Skip to content

Commit ce9506c

Browse files
authored
fix(deps): lock file maintenance vulnfeeds (google#3568)
This PR contains the following updates: | Package | Type | Update | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---|---|---| | | | lockFileMaintenance | All locks refreshed | | | | | | gcr.io/google.com/cloudsdktool/google-cloud-cli | final | digest | `27813d3` -> `ca70dd0` | | | | | | [github.com/go-git/go-git/v5](https://redirect.github.com/go-git/go-git) | require | patch | `v5.16.0` -> `v5.16.2` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgo-git%2fgo-git%2fv5/v5.16.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgo-git%2fgo-git%2fv5/v5.16.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgo-git%2fgo-git%2fv5/v5.16.0/v5.16.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgo-git%2fgo-git%2fv5/v5.16.0/v5.16.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | golang | stage | patch | `1.24.3-alpine` -> `1.24.4-alpine` | [![age](https://developer.mend.io/api/mc/badges/age/docker/golang/1.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/docker/golang/1.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/docker/golang/1.24.3/1.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/golang/1.24.3/1.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | golang.org/x/exp | require | digest | `b6e5de4` -> `dcc06ee` | [![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20250606033433-dcc06ee1d476?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20250606033433-dcc06ee1d476?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20250531010427-b6e5de432a8b/v0.0.0-20250606033433-dcc06ee1d476?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20250531010427-b6e5de432a8b/v0.0.0-20250606033433-dcc06ee1d476?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [gopkg.in/dnaeon/go-vcr.v4](https://redirect.github.com/dnaeon/go-vcr) | require | patch | `v4.0.2` -> `v4.0.3` | [![age](https://developer.mend.io/api/mc/badges/age/go/gopkg.in%2fdnaeon%2fgo-vcr.v4/v4.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/gopkg.in%2fdnaeon%2fgo-vcr.v4/v4.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/gopkg.in%2fdnaeon%2fgo-vcr.v4/v4.0.2/v4.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/gopkg.in%2fdnaeon%2fgo-vcr.v4/v4.0.2/v4.0.3?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [pandas](https://redirect.github.com/pandas-dev/pandas) | project.dependencies | minor | `==2.2.3` -> `==2.3.0` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/pandas/2.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/pandas/2.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/pandas/2.2.3/2.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/pandas/2.2.3/2.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Release Notes <details> <summary>go-git/go-git (github.com/go-git/go-git/v5)</summary> ### [`v5.16.2`](https://redirect.github.com/go-git/go-git/releases/tag/v5.16.2) [Compare Source](https://redirect.github.com/go-git/go-git/compare/v5.16.1...v5.16.2) #### What's Changed - utils: fix diff so subpaths work for sparse checkouts, fixes 1455 to releases/v5.x by [@&#8203;kane8n](https://redirect.github.com/kane8n) in [https://github.com/go-git/go-git/pull/1567](https://redirect.github.com/go-git/go-git/pull/1567) **Full Changelog**: go-git/go-git@v5.16.1...v5.16.2 ### [`v5.16.1`](https://redirect.github.com/go-git/go-git/releases/tag/v5.16.1) [Compare Source](https://redirect.github.com/go-git/go-git/compare/v5.16.0...v5.16.1) #### What's Changed - utils: merkletrie, Fix diff on sparse-checkout index. Fixes [#&#8203;1406](https://redirect.github.com/go-git/go-git/issues/1406) to releases/v5.x by [@&#8203;kane8n](https://redirect.github.com/kane8n) in [https://github.com/go-git/go-git/pull/1561](https://redirect.github.com/go-git/go-git/pull/1561) #### New Contributors - [@&#8203;kane8n](https://redirect.github.com/kane8n) made their first contribution in [https://github.com/go-git/go-git/pull/1561](https://redirect.github.com/go-git/go-git/pull/1561) **Full Changelog**: go-git/go-git@v5.16.0...v5.16.1 </details> <details> <summary>dnaeon/go-vcr (gopkg.in/dnaeon/go-vcr.v4)</summary> ### [`v4.0.3`](https://redirect.github.com/dnaeon/go-vcr/releases/tag/v4.0.3) [Compare Source](https://redirect.github.com/dnaeon/go-vcr/compare/v4.0.2...v4.0.3) #### What's Changed - \[cassette]: Use omitempty in yaml field serialization by [@&#8203;maruel](https://redirect.github.com/maruel) in [https://github.com/dnaeon/go-vcr/pull/110](https://redirect.github.com/dnaeon/go-vcr/pull/110) - Various test related improvements; no functional change by [@&#8203;maruel](https://redirect.github.com/maruel) in [https://github.com/dnaeon/go-vcr/pull/111](https://redirect.github.com/dnaeon/go-vcr/pull/111) - README: remove WithCassetteLabel option by [@&#8203;Syuparn](https://redirect.github.com/Syuparn) in [https://github.com/dnaeon/go-vcr/pull/115](https://redirect.github.com/dnaeon/go-vcr/pull/115) - cassette: wrap ErrCassetteNotFound with the number of errors by [@&#8203;maruel](https://redirect.github.com/maruel) in [https://github.com/dnaeon/go-vcr/pull/117](https://redirect.github.com/dnaeon/go-vcr/pull/117) - Fix the recorded Form field: take the full Form instead of just the PostForm by [@&#8203;hectorj-thetreep](https://redirect.github.com/hectorj-thetreep) in [https://github.com/dnaeon/go-vcr/pull/118](https://redirect.github.com/dnaeon/go-vcr/pull/118) #### New Contributors - [@&#8203;maruel](https://redirect.github.com/maruel) made their first contribution in [https://github.com/dnaeon/go-vcr/pull/110](https://redirect.github.com/dnaeon/go-vcr/pull/110) - [@&#8203;Syuparn](https://redirect.github.com/Syuparn) made their first contribution in [https://github.com/dnaeon/go-vcr/pull/115](https://redirect.github.com/dnaeon/go-vcr/pull/115) - [@&#8203;hectorj-thetreep](https://redirect.github.com/hectorj-thetreep) made their first contribution in [https://github.com/dnaeon/go-vcr/pull/118](https://redirect.github.com/dnaeon/go-vcr/pull/118) **Full Changelog**: dnaeon/go-vcr@v4.0.2...v4.0.3 </details> <details> <summary>pandas-dev/pandas (pandas)</summary> ### [`v2.3.0`](https://redirect.github.com/pandas-dev/pandas/releases/tag/v2.3.0): Pandas 2.3.0 [Compare Source](https://redirect.github.com/pandas-dev/pandas/compare/v2.2.3...v2.3.0) We are pleased to announce the release of pandas 2.3.0. This release includes some new features, bug fixes, and performance improvements. We recommend that all users upgrade to this version. See the [full whatsnew](https://pandas.pydata.org/pandas-docs/version/2.3.0/whatsnew/v2.3.0.html) for a list of all the changes. Pandas 2.3.0 supports Python 3.10 and higher. The release will be available on the defaults and conda-forge channels: conda install -c conda-forge pandas Or via PyPI: python3 -m pip install --upgrade pandas Please report any issues with the release on the [pandas issue tracker](https://redirect.github.com/pandas-dev/pandas/issues). Thanks to all the contributors who made this release possible. </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 6am on wednesday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/google/osv.dev). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC40OC41IiwidXBkYXRlZEluVmVyIjoiNDAuNDguNSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->
1 parent 3ba75a4 commit ce9506c

12 files changed

Lines changed: 127 additions & 131 deletions

File tree

vulnfeeds/cmd/alpine/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
# See the License for the specific language governing permissions and
1313
# limitations under the License.
1414

15-
FROM golang:1.24.3-alpine@sha256:b4f875e650466fa0fe62c6fd3f02517a392123eea85f1d7e69d85f780e4db1c1 AS GO_BUILD
15+
FROM golang:1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a AS GO_BUILD
1616

1717
RUN mkdir /src
1818
WORKDIR /src
@@ -25,7 +25,7 @@ COPY ./ /src/
2525
RUN go build -o alpine-osv ./cmd/alpine/
2626

2727

28-
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:27813d3aa958b495fc9ad585fe4ef135d52726b28d6e38b3dbd3c03323e9149e
28+
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:ca70dd0fcf3924c9b05527b55fe0cc08eff55bc970941101fcf28041a3a08e69
2929

3030
WORKDIR /root/
3131
COPY --from=GO_BUILD /src/alpine-osv ./

vulnfeeds/cmd/combine-to-osv/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
# See the License for the specific language governing permissions and
1313
# limitations under the License.
1414

15-
FROM golang:1.24.3-alpine@sha256:b4f875e650466fa0fe62c6fd3f02517a392123eea85f1d7e69d85f780e4db1c1 AS GO_BUILD
15+
FROM golang:1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a AS GO_BUILD
1616

1717
RUN mkdir /src
1818
WORKDIR /src
@@ -26,7 +26,7 @@ RUN go build -o combine-to-osv ./cmd/combine-to-osv/
2626
RUN go build -o download-cves ./cmd/download-cves/
2727

2828

29-
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:27813d3aa958b495fc9ad585fe4ef135d52726b28d6e38b3dbd3c03323e9149e
29+
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:ca70dd0fcf3924c9b05527b55fe0cc08eff55bc970941101fcf28041a3a08e69
3030
RUN apk --no-cache add jq
3131

3232
WORKDIR /root/

vulnfeeds/cmd/cpe-repo-gen/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
# See the License for the specific language governing permissions and
1313
# limitations under the License.
1414

15-
FROM golang:1.24.3-alpine@sha256:b4f875e650466fa0fe62c6fd3f02517a392123eea85f1d7e69d85f780e4db1c1 AS GO_BUILD
15+
FROM golang:1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a AS GO_BUILD
1616

1717
RUN mkdir /src
1818
WORKDIR /src
@@ -24,7 +24,7 @@ RUN go mod download
2424
COPY ./ /src/
2525
RUN CGO_ENABLED=0 go build -o cpe-repo-gen ./cmd/cpe-repo-gen
2626

27-
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:27813d3aa958b495fc9ad585fe4ef135d52726b28d6e38b3dbd3c03323e9149e
27+
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:ca70dd0fcf3924c9b05527b55fe0cc08eff55bc970941101fcf28041a3a08e69
2828

2929
COPY --from=GO_BUILD /src/cpe-repo-gen ./
3030
COPY ./cmd/cpe-repo-gen/cpe-repo-gen_map.sh ./

vulnfeeds/cmd/debian-copyright-mirror/Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
# See the License for the specific language governing permissions and
1313
# limitations under the License.
1414

15-
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:27813d3aa958b495fc9ad585fe4ef135d52726b28d6e38b3dbd3c03323e9149e
15+
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:ca70dd0fcf3924c9b05527b55fe0cc08eff55bc970941101fcf28041a3a08e69
1616

1717
RUN apk add py3-yaml
1818

vulnfeeds/cmd/debian/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
# See the License for the specific language governing permissions and
1313
# limitations under the License.
1414

15-
FROM golang:1.24.3-alpine@sha256:b4f875e650466fa0fe62c6fd3f02517a392123eea85f1d7e69d85f780e4db1c1 AS GO_BUILD
15+
FROM golang:1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a AS GO_BUILD
1616

1717
RUN mkdir /src
1818
WORKDIR /src
@@ -25,7 +25,7 @@ COPY ./ /src/
2525
RUN go build -o debian-osv ./cmd/debian/
2626

2727

28-
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:27813d3aa958b495fc9ad585fe4ef135d52726b28d6e38b3dbd3c03323e9149e
28+
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:ca70dd0fcf3924c9b05527b55fe0cc08eff55bc970941101fcf28041a3a08e69
2929

3030
WORKDIR /root/
3131
COPY --from=GO_BUILD /src/debian-osv ./

vulnfeeds/cmd/download-cves/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
# See the License for the specific language governing permissions and
1313
# limitations under the License.
1414

15-
FROM golang:1.24.3-alpine@sha256:b4f875e650466fa0fe62c6fd3f02517a392123eea85f1d7e69d85f780e4db1c1 AS GO_BUILD
15+
FROM golang:1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a AS GO_BUILD
1616

1717
RUN mkdir /src
1818
WORKDIR /src
@@ -24,7 +24,7 @@ RUN go mod download
2424
COPY ./ /src/
2525
RUN go build -o download-cves ./cmd/download-cves/
2626

27-
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:27813d3aa958b495fc9ad585fe4ef135d52726b28d6e38b3dbd3c03323e9149e
27+
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:ca70dd0fcf3924c9b05527b55fe0cc08eff55bc970941101fcf28041a3a08e69
2828
RUN apk --no-cache add jq
2929

3030
WORKDIR /usr/local/bin

vulnfeeds/cmd/nvd-cve-osv/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
# See the License for the specific language governing permissions and
1313
# limitations under the License.
1414

15-
FROM golang:1.24.3-alpine@sha256:b4f875e650466fa0fe62c6fd3f02517a392123eea85f1d7e69d85f780e4db1c1 AS GO_BUILD
15+
FROM golang:1.24.4-alpine@sha256:68932fa6d4d4059845c8f40ad7e654e626f3ebd3706eef7846f319293ab5cb7a AS GO_BUILD
1616

1717
WORKDIR /go/src
1818

@@ -22,7 +22,7 @@ RUN go mod download && go mod verify
2222
COPY . .
2323
RUN CGO_ENABLED=0 go build -v -o /usr/local/bin ./cmd/nvd-cve-osv ./cmd/download-cves
2424

25-
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:27813d3aa958b495fc9ad585fe4ef135d52726b28d6e38b3dbd3c03323e9149e
25+
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:ca70dd0fcf3924c9b05527b55fe0cc08eff55bc970941101fcf28041a3a08e69
2626
RUN apk --no-cache add jq
2727

2828
COPY --from=GO_BUILD /usr/local/bin/ ./usr/local/bin/

vulnfeeds/go.mod

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,13 +7,13 @@ require (
77
cloud.google.com/go/secretmanager v1.14.7
88
github.com/aquasecurity/go-pep440-version v0.0.1
99
github.com/atombender/go-jsonschema v0.20.0
10-
github.com/go-git/go-git/v5 v5.16.0
10+
github.com/go-git/go-git/v5 v5.16.2
1111
github.com/google/go-cmp v0.7.0
1212
github.com/google/osv-scanner v1.9.2
1313
github.com/knqyf263/go-cpe v0.0.0-20230627041855-cb0794d06872
1414
github.com/sethvargo/go-retry v0.3.0
15-
golang.org/x/exp v0.0.0-20250531010427-b6e5de432a8b
16-
gopkg.in/dnaeon/go-vcr.v4 v4.0.2
15+
golang.org/x/exp v0.0.0-20250606033433-dcc06ee1d476
16+
gopkg.in/dnaeon/go-vcr.v4 v4.0.3
1717
gopkg.in/yaml.v2 v2.4.0
1818
)
1919

@@ -57,7 +57,7 @@ require (
5757
golang.org/x/crypto v0.37.0 // indirect
5858
golang.org/x/net v0.39.0 // indirect
5959
golang.org/x/oauth2 v0.29.0 // indirect
60-
golang.org/x/sync v0.14.0 // indirect
60+
golang.org/x/sync v0.15.0 // indirect
6161
golang.org/x/sys v0.32.0 // indirect
6262
golang.org/x/text v0.24.0 // indirect
6363
golang.org/x/time v0.11.0 // indirect

vulnfeeds/go.sum

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -58,8 +58,8 @@ github.com/go-git/go-billy/v5 v5.6.2 h1:6Q86EsPXMa7c3YZ3aLAQsMA0VlWmy43r6FHqa/UN
5858
github.com/go-git/go-billy/v5 v5.6.2/go.mod h1:rcFC2rAsp/erv7CMz9GczHcuD0D32fWzH+MJAU+jaUU=
5959
github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4=
6060
github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII=
61-
github.com/go-git/go-git/v5 v5.16.0 h1:k3kuOEpkc0DeY7xlL6NaaNg39xdgQbtH5mwCafHO9AQ=
62-
github.com/go-git/go-git/v5 v5.16.0/go.mod h1:4Ge4alE/5gPs30F2H1esi2gPd69R0C39lolkucHBOp8=
61+
github.com/go-git/go-git/v5 v5.16.2 h1:fT6ZIOjE5iEnkzKyxTHK1W4HGAsPhqEqiSAssSO77hM=
62+
github.com/go-git/go-git/v5 v5.16.2/go.mod h1:4Ge4alE/5gPs30F2H1esi2gPd69R0C39lolkucHBOp8=
6363
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
6464
github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
6565
github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
@@ -152,15 +152,15 @@ go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J
152152
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
153153
golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE=
154154
golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc=
155-
golang.org/x/exp v0.0.0-20250531010427-b6e5de432a8b h1:QoALfVG9rhQ/M7vYDScfPdWjGL9dlsVVM5VGh7aKoAA=
156-
golang.org/x/exp v0.0.0-20250531010427-b6e5de432a8b/go.mod h1:U6Lno4MTRCDY+Ba7aCcauB9T60gsv5s4ralQzP72ZoQ=
155+
golang.org/x/exp v0.0.0-20250606033433-dcc06ee1d476 h1:bsqhLWFR6G6xiQcb+JoGqdKdRU6WzPWmK8E0jxTjzo4=
156+
golang.org/x/exp v0.0.0-20250606033433-dcc06ee1d476/go.mod h1:3//PLf8L/X+8b4vuAfHzxeRUl04Adcb341+IGKfnqS8=
157157
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
158158
golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY=
159159
golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E=
160160
golang.org/x/oauth2 v0.29.0 h1:WdYw2tdTK1S8olAzWHdgeqfy+Mtm9XNhv/xJsY65d98=
161161
golang.org/x/oauth2 v0.29.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8=
162-
golang.org/x/sync v0.14.0 h1:woo0S4Yywslg6hp4eUFjTVOyKt0RookbpAHG4c1HmhQ=
163-
golang.org/x/sync v0.14.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
162+
golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
163+
golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
164164
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
165165
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
166166
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -196,8 +196,8 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8
196196
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
197197
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
198198
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
199-
gopkg.in/dnaeon/go-vcr.v4 v4.0.2 h1:7T5VYf2ifyK01ETHbJPl5A6XTpUljD4Trw3GEDcdedk=
200-
gopkg.in/dnaeon/go-vcr.v4 v4.0.2/go.mod h1:65yxh9goQVrudqofKtHA4JNFWd6XZRkWfKN4YpMx7KI=
199+
gopkg.in/dnaeon/go-vcr.v4 v4.0.3 h1:rlSB7VRNGo90rqbNWA3+/3iftkjLEvcf3bhkAULqE0o=
200+
gopkg.in/dnaeon/go-vcr.v4 v4.0.3/go.mod h1:65yxh9goQVrudqofKtHA4JNFWd6XZRkWfKN4YpMx7KI=
201201
gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
202202
gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
203203
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=

vulnfeeds/tools/debian/Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
# See the License for the specific language governing permissions and
1313
# limitations under the License.
1414

15-
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:27813d3aa958b495fc9ad585fe4ef135d52726b28d6e38b3dbd3c03323e9149e
15+
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:alpine@sha256:ca70dd0fcf3924c9b05527b55fe0cc08eff55bc970941101fcf28041a3a08e69
1616

1717
# Setup Poetry in its own virtual environment.
1818
# So when poetry changes the system dependencies, it doesn't mess with its own dependencies

0 commit comments

Comments
 (0)