Skip to content

Commit f689c13

Browse files
authored
chore: fix dependabot alerts (#3328)
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>
1 parent 5967986 commit f689c13

5 files changed

Lines changed: 78 additions & 76 deletions

File tree

.github/workflows/codeql-analysis.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ jobs:
5353

5454
# Initializes the CodeQL tools for scanning.
5555
- name: Initialize CodeQL
56-
uses: github/codeql-action/init@v3.29.9
56+
uses: github/codeql-action/init@v3.29.10
5757
with:
5858
languages: ${{ matrix.language }}
5959
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -64,7 +64,7 @@ jobs:
6464
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
6565
# If this step fails, then you should remove it and run the build manually (see below)
6666
- name: Autobuild
67-
uses: github/codeql-action/autobuild@v3.29.9
67+
uses: github/codeql-action/autobuild@v3.29.10
6868

6969
# ℹ️ Command-line programs to run using the OS shell.
7070
# 📚 https://git.io/JvXDl
@@ -77,4 +77,4 @@ jobs:
7777
# make release
7878

7979
- name: Perform CodeQL Analysis
80-
uses: github/codeql-action/analyze@v3.29.9
80+
uses: github/codeql-action/analyze@v3.29.10

.github/workflows/publish.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -253,7 +253,7 @@ jobs:
253253
TRIVY_USERNAME: ${{ github.actor }}
254254
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
255255
- name: Upload Trivy scan results to GitHub Security tab
256-
uses: github/codeql-action/upload-sarif@v3.29.9
256+
uses: github/codeql-action/upload-sarif@v3.29.10
257257
with:
258258
sarif_file: 'trivy-results.sarif'
259259

@@ -290,7 +290,7 @@ jobs:
290290
TRIVY_USERNAME: ${{ github.actor }}
291291
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
292292
- name: Upload Trivy scan results to GitHub Security tab
293-
uses: github/codeql-action/upload-sarif@v3.29.9
293+
uses: github/codeql-action/upload-sarif@v3.29.10
294294
with:
295295
sarif_file: 'trivy-results.sarif'
296296

.github/workflows/scorecards.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,6 @@ jobs:
5757

5858
# Upload the results to GitHub's code scanning dashboard.
5959
- name: "Upload to code-scanning"
60-
uses: github/codeql-action/upload-sarif@v3.29.9
60+
uses: github/codeql-action/upload-sarif@v3.29.10
6161
with:
6262
sarif_file: results.sarif

go.mod

Lines changed: 22 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -9,20 +9,20 @@ require (
99
github.com/aquasecurity/trivy v0.65.0
1010
github.com/aquasecurity/trivy-db v0.0.0-20250723062229-56ec1e482238
1111
github.com/aws/aws-sdk-go v1.55.8
12-
github.com/aws/aws-sdk-go-v2 v1.37.1
13-
github.com/aws/aws-sdk-go-v2/config v1.29.18
12+
github.com/aws/aws-sdk-go-v2 v1.38.0
13+
github.com/aws/aws-sdk-go-v2/config v1.31.0
1414
github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.20.1
1515
github.com/aws/aws-sdk-go-v2/service/dynamodb v1.45.1
1616
github.com/aws/aws-sdk-go-v2/service/ecr v1.47.1
1717
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.35.8
1818
github.com/aws/aws-secretsmanager-caching-go v1.2.0
1919
github.com/aws/smithy-go v1.22.5
20-
github.com/bmatcuk/doublestar/v4 v4.9.0
20+
github.com/bmatcuk/doublestar/v4 v4.9.1
2121
github.com/briandowns/spinner v1.23.2
2222
github.com/chartmuseum/auth v0.5.0
2323
github.com/cloudevents/sdk-go/protocol/nats/v2 v2.16.1
2424
github.com/cloudevents/sdk-go/v2 v2.16.1
25-
github.com/containers/image/v5 v5.36.0
25+
github.com/containers/image/v5 v5.36.1
2626
github.com/dchest/siphash v1.2.3
2727
github.com/didip/tollbooth/v7 v7.0.2
2828
github.com/distribution/distribution/v3 v3.0.0
@@ -55,9 +55,9 @@ require (
5555
github.com/opencontainers/image-spec v1.1.1
5656
github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5
5757
github.com/project-zot/mockoidc v0.0.0-20240610203808-d69d9e02020a
58-
github.com/prometheus/client_golang v1.22.0
58+
github.com/prometheus/client_golang v1.23.0
5959
github.com/prometheus/client_model v0.6.2
60-
github.com/redis/go-redis/v9 v9.11.0
60+
github.com/redis/go-redis/v9 v9.12.1
6161
github.com/regclient/regclient v0.9.0
6262
github.com/rs/zerolog v1.34.0
6363
github.com/santhosh-tekuri/jsonschema/v5 v5.3.1
@@ -75,11 +75,11 @@ require (
7575
go.etcd.io/bbolt v1.4.2
7676
golang.org/x/crypto v0.40.0
7777
golang.org/x/oauth2 v0.30.0
78-
google.golang.org/protobuf v1.36.6
78+
google.golang.org/protobuf v1.36.7
7979
gopkg.in/resty.v1 v1.12.0
8080
gopkg.in/yaml.v3 v3.0.1
81-
k8s.io/apimachinery v0.33.3
82-
modernc.org/sqlite v1.38.0
81+
k8s.io/apimachinery v0.33.4
82+
modernc.org/sqlite v1.38.2
8383
oras.land/oras-go/v2 v2.6.0
8484
sigs.k8s.io/controller-runtime v0.21.0
8585
)
@@ -161,22 +161,22 @@ require (
161161
github.com/aquasecurity/trivy-checks v1.11.3-0.20250604022615-9a7efa7c9169 // indirect
162162
github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48 // indirect
163163
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
164-
github.com/aws/aws-sdk-go-v2/credentials v1.17.71 // indirect
165-
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.33 // indirect
166-
github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.1 // indirect
167-
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.1 // indirect
164+
github.com/aws/aws-sdk-go-v2/credentials v1.18.4 // indirect
165+
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.3 // indirect
166+
github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.3 // indirect
167+
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.3 // indirect
168168
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
169169
github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.27.1 // indirect
170170
github.com/aws/aws-sdk-go-v2/service/ebs v1.25.3 // indirect
171171
github.com/aws/aws-sdk-go-v2/service/ec2 v1.234.0 // indirect
172172
github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.31.2 // indirect
173173
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.0 // indirect
174174
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.11.1 // indirect
175-
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.18 // indirect
175+
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.3 // indirect
176176
github.com/aws/aws-sdk-go-v2/service/s3 v1.84.1 // indirect
177-
github.com/aws/aws-sdk-go-v2/service/sso v1.25.6 // indirect
178-
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.4 // indirect
179-
github.com/aws/aws-sdk-go-v2/service/sts v1.34.1 // indirect
177+
github.com/aws/aws-sdk-go-v2/service/sso v1.28.0 // indirect
178+
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.33.0 // indirect
179+
github.com/aws/aws-sdk-go-v2/service/sts v1.37.0 // indirect
180180
github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.9.1 // indirect
181181
github.com/beorn7/perks v1.0.1 // indirect
182182
github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
@@ -212,7 +212,7 @@ require (
212212
github.com/containerd/stargz-snapshotter/estargz v0.16.3 // indirect
213213
github.com/containerd/ttrpc v1.2.7 // indirect
214214
github.com/containerd/typeurl/v2 v2.2.3 // indirect
215-
github.com/containers/storage v1.59.0 // indirect
215+
github.com/containers/storage v1.59.1 // indirect
216216
github.com/coreos/go-oidc/v3 v3.14.1 // indirect
217217
github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect
218218
github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467 // indirect
@@ -401,8 +401,8 @@ require (
401401
github.com/pkg/errors v0.9.1 // indirect
402402
github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
403403
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
404-
github.com/prometheus/common v0.63.0 // indirect
405-
github.com/prometheus/procfs v0.15.1 // indirect
404+
github.com/prometheus/common v0.65.0 // indirect
405+
github.com/prometheus/procfs v0.16.1 // indirect
406406
github.com/protocolbuffers/txtpbfmt v0.0.0-20241112170944-20d2c9ebc01d // indirect
407407
github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
408408
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
@@ -504,7 +504,7 @@ require (
504504
go.uber.org/zap v1.27.0 // indirect
505505
go.yaml.in/yaml/v2 v2.4.2 // indirect
506506
go.yaml.in/yaml/v3 v3.0.3 // indirect
507-
golang.org/x/exp v0.0.0-20250606033433-dcc06ee1d476 // indirect
507+
golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b // indirect
508508
golang.org/x/mod v0.26.0 // indirect
509509
golang.org/x/net v0.42.0 // indirect
510510
golang.org/x/sync v0.16.0 // indirect
@@ -535,7 +535,7 @@ require (
535535
k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff // indirect
536536
k8s.io/kubectl v0.33.3 // indirect
537537
k8s.io/utils v0.0.0-20241210054802-24370beab758 // indirect
538-
modernc.org/libc v1.65.10 // indirect
538+
modernc.org/libc v1.66.3 // indirect
539539
modernc.org/mathutil v1.7.1 // indirect
540540
modernc.org/memory v1.11.0 // indirect
541541
mvdan.cc/sh/v3 v3.11.0 // indirect

0 commit comments

Comments
 (0)