From 906f8ce621a412bdb38eaaa10b4cb09a429db9b1 Mon Sep 17 00:00:00 2001 From: Ramkumar Chinchani <45800463+rchincha@users.noreply.github.com> Date: Wed, 22 Mar 2023 12:33:21 -0700 Subject: [PATCH] chore(deps): fix dependabot alerts (#1291) Signed-off-by: Ramkumar Chinchani --- .github/workflows/benchmark.yaml | 5 +++-- .github/workflows/branch-cov.yml | 3 ++- .github/workflows/ci-cd.yml | 3 ++- .github/workflows/cloc.yml | 3 ++- .github/workflows/cluster.yaml | 5 +++-- .github/workflows/codeql-analysis.yml | 3 ++- .github/workflows/ecosystem-tools.yaml | 3 ++- .github/workflows/golangci-lint.yaml | 3 ++- .github/workflows/gqlgen.yaml | 3 ++- .github/workflows/license.yaml | 3 ++- .github/workflows/oci-conformance-action.yml | 3 ++- .github/workflows/tls.yaml | 3 ++- .github/workflows/web-scan.yml | 3 ++- go.mod | 6 +++--- go.sum | 12 ++++++------ 15 files changed, 37 insertions(+), 24 deletions(-) diff --git a/.github/workflows/benchmark.yaml b/.github/workflows/benchmark.yaml index f1cb6315..4ff4321e 100644 --- a/.github/workflows/benchmark.yaml +++ b/.github/workflows/benchmark.yaml @@ -15,8 +15,9 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x # Run benchmark with `go test -bench` and stores the output to a file - name: Run benchmark @@ -29,7 +30,7 @@ jobs: key: ${{ runner.os }}-gen1-benchmark # Run `github-action-benchmark` action - name: Store benchmark result - uses: benchmark-action/github-action-benchmark@v1.16.1 + uses: benchmark-action/github-action-benchmark@v1.16.2 with: # What benchmark tool the output.txt came from tool: 'customBiggerIsBetter' diff --git a/.github/workflows/branch-cov.yml b/.github/workflows/branch-cov.yml index 6cef4884..d3cb225e 100644 --- a/.github/workflows/branch-cov.yml +++ b/.github/workflows/branch-cov.yml @@ -19,8 +19,9 @@ jobs: name: coverage steps: - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x - name: Install dependencies run: | diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 1182be34..fb4a2632 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -36,8 +36,9 @@ jobs: arch: [amd64, arm64] steps: - name: Install go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x - name: Check out source code uses: actions/checkout@v3 diff --git a/.github/workflows/cloc.yml b/.github/workflows/cloc.yml index ba0bc76d..57ef8ae9 100644 --- a/.github/workflows/cloc.yml +++ b/.github/workflows/cloc.yml @@ -18,8 +18,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Install go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x - name: Check out source code uses: actions/checkout@v3 diff --git a/.github/workflows/cluster.yaml b/.github/workflows/cluster.yaml index b250ba56..c4ae777e 100644 --- a/.github/workflows/cluster.yaml +++ b/.github/workflows/cluster.yaml @@ -28,8 +28,9 @@ jobs: # options: --name=minio --health-cmd "curl http://localhost:9000/minio/health/live" steps: - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x - name: Install dependencies run: | @@ -165,7 +166,7 @@ jobs: key: ${{ runner.os }}-gen1-benchmark-stateless-cluster # Run `github-action-benchmark` action - name: Store benchmark result - uses: benchmark-action/github-action-benchmark@v1.16.1 + uses: benchmark-action/github-action-benchmark@v1.16.2 with: # What benchmark tool the output.txt came from tool: 'customBiggerIsBetter' diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index b0a8aeca..9ca7fa56 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -46,8 +46,9 @@ jobs: uses: actions/checkout@v3 - name: Install go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x - name: Install dependencies diff --git a/.github/workflows/ecosystem-tools.yaml b/.github/workflows/ecosystem-tools.yaml index d40d7245..c5b1021d 100644 --- a/.github/workflows/ecosystem-tools.yaml +++ b/.github/workflows/ecosystem-tools.yaml @@ -17,8 +17,9 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x - name: Install dependencies run: | diff --git a/.github/workflows/golangci-lint.yaml b/.github/workflows/golangci-lint.yaml index 450d0efd..381f4731 100644 --- a/.github/workflows/golangci-lint.yaml +++ b/.github/workflows/golangci-lint.yaml @@ -16,8 +16,9 @@ jobs: name: lint runs-on: ubuntu-latest steps: - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v4 with: + cache: false go-version: '1.19' - uses: actions/checkout@v3 - name: golangci-lint diff --git a/.github/workflows/gqlgen.yaml b/.github/workflows/gqlgen.yaml index 815fc25a..19dab1cc 100644 --- a/.github/workflows/gqlgen.yaml +++ b/.github/workflows/gqlgen.yaml @@ -22,8 +22,9 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x - name: Install dependencies run: | diff --git a/.github/workflows/license.yaml b/.github/workflows/license.yaml index b4044c7c..1f798d86 100644 --- a/.github/workflows/license.yaml +++ b/.github/workflows/license.yaml @@ -19,8 +19,9 @@ jobs: name: License Check steps: - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x - name: Install go-licenses run: go install github.com/google/go-licenses@latest diff --git a/.github/workflows/oci-conformance-action.yml b/.github/workflows/oci-conformance-action.yml index 253a7ffe..f00eb83e 100644 --- a/.github/workflows/oci-conformance-action.yml +++ b/.github/workflows/oci-conformance-action.yml @@ -21,8 +21,9 @@ jobs: # Steps represent a sequence of tasks that will be executed as part of the job steps: - name: Install go 1.19 - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x - name: Checkout this PR uses: actions/checkout@v3 diff --git a/.github/workflows/tls.yaml b/.github/workflows/tls.yaml index 52ff544a..5ff094d1 100644 --- a/.github/workflows/tls.yaml +++ b/.github/workflows/tls.yaml @@ -19,8 +19,9 @@ jobs: name: TLS check steps: - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x - name: Install dependencies run: | diff --git a/.github/workflows/web-scan.yml b/.github/workflows/web-scan.yml index e179decf..e0216cef 100644 --- a/.github/workflows/web-scan.yml +++ b/.github/workflows/web-scan.yml @@ -22,8 +22,9 @@ jobs: flavor: [zot-linux-amd64-minimal, zot-linux-amd64] steps: - name: Install go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: + cache: false go-version: 1.19.x - name: Checkout uses: actions/checkout@v3 diff --git a/go.mod b/go.mod index 7c5a6402..ef72be86 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( github.com/google/uuid v1.3.0 github.com/gorilla/handlers v1.5.1 github.com/gorilla/mux v1.8.0 - github.com/hashicorp/golang-lru/v2 v2.0.1 + github.com/hashicorp/golang-lru/v2 v2.0.2 github.com/json-iterator/go v1.1.12 github.com/minio/sha256-simd v1.0.0 github.com/mitchellh/mapstructure v1.5.0 @@ -57,7 +57,7 @@ require ( github.com/notaryproject/notation-go v1.0.0-rc.3 github.com/opencontainers/distribution-spec/specs-go v0.0.0-20230117141039-067a0f5b0e25 github.com/sigstore/cosign v1.13.1 - github.com/swaggo/http-swagger v1.3.3 + github.com/swaggo/http-swagger v1.3.4 oras.land/oras-go/v2 v2.0.0 ) @@ -214,7 +214,7 @@ require ( github.com/aquasecurity/go-pep440-version v0.0.0-20210121094942-22b2f8951d46 // indirect github.com/aquasecurity/go-version v0.0.0-20210121072130-637058cfe492 // indirect github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect - github.com/aws/aws-sdk-go v1.44.214 + github.com/aws/aws-sdk-go v1.44.224 github.com/aws/aws-sdk-go-v2 v1.17.5 github.com/aws/aws-sdk-go-v2/config v1.18.15 github.com/aws/aws-sdk-go-v2/credentials v1.13.15 // indirect diff --git a/go.sum b/go.sum index 44c2a1cf..1a9d8f1b 100644 --- a/go.sum +++ b/go.sum @@ -487,8 +487,8 @@ github.com/aws/aws-sdk-go v1.25.11/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpi github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.37.0/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= github.com/aws/aws-sdk-go v1.44.122/go.mod h1:y4AeaBuwd2Lk+GepC1E9v0qOiTws0MIWAX4oIKwKHZo= -github.com/aws/aws-sdk-go v1.44.214 h1:YzDuC+9UtrAOUkItlK7l3BvKI9o6qAog9X8i289HORc= -github.com/aws/aws-sdk-go v1.44.214/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= +github.com/aws/aws-sdk-go v1.44.224 h1:09CiaaF35nRmxrzWZ2uRq5v6Ghg/d2RiPjZnSgtt+RQ= +github.com/aws/aws-sdk-go v1.44.224/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g= github.com/aws/aws-sdk-go-v2 v1.7.1/go.mod h1:L5LuPC1ZgDr2xQS7AmIec/Jlc7O/Y1u2KxJyNVab250= github.com/aws/aws-sdk-go-v2 v1.14.0/go.mod h1:ZA3Y8V0LrlWj63MQAnRHgKf/5QB//LSZCPNWlWrNGLU= @@ -1387,8 +1387,8 @@ github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= -github.com/hashicorp/golang-lru/v2 v2.0.1 h1:5pv5N1lT1fjLg2VQ5KWc7kmucp2x/kvFOnxuVTqZ6x4= -github.com/hashicorp/golang-lru/v2 v2.0.1/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= +github.com/hashicorp/golang-lru/v2 v2.0.2 h1:Dwmkdr5Nc/oBiXgJS3CDHNhJtIHkuZ3DZF5twqnfBdU= +github.com/hashicorp/golang-lru/v2 v2.0.2/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/hcl/v2 v2.14.1 h1:x0BpjfZ+CYdbiz+8yZTQ+gdLO7IXvOut7Da+XJayx34= @@ -2131,8 +2131,8 @@ github.com/subosito/gotenv v1.4.2 h1:X1TuBLAMDFbaTAChgCBLu3DU3UPyELpnF2jjJ2cz/S8 github.com/subosito/gotenv v1.4.2/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0= github.com/swaggo/files v0.0.0-20220610200504-28940afbdbfe h1:K8pHPVoTgxFJt1lXuIzzOX7zZhZFldJQK/CgKx9BFIc= github.com/swaggo/files v0.0.0-20220610200504-28940afbdbfe/go.mod h1:lKJPbtWzJ9JhsTN1k1gZgleJWY/cqq0psdoMmaThG3w= -github.com/swaggo/http-swagger v1.3.3 h1:Hu5Z0L9ssyBLofaama21iYaF2VbWyA8jdohaaCGpHsc= -github.com/swaggo/http-swagger v1.3.3/go.mod h1:sE+4PjD89IxMPm77FnkDz0sdO+p5lbXzrVWT6OTVVGo= +github.com/swaggo/http-swagger v1.3.4 h1:q7t/XLx0n15H1Q9/tk3Y9L4n210XzJF5WtnDX64a5ww= +github.com/swaggo/http-swagger v1.3.4/go.mod h1:9dAh0unqMBAlbp1uE2Uc2mQTxNMU/ha4UbucIg1MFkQ= github.com/swaggo/swag v1.8.10 h1:eExW4bFa52WOjqRzRD58bgWsWfdFJso50lpbeTcmTfo= github.com/swaggo/swag v1.8.10/go.mod h1:ezQVUUhly8dludpVk+/PuwJWvLLanB13ygV5Pr9enSk= github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=