Skip to content

Commit a97ffca

Browse files
burmudarburmudar
authored
fix: upgrade docker to v25.0.6 (CVE-2024-41110) (#1217)
1 parent 8f10917 commit a97ffca

File tree

4 files changed

+198
-200
lines changed

4 files changed

+198
-200
lines changed

go.mod

Lines changed: 46 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ module github.com/sourcegraph/src-cli
33
go 1.24.1
44

55
require (
6-
cloud.google.com/go/storage v1.30.1
6+
cloud.google.com/go/storage v1.50.0
77
github.com/aws/aws-sdk-go-v2/config v1.18.13
88
github.com/aws/aws-sdk-go-v2/service/ec2 v1.86.0
99
github.com/aws/aws-sdk-go-v2/service/eks v1.27.3
@@ -29,9 +29,9 @@ require (
2929
github.com/sourcegraph/scip v0.6.1
3030
github.com/sourcegraph/sourcegraph/lib v0.0.0-20240709083501-1af563b61442
3131
github.com/stretchr/testify v1.11.1
32-
golang.org/x/net v0.44.0
33-
golang.org/x/sync v0.17.0
34-
google.golang.org/api v0.132.0
32+
golang.org/x/net v0.46.0
33+
golang.org/x/sync v0.18.0
34+
google.golang.org/api v0.256.0
3535
google.golang.org/protobuf v1.36.10
3636
gopkg.in/yaml.v3 v3.0.1
3737
jaytaylor.com/html2text v0.0.0-20200412013138-3577fbdbcff7
@@ -41,34 +41,49 @@ require (
4141
)
4242

4343
require (
44-
github.com/Microsoft/go-winio v0.6.1 // indirect
44+
cel.dev/expr v0.24.0 // indirect
45+
cloud.google.com/go/auth v0.17.0 // indirect
46+
cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
47+
cloud.google.com/go/monitoring v1.24.2 // indirect
48+
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.29.0 // indirect
49+
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.50.0 // indirect
50+
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.50.0 // indirect
51+
github.com/Microsoft/go-winio v0.6.2 // indirect
4552
github.com/alecthomas/chroma/v2 v2.14.0 // indirect
4653
github.com/bufbuild/connect-go v1.9.0 // indirect
4754
github.com/bufbuild/connect-opentelemetry-go v0.4.0 // indirect
4855
github.com/bufbuild/protocompile v0.5.1 // indirect
56+
github.com/cenkalti/backoff/v5 v5.0.3 // indirect
57+
github.com/cespare/xxhash/v2 v2.3.0 // indirect
4958
github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc // indirect
5059
github.com/charmbracelet/lipgloss v1.1.1-0.20250404203927-76690c660834 // indirect
5160
github.com/charmbracelet/x/ansi v0.8.0 // indirect
5261
github.com/charmbracelet/x/cellbuf v0.0.13 // indirect
5362
github.com/charmbracelet/x/exp/slice v0.0.0-20250327172914-2fdc97757edf // indirect
5463
github.com/charmbracelet/x/term v0.2.1 // indirect
5564
github.com/clipperhouse/uax29/v2 v2.2.0 // indirect
65+
github.com/cncf/xds/go v0.0.0-20250501225837-2ac532fd4443 // indirect
5666
github.com/containerd/stargz-snapshotter/estargz v0.14.3 // indirect
67+
github.com/distribution/reference v0.6.0 // indirect
5768
github.com/docker/cli v24.0.4+incompatible // indirect
5869
github.com/docker/distribution v2.8.2+incompatible // indirect
59-
github.com/docker/docker v24.0.4+incompatible // indirect
70+
github.com/docker/docker v25.0.6+incompatible // indirect
6071
github.com/docker/docker-credential-helpers v0.8.0 // indirect
6172
github.com/docker/go-connections v0.4.0 // indirect
6273
github.com/docker/go-units v0.5.0 // indirect
74+
github.com/envoyproxy/go-control-plane/envoy v1.32.4 // indirect
6375
github.com/felixge/fgprof v0.9.3 // indirect
76+
github.com/felixge/httpsnoop v1.0.4 // indirect
6477
github.com/fxamacker/cbor/v2 v2.7.0 // indirect
6578
github.com/go-chi/chi/v5 v5.0.10 // indirect
79+
github.com/go-jose/go-jose/v4 v4.1.2 // indirect
6680
github.com/go-logr/stdr v1.2.2 // indirect
6781
github.com/gofrs/uuid/v5 v5.0.0 // indirect
6882
github.com/google/gnostic-models v0.6.8 // indirect
6983
github.com/google/go-containerregistry v0.15.2 // indirect
7084
github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db // indirect
71-
github.com/google/s2a-go v0.1.4 // indirect
85+
github.com/google/s2a-go v0.1.9 // indirect
86+
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.2 // indirect
7287
github.com/jackc/chunkreader/v2 v2.0.1 // indirect
7388
github.com/jackc/pgconn v1.14.3 // indirect
7489
github.com/jackc/pgio v1.0.0 // indirect
@@ -79,29 +94,38 @@ require (
7994
github.com/morikuni/aec v1.0.0 // indirect
8095
github.com/opencontainers/go-digest v1.0.0 // indirect
8196
github.com/opencontainers/image-spec v1.1.0-rc4 // indirect
97+
github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
8298
github.com/rs/cors v1.9.0 // indirect
8399
github.com/sirupsen/logrus v1.9.3 // indirect
84100
github.com/sourcegraph/beaut v0.0.0-20240611013027-627e4c25335a // indirect
101+
github.com/spiffe/go-spiffe/v2 v2.5.0 // indirect
85102
github.com/tetratelabs/wazero v1.3.0 // indirect
86103
github.com/vbatts/tar-split v0.11.3 // indirect
87104
github.com/x448/float16 v0.8.4 // indirect
88105
github.com/xlab/treeprint v1.2.0 // indirect
89106
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
107+
github.com/zeebo/errs v1.4.0 // indirect
90108
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
109+
go.opentelemetry.io/contrib/detectors/gcp v1.36.0 // indirect
110+
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0 // indirect
111+
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0 // indirect
91112
go.opentelemetry.io/otel v1.38.0 // indirect
113+
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 // indirect
92114
go.opentelemetry.io/otel/metric v1.38.0 // indirect
93-
go.opentelemetry.io/otel/sdk v1.16.0 // indirect
115+
go.opentelemetry.io/otel/sdk v1.38.0 // indirect
116+
go.opentelemetry.io/otel/sdk/metric v1.38.0 // indirect
94117
go.opentelemetry.io/otel/trace v1.38.0 // indirect
118+
go.opentelemetry.io/proto/otlp v1.7.1 // indirect
95119
golang.org/x/telemetry v0.0.0-20250908211612-aef8a434d053 // indirect
96-
google.golang.org/genproto/googleapis/api v0.0.0-20231016165738-49dd2c1f3d0b // indirect
97-
google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect
120+
google.golang.org/genproto/googleapis/api v0.0.0-20250825161204-c5933d9347a5 // indirect
121+
google.golang.org/genproto/googleapis/rpc v0.0.0-20251103181224-f26f9409b101 // indirect
98122
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
99123
)
100124

101125
require (
102-
cloud.google.com/go v0.110.9 // indirect
103-
cloud.google.com/go/compute/metadata v0.3.0 // indirect
104-
cloud.google.com/go/iam v1.1.4 // indirect
126+
cloud.google.com/go v0.120.0 // indirect
127+
cloud.google.com/go/compute/metadata v0.9.0 // indirect
128+
cloud.google.com/go/iam v1.5.2 // indirect
105129
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
106130
github.com/Masterminds/goutils v1.1.1 // indirect
107131
github.com/Masterminds/semver v1.5.0 // indirect
@@ -128,7 +152,7 @@ require (
128152
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
129153
github.com/dlclark/regexp2 v1.11.0 // indirect
130154
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
131-
github.com/envoyproxy/protoc-gen-validate v1.0.2 // indirect
155+
github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect
132156
github.com/fatih/color v1.15.0 // indirect
133157
github.com/getsentry/sentry-go v0.27.0 // indirect
134158
github.com/ghodss/yaml v1.0.0 // indirect
@@ -137,12 +161,11 @@ require (
137161
github.com/go-openapi/jsonreference v0.20.2 // indirect
138162
github.com/go-openapi/swag v0.23.0 // indirect
139163
github.com/gogo/protobuf v1.3.2 // indirect
140-
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
141164
github.com/golang/protobuf v1.5.4 // indirect
142165
github.com/google/gofuzz v1.2.0 // indirect
143166
github.com/google/uuid v1.6.0 // indirect
144-
github.com/googleapis/enterprise-certificate-proxy v0.2.5 // indirect
145-
github.com/googleapis/gax-go/v2 v2.12.0 // indirect
167+
github.com/googleapis/enterprise-certificate-proxy v0.3.7 // indirect
168+
github.com/googleapis/gax-go/v2 v2.15.0 // indirect
146169
github.com/gorilla/css v1.0.1 // indirect
147170
github.com/hexops/gotextdiff v1.0.3 // indirect
148171
github.com/hexops/valast v1.4.4 // indirect
@@ -190,22 +213,19 @@ require (
190213
github.com/xeipuuv/gojsonschema v1.2.0 // indirect
191214
github.com/yuin/goldmark v1.7.8 // indirect
192215
github.com/yuin/goldmark-emoji v1.0.5 // indirect
193-
go.opencensus.io v0.24.0 // indirect
194216
go.uber.org/atomic v1.11.0 // indirect
195217
go.uber.org/multierr v1.11.0 // indirect
196218
go.uber.org/zap v1.24.0 // indirect
197-
golang.org/x/crypto v0.42.0 // indirect
219+
golang.org/x/crypto v0.43.0 // indirect
198220
golang.org/x/mod v0.28.0 // indirect
199-
golang.org/x/oauth2 v0.28.0 // indirect
221+
golang.org/x/oauth2 v0.33.0 // indirect
200222
golang.org/x/sys v0.38.0 // indirect
201223
golang.org/x/term v0.37.0 // indirect
202-
golang.org/x/text v0.29.0 // indirect
203-
golang.org/x/time v0.7.0 // indirect
224+
golang.org/x/text v0.30.0 // indirect
225+
golang.org/x/time v0.14.0 // indirect
204226
golang.org/x/tools v0.37.0 // indirect
205-
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
206-
google.golang.org/appengine v1.6.7 // indirect
207-
google.golang.org/genproto v0.0.0-20231030173426-d783a09b4405 // indirect
208-
google.golang.org/grpc v1.59.0 // indirect
227+
google.golang.org/genproto v0.0.0-20250603155806-513f23925822 // indirect
228+
google.golang.org/grpc v1.76.0 // indirect
209229
gopkg.in/inf.v0 v0.9.1 // indirect; direct
210230
gopkg.in/yaml.v2 v2.4.0 // indirect
211231
k8s.io/klog/v2 v2.130.1 // indirect

0 commit comments

Comments
 (0)