Enhance the security of dependencies

[jiayouxujin]

Hi,
Considering the security concerns with the dependency github.com/satori/go.uuid, we should replace it.

[tianshimoyi]

@jiayouxujin
Does github.com/satori/go.uuid have any security implications? Can you describe it?

[jiayouxujin]

@jiayouxujin Does github.com/satori/go.uuid have any security implications? Can you describe it?

@tianshimoyi Sure.
From the results of Docker scan, we can see the following results #18 :

✗ High severity vulnerability found in github.com/satori/go.uuid
  Description: Insecure Randomness
  Info: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSATORIGOUUID-72488
  Introduced through: github.com/satori/[email protected]
  From: github.com/satori/[email protected]

Then I imported the image to the Snyk platform, and the detailed report is as follows:

Overview:
github.com/satori/go.uuid provides a pure Go implementation of Universally Unique Identifier (UUID).

Affected versions of this package are vulnerable to Insecure Randomness, which produces predictable UUID identifiers due to the limited number of bytes read when using the g.rand.Read function.

Note: This vulnerability was introduced on the master branch of satori/go.uuid after version 1.2.0. This was fixed in commit d91630c8510268e75203009fe7daf2b8e1d60c45.

I checked the commit history of the satori/go.uuid repository, and version 1.2.0 does not include this commit.