CSPL-4153: Update dependencies to fix security vulnerabilities

gabrielm-splunk · claude · gabrielm-splunk · commit bca67507e68a · 2026-04-01T11:22:47.000-04:00
- Update google.golang.org/grpc from v1.78.0 to v1.79.3 (VULN-67797)
- Update github.com/buger/jsonparser from v1.1.1 to v1.1.2 (VULN-67794)
- Update Go stdlib from 1.25.7 to 1.25.8 (VULN-65734)
- Update gnutls via explicit microdnf update (VULN-69140)
- Update other dependencies to latest compatible versions

Fixes: VULN-67797, VULN-67794, VULN-65734, VULN-69140

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/Dockerfile b/Dockerfile
@@ -5,7 +5,7 @@ ARG BASE_IMAGE=registry.access.redhat.com/ubi8/ubi-minimal
 ARG BASE_IMAGE_VERSION=8.10-1770223153
 
 # Build the manager binary
-FROM golang:1.25.7 AS builder
+FROM golang:1.25.8 AS builder
 
 WORKDIR /workspace
 
@@ -63,6 +63,7 @@ RUN if grep -q 'Ubuntu' /etc/os-release; then \
         microdnf update -y libstdc++ && \
         microdnf update -y libxml2 && \
         microdnf update -y libgcc && \
+        microdnf update -y gnutls && \
         microdnf clean all; \
     fi
 
diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/splunk/splunk-operator
 
-go 1.25.7
+go 1.25.8
 
 require (
 	cloud.google.com/go/storage v1.36.0
@@ -61,7 +61,7 @@ require (
 	github.com/bahlo/generic-list-go v0.2.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/blang/semver/v4 v4.0.0 // indirect
-	github.com/buger/jsonparser v1.1.1 // indirect
+	github.com/buger/jsonparser v1.1.2 // indirect
 	github.com/cenkalti/backoff/v5 v5.0.3 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
diff --git a/go.sum b/go.sum
@@ -74,8 +74,8 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
 github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
 github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ=
-github.com/buger/jsonparser v1.1.1 h1:2PnMjfWD7wBILjqQbt530v576A/cAbQvEW9gGIpYMUs=
-github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0=
+github.com/buger/jsonparser v1.1.2 h1:frqHqw7otoVbk5M8LlE/L7HTnIq2v9RX6EJ48i9AxJk=
+github.com/buger/jsonparser v1.1.2/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0=
 github.com/cenkalti/backoff/v5 v5.0.3 h1:ZN+IMa753KfX5hd8vVaMixjnqRZ3y8CuJKRKj1xcsSM=
 github.com/cenkalti/backoff/v5 v5.0.3/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
