Skip to content

Commit 6a70440

Browse files
BrunoChauvetclaude
BrunoChauvet
and
claude
committed
Fix Grype CVEs: update logrus and prometheus/prometheus
- Update github.com/sirupsen/logrus v1.9.0 -> v1.9.3 in test/go.mod to fix GHSA-4f99-4q7p-p3gh (High) - Update github.com/prometheus/prometheus v0.35.0 -> v0.311.3 to fix GHSA-vffh-x6r8-xx99 (Medium) - Run go mod tidy and go mod vendor to update vendor directory Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent 45979bd commit 6a70440

279 files changed

Lines changed: 17692 additions & 29058 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

go.mod

Lines changed: 38 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -12,14 +12,14 @@ require (
1212
github.com/euank/go-kmsg-parser v2.0.0+incompatible
1313
github.com/hpcloud/tail v1.0.0
1414
github.com/prometheus/client_model v0.6.2
15-
github.com/prometheus/common v0.67.4
15+
github.com/prometheus/common v0.67.5
1616
github.com/prometheus/procfs v0.19.2
1717
github.com/shirou/gopsutil/v4 v4.25.12
1818
github.com/spf13/pflag v1.0.10
1919
github.com/stretchr/testify v1.11.1
2020
go.opencensus.io v0.24.0
21-
golang.org/x/sys v0.41.0
22-
google.golang.org/api v0.258.0
21+
golang.org/x/sys v0.42.0
22+
google.golang.org/api v0.272.0
2323
k8s.io/api v0.35.4
2424
k8s.io/apimachinery v0.35.4
2525
k8s.io/client-go v0.35.4
@@ -28,10 +28,10 @@ require (
2828
)
2929

3030
require (
31-
cloud.google.com/go/auth v0.17.0 // indirect
31+
cloud.google.com/go/auth v0.18.2 // indirect
3232
cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
33-
cloud.google.com/go/monitoring v1.24.2 // indirect
34-
cloud.google.com/go/trace v1.11.6 // indirect
33+
cloud.google.com/go/monitoring v1.24.3 // indirect
34+
cloud.google.com/go/trace v1.11.7 // indirect
3535
github.com/aws/aws-sdk-go v1.44.72 // indirect
3636
github.com/beorn7/perks v1.0.1 // indirect
3737
github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect
@@ -40,58 +40,66 @@ require (
4040
github.com/ebitengine/purego v0.9.1 // indirect
4141
github.com/emicklei/go-restful/v3 v3.12.2 // indirect
4242
github.com/felixge/httpsnoop v1.0.4 // indirect
43-
github.com/fsnotify/fsnotify v1.6.0 // indirect
4443
github.com/fxamacker/cbor/v2 v2.9.0 // indirect
4544
github.com/go-kit/log v0.2.1 // indirect
4645
github.com/go-logfmt/logfmt v0.5.1 // indirect
4746
github.com/go-logr/logr v1.4.3 // indirect
4847
github.com/go-logr/stdr v1.2.2 // indirect
4948
github.com/go-ole/go-ole v1.2.6 // indirect
50-
github.com/go-openapi/jsonpointer v0.21.0 // indirect
51-
github.com/go-openapi/jsonreference v0.20.2 // indirect
52-
github.com/go-openapi/swag v0.23.0 // indirect
49+
github.com/go-openapi/jsonpointer v0.22.5 // indirect
50+
github.com/go-openapi/jsonreference v0.21.4 // indirect
51+
github.com/go-openapi/swag v0.25.5 // indirect
52+
github.com/go-openapi/swag/cmdutils v0.25.5 // indirect
53+
github.com/go-openapi/swag/conv v0.25.5 // indirect
54+
github.com/go-openapi/swag/fileutils v0.25.5 // indirect
55+
github.com/go-openapi/swag/jsonname v0.25.5 // indirect
56+
github.com/go-openapi/swag/jsonutils v0.25.5 // indirect
57+
github.com/go-openapi/swag/loading v0.25.5 // indirect
58+
github.com/go-openapi/swag/mangling v0.25.5 // indirect
59+
github.com/go-openapi/swag/netutils v0.25.5 // indirect
60+
github.com/go-openapi/swag/stringutils v0.25.5 // indirect
61+
github.com/go-openapi/swag/typeutils v0.25.5 // indirect
62+
github.com/go-openapi/swag/yamlutils v0.25.5 // indirect
5363
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
5464
github.com/golang/protobuf v1.5.4 // indirect
5565
github.com/google/gnostic-models v0.7.0 // indirect
5666
github.com/google/s2a-go v0.1.9 // indirect
5767
github.com/google/uuid v1.6.0 // indirect
58-
github.com/googleapis/enterprise-certificate-proxy v0.3.7 // indirect
59-
github.com/googleapis/gax-go/v2 v2.15.0 // indirect
68+
github.com/googleapis/enterprise-certificate-proxy v0.3.14 // indirect
69+
github.com/googleapis/gax-go/v2 v2.18.0 // indirect
6070
github.com/jmespath/go-jmespath v0.4.0 // indirect
61-
github.com/josharian/intern v1.0.0 // indirect
6271
github.com/json-iterator/go v1.1.12 // indirect
6372
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
64-
github.com/mailru/easyjson v0.7.7 // indirect
6573
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
6674
github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect
6775
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
6876
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
6977
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect
7078
github.com/prometheus/client_golang v1.23.2 // indirect
71-
github.com/prometheus/prometheus v0.35.0 // indirect
79+
github.com/prometheus/prometheus v0.311.3 // indirect
7280
github.com/prometheus/statsd_exporter v0.22.7 // indirect
7381
github.com/tklauser/go-sysconf v0.3.16 // indirect
7482
github.com/tklauser/numcpus v0.11.0 // indirect
7583
github.com/x448/float16 v0.8.4 // indirect
7684
github.com/yusufpapurcu/wmi v1.2.4 // indirect
7785
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
7886
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0 // indirect
79-
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect
80-
go.opentelemetry.io/otel v1.41.0 // indirect
81-
go.opentelemetry.io/otel/metric v1.41.0 // indirect
82-
go.opentelemetry.io/otel/trace v1.41.0 // indirect
83-
go.yaml.in/yaml/v2 v2.4.3 // indirect
87+
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.67.0 // indirect
88+
go.opentelemetry.io/otel v1.42.0 // indirect
89+
go.opentelemetry.io/otel/metric v1.42.0 // indirect
90+
go.opentelemetry.io/otel/trace v1.42.0 // indirect
91+
go.yaml.in/yaml/v2 v2.4.4 // indirect
8492
go.yaml.in/yaml/v3 v3.0.4 // indirect
85-
golang.org/x/crypto v0.48.0 // indirect
86-
golang.org/x/net v0.51.0 // indirect
87-
golang.org/x/oauth2 v0.35.0 // indirect
88-
golang.org/x/sync v0.19.0 // indirect
89-
golang.org/x/term v0.40.0 // indirect
90-
golang.org/x/text v0.34.0 // indirect
91-
golang.org/x/time v0.14.0 // indirect
92-
google.golang.org/genproto v0.0.0-20250603155806-513f23925822 // indirect
93-
google.golang.org/genproto/googleapis/api v0.0.0-20251202230838-ff82c1b0f217 // indirect
94-
google.golang.org/genproto/googleapis/rpc v0.0.0-20251213004720-97cd9d5aeac2 // indirect
93+
golang.org/x/crypto v0.49.0 // indirect
94+
golang.org/x/net v0.52.0 // indirect
95+
golang.org/x/oauth2 v0.36.0 // indirect
96+
golang.org/x/sync v0.20.0 // indirect
97+
golang.org/x/term v0.41.0 // indirect
98+
golang.org/x/text v0.35.0 // indirect
99+
golang.org/x/time v0.15.0 // indirect
100+
google.golang.org/genproto v0.0.0-20260217215200-42d3e9bedb6d // indirect
101+
google.golang.org/genproto/googleapis/api v0.0.0-20260319201613-d00831a3d3e7 // indirect
102+
google.golang.org/genproto/googleapis/rpc v0.0.0-20260311181403-84a4fc48630c // indirect
95103
google.golang.org/grpc v1.79.3 // indirect
96104
google.golang.org/protobuf v1.36.11 // indirect
97105
gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect

0 commit comments

Comments
 (0)