Skip to content

Commit

Permalink
chore: fix dependabot alerts (project-zot#2729)
Browse files Browse the repository at this point in the history
project-zot#2718

Signed-off-by: Ramkumar Chinchani <[email protected]>
  • Loading branch information
rchincha authored Oct 16, 2024
1 parent 8820408 commit 6471bed
Show file tree
Hide file tree
Showing 5 changed files with 69 additions and 69 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ jobs:

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/[email protected].11
uses: github/codeql-action/[email protected].13
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -64,7 +64,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/[email protected].11
uses: github/codeql-action/[email protected].13

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
Expand All @@ -77,4 +77,4 @@ jobs:
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/[email protected].11
uses: github/codeql-action/[email protected].13
4 changes: 2 additions & 2 deletions .github/workflows/publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -237,7 +237,7 @@ jobs:
TRIVY_USERNAME: ${{ github.actor }}
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/[email protected].11
uses: github/codeql-action/[email protected].13
with:
sarif_file: 'trivy-results.sarif'

Expand Down Expand Up @@ -274,7 +274,7 @@ jobs:
TRIVY_USERNAME: ${{ github.actor }}
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/[email protected].11
uses: github/codeql-action/[email protected].13
with:
sarif_file: 'trivy-results.sarif'

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/scorecards.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,6 @@ jobs:

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/[email protected].11
uses: github/codeql-action/[email protected].13
with:
sarif_file: results.sarif
42 changes: 21 additions & 21 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,14 @@ require (
github.com/aquasecurity/trivy v0.55.2
github.com/aquasecurity/trivy-db v0.0.0-20240910133327-7e0f4d2ed4c1
github.com/aws/aws-sdk-go v1.55.5
github.com/aws/aws-sdk-go-v2 v1.32.0
github.com/aws/aws-sdk-go-v2/config v1.27.41
github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.8
github.com/aws/aws-sdk-go-v2/service/dynamodb v1.36.0
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.34.0
github.com/aws/aws-sdk-go-v2 v1.32.2
github.com/aws/aws-sdk-go-v2/config v1.27.43
github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.15.12
github.com/aws/aws-sdk-go-v2/service/dynamodb v1.36.2
github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.34.2
github.com/aws/aws-secretsmanager-caching-go v1.2.0
github.com/aws/smithy-go v1.22.0
github.com/bmatcuk/doublestar/v4 v4.6.1
github.com/bmatcuk/doublestar/v4 v4.7.1
github.com/briandowns/spinner v1.23.1
github.com/chartmuseum/auth v0.5.0
github.com/containers/common v0.60.4
Expand Down Expand Up @@ -62,10 +62,10 @@ require (
github.com/vektah/gqlparser/v2 v2.5.17
github.com/zitadel/oidc/v3 v3.30.0
go.etcd.io/bbolt v1.3.11
golang.org/x/crypto v0.27.0
golang.org/x/crypto v0.28.0
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56
golang.org/x/oauth2 v0.23.0
google.golang.org/protobuf v1.34.2
google.golang.org/protobuf v1.35.1
gopkg.in/resty.v1 v1.12.0
gopkg.in/yaml.v3 v3.0.1
modernc.org/sqlite v1.33.1
Expand Down Expand Up @@ -146,23 +146,23 @@ require (
github.com/aquasecurity/trivy-checks v0.13.1-0.20240830230553-53ddbbade784 // indirect
github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48 // indirect
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.17.39 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.15 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.19 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.19 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.17.41 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.17 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.21 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.21 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.23.3 // indirect
github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.24.2 // indirect
github.com/aws/aws-sdk-go-v2/service/ebs v1.25.3 // indirect
github.com/aws/aws-sdk-go-v2/service/ec2 v1.175.1 // indirect
github.com/aws/aws-sdk-go-v2/service/ecr v1.32.1 // indirect
github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.25.3 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.0 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.10.0 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.0 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.10.2 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.2 // indirect
github.com/aws/aws-sdk-go-v2/service/s3 v1.59.0 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.24.0 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.0 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.32.0 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.24.2 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.2 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.32.2 // indirect
github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20240730143543-a8d7d3c42ca1 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
Expand Down Expand Up @@ -478,9 +478,9 @@ require (
golang.org/x/mod v0.20.0 // indirect
golang.org/x/net v0.29.0 // indirect
golang.org/x/sync v0.8.0 // indirect
golang.org/x/sys v0.25.0 // indirect
golang.org/x/term v0.24.0 // indirect
golang.org/x/text v0.18.0 // indirect
golang.org/x/sys v0.26.0 // indirect
golang.org/x/term v0.25.0 // indirect
golang.org/x/text v0.19.0 // indirect
golang.org/x/time v0.6.0 // indirect
golang.org/x/tools v0.24.0 // indirect
golang.org/x/xerrors v0.0.0-20240716161551-93cc26a95ae9 // indirect
Expand Down
Loading

0 comments on commit 6471bed

Please sign in to comment.