing-go v1.2.0 // indirect
439440
github.com/openvex/discovery v0.1.1-0.20240802171711-7c54efc57553 // indirect
440441
github.com/openvex/go-vex v0.2.5 // indirect
@@ -505,7 +506,7 @@ require (
505506
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect
506507
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.34.0 // indirect
507508
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.34.0 // indirect
508-
go.opentelemetry.io/otel/trace v1.39.0 // indirect
509+
go.opentelemetry.io/otel/trace v1.43.0 // indirect
509510
go.opentelemetry.io/proto/otlp v1.5.0 // indirect
510511
go.uber.org/atomic v1.11.0 // indirect
511512
go.uber.org/dig v1.18.0 // indirect
@@ -530,7 +531,7 @@ require (
530531
gopkg.in/ini.v1 v1.67.0 // indirect
531532
gopkg.in/warnings.v0 v0.1.2 // indirect
532533
gopkg.in/zorkian/go-datadog-api.v2 v2.30.0 // indirect
533-
gotest.tools/v3 v3.5.1 // indirect
534+
gotest.tools/v3 v3.5.2 // indirect
534535
honnef.co/go/tools v0.5.1 // indirect
535536
k8s.io/apiextensions-apiserver v0.31.2 // indirect
536537
k8s.io/apiserver v0.31.2 // indirect

0 commit comments

Comments
 (0)