Skip to content

Commit

Permalink
Update gopkg.in/yaml.v3 for CVE fix
Browse files Browse the repository at this point in the history 
Upgrade indirect dependency on gopkg.in/yaml.v3 to v3.0.1 for CVE fix
  • Loading branch information
@ncthompson
ncthompson committed Mar 3, 2024
1 parent e522844 commit 316c803
Show file tree
Hide file tree
Showing 12 changed files with 294 additions and 112 deletions.
3 changes: 3 additions & 0 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,3 +23,6 @@ require (
google.golang.org/protobuf v1.32.0 // indirect
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect
)

// Override for CVE-2022-28948
replace gopkg.in/yaml.v3 => gopkg.in/yaml.v3 v3.0.1
4 changes: 2 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,5 +41,5 @@ google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHh
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
16 changes: 0 additions & 16 deletions vendor/gopkg.in/yaml.v3/.travis.yml
View file

This file was deleted.

1 change: 1 addition & 0 deletions vendor/gopkg.in/yaml.v3/apic.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

143 changes: 106 additions & 37 deletions vendor/gopkg.in/yaml.v3/decode.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 316c803

Please sign in to comment.