net for CVEs (#822)

pbacsko Fri, 03 May 2024 04:06:20 -0700

This is an automated email from the ASF dual-hosted git repository.

pbacsko pushed a commit to branch branch-1.5
in repository https://gitbox.apache.org/repos/asf/yunikorn-k8shim.git



The following commit(s) were added to refs/heads/branch-1.5 by this push:
     new 80e72db0 [YUNIKORN-2541] Upgrade golang.org/x/net for CVEs (#822)
80e72db0 is described below

commit 80e72db0b3a381c31c37f4b3fb0c831f7651269c
Author: targetoee <target...@gmail.com>
AuthorDate: Mon Apr 22 10:25:07 2024 +0000

    [YUNIKORN-2541] Upgrade golang.org/x/net for CVEs (#822)
    
    upgrade golang.org/x/net to v0.23
    
    Closes: #822
    
    Signed-off-by: Yu-Lin Chen <chenyulin0...@apache.org>
    (cherry picked from commit 04daf6267c2a4917d81068b3b03a7120a13c01c6)
---
 go.mod | 16 ++++++++--------
 go.sum | 20 ++++++++++----------
 2 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/go.mod b/go.mod
index ac986666..45b884fd 100644
--- a/go.mod
+++ b/go.mod
@@ -21,7 +21,7 @@ module github.com/apache/yunikorn-k8shim
 go 1.21
 
 require (
-       github.com/apache/yunikorn-core v0.0.0-20240405160823-c94a7d938c41
+       github.com/apache/yunikorn-core v0.0.0-20240422073303-db13a4fa8585
        github.com/apache/yunikorn-scheduler-interface v1.5.0-1
        github.com/google/go-cmp v0.6.0
        github.com/google/uuid v1.6.0
@@ -122,13 +122,13 @@ require (
        go.opentelemetry.io/proto/otlp v1.0.0 // indirect
        go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
        go.uber.org/multierr v1.11.0 // indirect
-       golang.org/x/crypto v0.19.0 // indirect
+       golang.org/x/crypto v0.21.0 // indirect
        golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect
        golang.org/x/net v0.21.0 // indirect
        golang.org/x/oauth2 v0.12.0 // indirect
        golang.org/x/sync v0.6.0 // indirect
-       golang.org/x/sys v0.17.0 // indirect
-       golang.org/x/term v0.17.0 // indirect
+       golang.org/x/sys v0.18.0 // indirect
+       golang.org/x/term v0.18.0 // indirect
        golang.org/x/text v0.14.0 // indirect
        golang.org/x/time v0.5.0 // indirect
        golang.org/x/tools v0.17.0 // indirect
@@ -137,7 +137,7 @@ require (
        google.golang.org/genproto/googleapis/api 
v0.0.0-20230822172742-b8732ec3820d // indirect
        google.golang.org/genproto/googleapis/rpc 
v0.0.0-20230822172742-b8732ec3820d // indirect
        google.golang.org/grpc v1.59.0 // indirect
-       google.golang.org/protobuf v1.31.0 // indirect
+       google.golang.org/protobuf v1.33.0 // indirect
        gopkg.in/inf.v0 v0.9.1 // indirect
        gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
        gopkg.in/yaml.v2 v2.4.0 // indirect
@@ -164,10 +164,10 @@ require (
 replace (
        github.com/opencontainers/runc => github.com/opencontainers/runc v1.1.12
        github.com/petermattis/goid => github.com/petermattis/goid 
v0.0.0-20240327183114-c42a807a84ba
-       golang.org/x/crypto => golang.org/x/crypto v0.19.0
+       golang.org/x/crypto => golang.org/x/crypto v0.21.0
        golang.org/x/lint => golang.org/x/lint 
v0.0.0-20210508222113-6edffad5e616
-       golang.org/x/net => golang.org/x/net v0.21.0
-       golang.org/x/sys => golang.org/x/sys v0.17.0
+       golang.org/x/net => golang.org/x/net v0.23.0
+       golang.org/x/sys => golang.org/x/sys v0.18.0
        golang.org/x/text => golang.org/x/text v0.14.0
        golang.org/x/tools => golang.org/x/tools v0.17.0
        google.golang.org/protobuf => google.golang.org/protobuf v1.33.0
diff --git a/go.sum b/go.sum
index 284ae1af..8e7da957 100644
--- a/go.sum
+++ b/go.sum
@@ -9,8 +9,8 @@ github.com/NYTimes/gziphandler v1.1.1 
h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cq
 github.com/NYTimes/gziphandler v1.1.1/go.mod 
h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c=
 github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df 
h1:7RFfzj4SSt6nnvCPbCqijJi1nWCd+TqAT3bYCStRC18=
 github.com/antlr/antlr4/runtime/Go/antlr/v4 
v4.0.0-20230305170008-8188dc5388df/go.mod 
h1:pSwJ0fSY5KhvocuWSx4fz3BA8OrA1bQn+K1Eli3BRwM=
-github.com/apache/yunikorn-core v0.0.0-20240405160823-c94a7d938c41 
h1:g+vqZUconPFGzrhw0r7IJkkZ1QzAfhc75f5rsApG5tU=
-github.com/apache/yunikorn-core v0.0.0-20240405160823-c94a7d938c41/go.mod 
h1:OWWw/VSMRy/OAHg3vje72OpO1fboOQm5mi7KNcKFSQc=
+github.com/apache/yunikorn-core v0.0.0-20240422073303-db13a4fa8585 
h1:R8ugyStoQzlZra+up+UVxLlxW59O/bp7jw1S97xo61U=
+github.com/apache/yunikorn-core v0.0.0-20240422073303-db13a4fa8585/go.mod 
h1:Zh5AYAA1Sskzak8F4xikX0gp8nub6rhuh8Trfnr1Es8=
 github.com/apache/yunikorn-scheduler-interface v1.5.0-1 
h1:RusZkydfuZNIKx/CHP9Jf97wikQ3cxJGWYlgJ9CjRuM=
 github.com/apache/yunikorn-scheduler-interface v1.5.0-1/go.mod 
h1:3jCo/Ash4yEmw05ozK3BihJDEEAMOZEN7rmxNfb0gO0=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 
h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
@@ -268,23 +268,23 @@ go.uber.org/multierr v1.11.0 
h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod 
h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
 go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo=
 go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so=
-golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo=
-golang.org/x/crypto v0.19.0/go.mod 
h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
+golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.21.0/go.mod 
h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e 
h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA=
 golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod 
h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
-golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
+golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
+golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/oauth2 v0.12.0 h1:smVPGxink+n1ZI5pkQa8y6fZT0RW0MgCO5bFpepy4B4=
 golang.org/x/oauth2 v0.12.0/go.mod 
h1:A74bZ3aGXgCY0qaIC9Ahg6Lglin4AMAco8cIv9baba4=
 golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
 golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
-golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod 
h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
-golang.org/x/term v0.17.0/go.mod 
h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
+golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
+golang.org/x/term v0.18.0/go.mod 
h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
 golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
 golang.org/x/text v0.14.0/go.mod 
h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@yunikorn.apache.org
For additional commands, e-mail: issues-h...@yunikorn.apache.org

(yunikorn-k8shim) branch branch-1.5 updated: [YUNIKORN-2541] Upgrade golang.org/x/net for CVEs (#822)

Reply via email to