Skip to content

Commit cb520aa

Browse files
authored
Fix deps (#3343)
* chore(ci): fix sync images workflow golang image is sync'ed from dockerhub and it appears certs have expired that is breaking 'docker trust inspect ...' * chore: fix dependabot alerts Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> --------- Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>
1 parent f689c13 commit cb520aa

6 files changed

Lines changed: 69 additions & 73 deletions

File tree

.github/workflows/codeql-analysis.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ jobs:
5353

5454
# Initializes the CodeQL tools for scanning.
5555
- name: Initialize CodeQL
56-
uses: github/codeql-action/init@v3.29.10
56+
uses: github/codeql-action/init@v3.29.11
5757
with:
5858
languages: ${{ matrix.language }}
5959
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -64,7 +64,7 @@ jobs:
6464
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
6565
# If this step fails, then you should remove it and run the build manually (see below)
6666
- name: Autobuild
67-
uses: github/codeql-action/autobuild@v3.29.10
67+
uses: github/codeql-action/autobuild@v3.29.11
6868

6969
# ℹ️ Command-line programs to run using the OS shell.
7070
# 📚 https://git.io/JvXDl
@@ -77,4 +77,4 @@ jobs:
7777
# make release
7878

7979
- name: Perform CodeQL Analysis
80-
uses: github/codeql-action/analyze@v3.29.10
80+
uses: github/codeql-action/analyze@v3.29.11

.github/workflows/publish.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -253,7 +253,7 @@ jobs:
253253
TRIVY_USERNAME: ${{ github.actor }}
254254
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
255255
- name: Upload Trivy scan results to GitHub Security tab
256-
uses: github/codeql-action/upload-sarif@v3.29.10
256+
uses: github/codeql-action/upload-sarif@v3.29.11
257257
with:
258258
sarif_file: 'trivy-results.sarif'
259259

@@ -290,7 +290,7 @@ jobs:
290290
TRIVY_USERNAME: ${{ github.actor }}
291291
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
292292
- name: Upload Trivy scan results to GitHub Security tab
293-
uses: github/codeql-action/upload-sarif@v3.29.10
293+
uses: github/codeql-action/upload-sarif@v3.29.11
294294
with:
295295
sarif_file: 'trivy-results.sarif'
296296

.github/workflows/scorecards.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,6 @@ jobs:
5757

5858
# Upload the results to GitHub's code scanning dashboard.
5959
- name: "Upload to code-scanning"
60-
uses: github/codeql-action/upload-sarif@v3.29.10
60+
uses: github/codeql-action/upload-sarif@v3.29.11
6161
with:
6262
sarif_file: results.sarif

.github/workflows/sync-3rdparty-images.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,6 @@ jobs:
2929
password: ${{ secrets.GITHUB_TOKEN }}
3030
- name: Tag and push golang to ghcr
3131
run: |
32-
docker trust inspect golang:${{ matrix.golang_version }}
3332
docker pull golang:${{ matrix.golang_version }}
3433
docker tag golang:${{ matrix.golang_version }} ghcr.io/${{ github.repository_owner }}/golang:${{ matrix.golang_version }}
3534
docker push ghcr.io/${{ github.repository_owner }}/golang:${{ matrix.golang_version }}

go.mod

Lines changed: 21 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -9,10 +9,10 @@ require (
99
github.com/aquasecurity/trivy v0.65.0
1010
github.com/aquasecurity/trivy-db v0.0.0-20250723062229-56ec1e482238
1111
github.com/aws/aws-sdk-go v1.55.8
12-
github.com/aws/aws-sdk-go-v2 v1.38.0
13-
github.com/aws/aws-sdk-go-v2/config v1.31.0
12+
github.com/aws/aws-sdk-go-v2 v1.38.1
13+
github.com/aws/aws-sdk-go-v2/config v1.31.2
1414
github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.20.1
15-
github.com/aws/aws-sdk-go-v2/service/dynamodb v1.45.1
15+
github.com/aws/aws-sdk-go-v2/service/dynamodb v1.49.1
1616
github.com/aws/aws-sdk-go-v2/service/ecr v1.47.1
1717
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.35.8
1818
github.com/aws/aws-secretsmanager-caching-go v1.2.0
@@ -33,7 +33,7 @@ require (
3333
github.com/go-redsync/redsync/v4 v4.13.0
3434
github.com/go-viper/mapstructure/v2 v2.4.0
3535
github.com/gofrs/uuid v4.4.0+incompatible
36-
github.com/golang-jwt/jwt/v5 v5.2.3
36+
github.com/golang-jwt/jwt/v5 v5.3.0
3737
github.com/google/go-containerregistry v0.20.6
3838
github.com/google/go-github/v62 v62.0.0
3939
github.com/google/uuid v1.6.0
@@ -45,11 +45,11 @@ require (
4545
github.com/migueleliasweb/go-github-mock v1.4.0
4646
github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c
4747
github.com/nats-io/nats-server/v2 v2.11.7
48-
github.com/nats-io/nats.go v1.44.0
48+
github.com/nats-io/nats.go v1.45.0
4949
github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba
5050
github.com/notaryproject/notation-core-go v1.3.0
5151
github.com/notaryproject/notation-go v1.3.2
52-
github.com/olekukonko/tablewriter v1.0.8
52+
github.com/olekukonko/tablewriter v1.0.9
5353
github.com/opencontainers/distribution-spec/specs-go v0.0.0-20250123160558-a139cc423184
5454
github.com/opencontainers/go-digest v1.0.0
5555
github.com/opencontainers/image-spec v1.1.1
@@ -69,13 +69,13 @@ require (
6969
github.com/spf13/viper v1.20.1
7070
github.com/stretchr/testify v1.10.0
7171
github.com/swaggo/http-swagger v1.3.4
72-
github.com/swaggo/swag v1.16.4
72+
github.com/swaggo/swag v1.16.6
7373
github.com/vektah/gqlparser/v2 v2.5.30
7474
github.com/zitadel/oidc/v3 v3.41.0
75-
go.etcd.io/bbolt v1.4.2
75+
go.etcd.io/bbolt v1.4.3
7676
golang.org/x/crypto v0.40.0
7777
golang.org/x/oauth2 v0.30.0
78-
google.golang.org/protobuf v1.36.7
78+
google.golang.org/protobuf v1.36.8
7979
gopkg.in/resty.v1 v1.12.0
8080
gopkg.in/yaml.v3 v3.0.1
8181
k8s.io/apimachinery v0.33.4
@@ -161,22 +161,22 @@ require (
161161
github.com/aquasecurity/trivy-checks v1.11.3-0.20250604022615-9a7efa7c9169 // indirect
162162
github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48 // indirect
163163
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
164-
github.com/aws/aws-sdk-go-v2/credentials v1.18.4 // indirect
165-
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.3 // indirect
166-
github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.3 // indirect
167-
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.3 // indirect
164+
github.com/aws/aws-sdk-go-v2/credentials v1.18.6 // indirect
165+
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.4 // indirect
166+
github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.4 // indirect
167+
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.4 // indirect
168168
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
169169
github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.27.1 // indirect
170170
github.com/aws/aws-sdk-go-v2/service/ebs v1.25.3 // indirect
171171
github.com/aws/aws-sdk-go-v2/service/ec2 v1.234.0 // indirect
172172
github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.31.2 // indirect
173173
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.0 // indirect
174-
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.11.1 // indirect
175-
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.3 // indirect
174+
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.11.4 // indirect
175+
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.4 // indirect
176176
github.com/aws/aws-sdk-go-v2/service/s3 v1.84.1 // indirect
177-
github.com/aws/aws-sdk-go-v2/service/sso v1.28.0 // indirect
178-
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.33.0 // indirect
179-
github.com/aws/aws-sdk-go-v2/service/sts v1.37.0 // indirect
177+
github.com/aws/aws-sdk-go-v2/service/sso v1.28.2 // indirect
178+
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.33.2 // indirect
179+
github.com/aws/aws-sdk-go-v2/service/sts v1.38.0 // indirect
180180
github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.9.1 // indirect
181181
github.com/beorn7/perks v1.0.1 // indirect
182182
github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
@@ -299,7 +299,7 @@ require (
299299
github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 // indirect
300300
github.com/hashicorp/errwrap v1.1.0 // indirect
301301
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
302-
github.com/hashicorp/go-getter v1.7.8 // indirect
302+
github.com/hashicorp/go-getter v1.7.9 // indirect
303303
github.com/hashicorp/go-multierror v1.1.1 // indirect
304304
github.com/hashicorp/go-retryablehttp v0.7.8 // indirect
305305
github.com/hashicorp/go-safetemp v1.0.0 // indirect
@@ -347,7 +347,6 @@ require (
347347
github.com/minio/highwayhash v1.0.3 // indirect
348348
github.com/mitchellh/copystructure v1.2.0 // indirect
349349
github.com/mitchellh/go-homedir v1.1.0 // indirect
350-
github.com/mitchellh/go-testing-interface v1.14.1 // indirect
351350
github.com/mitchellh/go-wordwrap v1.0.1 // indirect
352351
github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect
353352
github.com/mitchellh/reflectwalk v1.0.2 // indirect
@@ -381,8 +380,8 @@ require (
381380
github.com/oklog/ulid v1.3.1 // indirect
382381
github.com/oklog/ulid/v2 v2.1.1 // indirect
383382
github.com/oleiade/reflections v1.1.0 // indirect
384-
github.com/olekukonko/errors v0.0.0-20250405072817-4e6d85265da6 // indirect
385-
github.com/olekukonko/ll v0.0.8 // indirect
383+
github.com/olekukonko/errors v1.1.0 // indirect
384+
github.com/olekukonko/ll v0.0.9 // indirect
386385
github.com/onsi/gomega v1.36.3 // indirect
387386
github.com/open-policy-agent/opa v1.6.0 // indirect
388387
github.com/opencontainers/runtime-spec v1.2.1 // indirect

0 commit comments

Comments
 (0)