Skip to content

Commit

Permalink
Bump deps to silence security alerts (ko-build#667)
Browse files Browse the repository at this point in the history
* Update dependencies

* Fix cosign breakage

* ignore vendor for misspell

* Configure woke to ignore vendor and some usages
  • Loading branch information
imjasonh authored Jun 1, 2022
1 parent 7859a3b commit e4a01f6
Show file tree
Hide file tree
Showing 875 changed files with 180,335 additions and 3,649 deletions.
1 change: 1 addition & 0 deletions .github/workflows/style.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@ jobs:
github_token: ${{ secrets.github_token }}
fail_on_error: true
locale: "US"
exclude: ./vendor/*

- uses: get-woke/woke-action-reviewdog@v0
if: ${{ always() }}
Expand Down
4 changes: 4 additions & 0 deletions .wokeignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
vendor/**

# Uses some Cobra methods
pkg/commands/*
35 changes: 26 additions & 9 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -3,25 +3,42 @@ module github.com/google/ko
go 1.16

require (
github.com/aws/aws-sdk-go-v2/config v1.15.0 // indirect
github.com/aws/aws-sdk-go-v2/service/ecr v1.16.0 // indirect
github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.13.0 // indirect
github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20220228164355-396b2034c795
github.com/chrismellard/docker-credential-acr-env v0.0.0-20220119192733-fe33c00cee21
github.com/Azure/azure-sdk-for-go v65.0.0+incompatible // indirect
github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect
github.com/BurntSushi/toml v1.1.0 // indirect
github.com/aws/aws-sdk-go-v2/config v1.15.9 // indirect
github.com/aws/aws-sdk-go-v2/service/ecr v1.17.5 // indirect
github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.13.5 // indirect
github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20220517224237-e6f29200ae04
github.com/chrismellard/docker-credential-acr-env v0.0.0-20220327082430-c57b701bfc08
github.com/containerd/stargz-snapshotter/estargz v0.11.4
github.com/docker/docker v20.10.16+incompatible
github.com/dprotaso/go-yit v0.0.0-20191028211022-135eb7262960
github.com/dprotaso/go-yit v0.0.0-20220510233725-9ba8df137936
github.com/go-logr/logr v1.2.3 // indirect
github.com/go-openapi/analysis v0.21.3 // indirect
github.com/go-training/helloworld v0.0.0-20200225145412-ba5f4379d78b
github.com/golang-jwt/jwt/v4 v4.4.1 // indirect
github.com/google/go-cmp v0.5.8
github.com/google/go-containerregistry v0.8.1-0.20220209165246-a44adc326839
github.com/google/go-containerregistry v0.9.0
github.com/klauspost/compress v1.15.5 // indirect
github.com/letsencrypt/boulder v0.0.0-20220525221457-11544756bbe8 // indirect
github.com/opencontainers/image-spec v1.0.3-0.20220114050600-8b9d41f48198
github.com/sigstore/cosign v1.3.2-0.20211120003522-90e2dcfe7b92
github.com/sigstore/cosign v1.8.0
github.com/sigstore/rekor v0.7.0 // indirect
github.com/spf13/cobra v1.4.0
github.com/spf13/pflag v1.0.5
github.com/spf13/viper v1.12.0
go.uber.org/automaxprocs v1.4.1-0.20220314153950-975e177ad84f
github.com/theupdateframework/go-tuf v0.3.0 // indirect
go.mongodb.org/mongo-driver v1.9.1 // indirect
go.uber.org/automaxprocs v1.5.1
golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e // indirect
golang.org/x/net v0.0.0-20220531201128-c960675eff93 // indirect
golang.org/x/oauth2 v0.0.0-20220524215830-622c5d57e401 // indirect
golang.org/x/sync v0.0.0-20220513210516-0976fa681c29
golang.org/x/term v0.0.0-20220526004731-065cf7ba2467 // indirect
golang.org/x/tools v0.1.10
google.golang.org/genproto v0.0.0-20220531173845-685668d2de03 // indirect
gopkg.in/ini.v1 v1.66.6 // indirect
gopkg.in/yaml.v3 v3.0.1
k8s.io/apimachinery v0.24.1
sigs.k8s.io/kind v0.14.0
Expand Down
975 changes: 682 additions & 293 deletions go.sum

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion pkg/build/gobuild.go
Original file line number Diff line number Diff line change
Expand Up @@ -348,7 +348,7 @@ func cycloneDX() sbomber {
if err != nil {
return nil, "", err
}
return b, ctypes.CycloneDXMediaType, nil
return b, ctypes.CycloneDXJSONMediaType, nil
}
}

Expand Down
4 changes: 2 additions & 2 deletions vendor/github.com/Azure/azure-sdk-for-go/LICENSE.txt

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

21 changes: 10 additions & 11 deletions vendor/github.com/Azure/go-autorest/autorest/adal/go.sum

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit e4a01f6

Please sign in to comment.