From 93f4c34d28bd1e1235ff9a8d9771a69984a9faa8 Mon Sep 17 00:00:00 2001 From: maizige <864321211@qq.com> Date: Thu, 31 Jul 2025 21:21:23 +0800 Subject: [PATCH 1/2] fix(deps): patch security vulnerability --- backend/go.mod | 8 ++++---- backend/go.sum | 9 ++++----- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/backend/go.mod b/backend/go.mod index 1328936326..b159860d09 100644 --- a/backend/go.mod +++ b/backend/go.mod @@ -1,8 +1,8 @@ module github.com/coze-dev/coze-loop/backend -go 1.23.4 +go 1.24.0 -toolchain go1.24.1 +toolchain go1.24.4 replace github.com/apache/thrift => github.com/apache/thrift v0.13.0 @@ -39,7 +39,7 @@ require ( github.com/dimchansky/utfbom v1.1.1 github.com/dolthub/go-mysql-server v0.18.0 github.com/dolthub/vitess v0.0.0-20240228192915-d55088cef56a - github.com/expr-lang/expr v1.15.8 + github.com/expr-lang/expr v1.17.0 github.com/fatih/structs v1.1.0 github.com/getkin/kin-openapi v0.118.0 github.com/go-playground/validator/v10 v10.20.0 @@ -58,7 +58,7 @@ require ( github.com/mitchellh/mapstructure v1.5.0 github.com/modern-go/reflect2 v1.0.2 github.com/nicksnyder/go-i18n/v2 v2.6.0 - github.com/ollama/ollama v0.5.12 + github.com/ollama/ollama v0.10.1 github.com/panjf2000/ants/v2 v2.11.3 github.com/parquet-go/parquet-go v0.25.0 github.com/pkg/errors v0.9.2-0.20201214064552-5dd12d0cfe7f diff --git a/backend/go.sum b/backend/go.sum index d133d55636..d1854d1e5a 100644 --- a/backend/go.sum +++ b/backend/go.sum @@ -297,8 +297,8 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.m github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/expr-lang/expr v1.15.8 h1:FL8+d3rSSP4tmK9o+vKfSMqqpGL8n15pEPiHcnBpxoI= -github.com/expr-lang/expr v1.15.8/go.mod h1:uCkhfG+x7fcZ5A5sXHKuQ07jGZRl6J0FCAaf2k4PtVQ= +github.com/expr-lang/expr v1.17.0 h1:+vpszOyzKLQXC9VF+wA8cVA0tlA984/Wabc/1hF9Whg= +github.com/expr-lang/expr v1.17.0/go.mod h1:8/vRC7+7HBzESEqt5kKpYXxrxkr31SaO8r40VO/1IT4= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.9.0/go.mod h1:eQcE1qtQxscV5RaZvpXrrb8Drkc3/DdQ+uUYCNjL+zU= github.com/fatih/color v1.12.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM= @@ -465,7 +465,6 @@ github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5/go.mod h1:vavhavw2zAx github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM= github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA= -github.com/google/subcommands v1.2.0 h1:vWQspBTo2nEqTUFita5/KeEWlUL8kQObDFbub/EN9oE= github.com/google/subcommands v1.2.0/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -707,8 +706,8 @@ github.com/nyaruka/phonenumbers v1.3.2 h1:ACdPdlDGabEwkF6Asfd1Jv+azcoPJP/FujXnni github.com/nyaruka/phonenumbers v1.3.2/go.mod h1:4jyKp/BFUokLbCHyoZag+T3S1KezFVoEKtgnbpzItC4= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= -github.com/ollama/ollama v0.5.12 h1:qM+k/ozyHLJzEQoAEPrUQ0qXqsgDEEdpIVwuwScrd2U= -github.com/ollama/ollama v0.5.12/go.mod h1:ibdmDvb/TjKY1OArBWIazL3pd1DHTk8eG2MMjEkWhiI= +github.com/ollama/ollama v0.10.1 h1:YJGiYpnKW3Q3v7+s0n1OlCaHcFFvSCVd+t0FvS9NZ2w= +github.com/ollama/ollama v0.10.1/go.mod h1:9+1//yWPsDE2u+l1a5mpaKrYw4VdnSsRU3ioq5BvMms= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= From cb76c7e5bd01992512b140bc6a92b9c440199fc6 Mon Sep 17 00:00:00 2001 From: maizige <864321211@qq.com> Date: Tue, 19 Aug 2025 22:01:27 +0800 Subject: [PATCH 2/2] upgrade(deps):upgrade depends --- backend/go.mod | 4 ++-- backend/go.sum | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/backend/go.mod b/backend/go.mod index 41057c14a4..2b2457892b 100644 --- a/backend/go.mod +++ b/backend/go.mod @@ -20,13 +20,13 @@ require ( github.com/bytedance/gopkg v0.1.2 github.com/bytedance/sonic v1.13.2 github.com/cenk/backoff v2.2.1+incompatible - github.com/cloudwego/eino v0.3.27 + github.com/cloudwego/eino v0.3.55 github.com/cloudwego/eino-ext/components/model/ark v0.1.8 github.com/cloudwego/eino-ext/components/model/arkbot v0.0.0-20250520101807-b2008771903a github.com/cloudwego/eino-ext/components/model/claude v0.0.0-20250513023651-7b19c6ffbf4a github.com/cloudwego/eino-ext/components/model/deepseek v0.0.0-20250514085234-473e80da5261 github.com/cloudwego/eino-ext/components/model/gemini v0.0.0-20250520101807-b2008771903a - github.com/cloudwego/eino-ext/components/model/ollama v0.0.0-20250520101807-b2008771903a + github.com/cloudwego/eino-ext/components/model/ollama v0.1.0 github.com/cloudwego/eino-ext/components/model/openai v0.0.0-20250513023651-7b19c6ffbf4a github.com/cloudwego/eino-ext/components/model/qianfan v0.0.0-20250520101807-b2008771903a github.com/cloudwego/eino-ext/components/model/qwen v0.0.0-20250520101807-b2008771903a diff --git a/backend/go.sum b/backend/go.sum index 0e99520d29..ecd1b6a01a 100644 --- a/backend/go.sum +++ b/backend/go.sum @@ -197,6 +197,8 @@ github.com/cloudwego/dynamicgo v0.6.2 h1:jpb0R27Kh1cNUFsQsOCTchyt9oNG0UvwDvTecEn github.com/cloudwego/dynamicgo v0.6.2/go.mod h1:ZfuIc4tsk8gdsmsoL+3M/q3916xTj+KAVJaXQHSaWiE= github.com/cloudwego/eino v0.3.27 h1:Oz4HcuivJyb+zT0W43Gmtb6wqmXZaYel0CS4iF6XsoI= github.com/cloudwego/eino v0.3.27/go.mod h1:wUjz990apdsaOraOXdh6CdhVXq8DJsOvLsVlxNTcNfY= +github.com/cloudwego/eino v0.3.55 h1:lMZrGtEh0k3qykQTLNXSXuAa98OtF2tS43GMHyvN7nA= +github.com/cloudwego/eino v0.3.55/go.mod h1:wUjz990apdsaOraOXdh6CdhVXq8DJsOvLsVlxNTcNfY= github.com/cloudwego/eino-ext/components/model/ark v0.1.8 h1:QU0M01WNTVf/63cUjD6S/D1lB+ggvcVH4ntZ+XKg5Lo= github.com/cloudwego/eino-ext/components/model/ark v0.1.8/go.mod h1:V3ZJbGMGXVYc1xgkBb3aEIGaS8BvPuVi2lub34vBO7k= github.com/cloudwego/eino-ext/components/model/arkbot v0.0.0-20250520101807-b2008771903a h1:axpTaAMf961yZxcPubr8KtXhquPGpiscVUY+UIfEzhY= @@ -209,6 +211,8 @@ github.com/cloudwego/eino-ext/components/model/gemini v0.0.0-20250520101807-b200 github.com/cloudwego/eino-ext/components/model/gemini v0.0.0-20250520101807-b2008771903a/go.mod h1:NTYXf6aAoO2zBES9S1lzkBvQoyD6UcUGvLmUAS5TMRU= github.com/cloudwego/eino-ext/components/model/ollama v0.0.0-20250520101807-b2008771903a h1:+/VYbeXv7bCdm0Wk183zIj9MjtF8yVaO1aDQyjfhf6c= github.com/cloudwego/eino-ext/components/model/ollama v0.0.0-20250520101807-b2008771903a/go.mod h1:giNUFqA+V7xrm/EDvH7JFnDqoWI+e2m1SVAnReU+Fd8= +github.com/cloudwego/eino-ext/components/model/ollama v0.1.0 h1:FW067iMfg3EZbUaZIo8v3i2ILBAZDzY23/9pbprvE0M= +github.com/cloudwego/eino-ext/components/model/ollama v0.1.0/go.mod h1:+qA5kkUCM0mIrXGSNzxLcjxh6K1AghPNigtEyyMdkOc= github.com/cloudwego/eino-ext/components/model/openai v0.0.0-20250513023651-7b19c6ffbf4a h1:WBjqihjYla2jh+ZMtlzFDLBnd3qWBwJS7rHH7rOs1Rc= github.com/cloudwego/eino-ext/components/model/openai v0.0.0-20250513023651-7b19c6ffbf4a/go.mod h1:uXIWTFbaAbZ1128EIXjFc4S+tDqmz1idMZd5qt5kkwU= github.com/cloudwego/eino-ext/components/model/qianfan v0.0.0-20250520101807-b2008771903a h1:nl5c/ze/DjOw3iza+IPWe05201eJcMYr6vLeB2EyIAk=