Skip to content

Commit c72adee

Browse files
aaronmondalaaronmondal
authored
Bump Go deps (#1622)
Fixes CVE-2025-22870
1 parent 742c985 commit c72adee

File tree

3 files changed

+110
-97
lines changed

3 files changed

+110
-97
lines changed

native-cli/default.nix

+1-1
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ buildGoModule {
99
pname = "native-cli";
1010
version = "0.6.0";
1111
src = ./.;
12-
vendorHash = "sha256-gnGQDpHzElk1Efbkqwia86PNd9LwF8dtS8eNPJc/3L0=";
12+
vendorHash = "sha256-fctMNjTCaFr7wojeQLbzqWKVRUe8PS8049qm2TiGOu0=";
1313
buildInputs = [makeWrapper];
1414
ldflags = ["-s -w"];
1515
installPhase = ''

native-cli/go.mod

+34-30
Original file line numberDiff line numberDiff line change
@@ -6,17 +6,17 @@ require (
66
github.com/docker/docker v28.0.1+incompatible
77
github.com/go-git/go-git/v5 v5.14.0
88
github.com/pulumi/pulumi-docker/sdk/v4 v4.6.1
9-
github.com/pulumi/pulumi-kubernetes/sdk/v4 v4.21.1
10-
github.com/pulumi/pulumi/sdk/v3 v3.153.0
9+
github.com/pulumi/pulumi-kubernetes/sdk/v4 v4.22.1
10+
github.com/pulumi/pulumi/sdk/v3 v3.156.0
1111
github.com/spf13/cobra v1.9.1
12-
k8s.io/apimachinery v0.32.2
13-
k8s.io/client-go v0.32.2
12+
k8s.io/apimachinery v0.32.3
13+
k8s.io/client-go v0.32.3
1414
sigs.k8s.io/gateway-api v1.2.1
1515
sigs.k8s.io/kind v0.27.0
1616
)
1717

1818
require (
19-
al.essio.dev/pkg/shellescape v1.5.1 // indirect
19+
al.essio.dev/pkg/shellescape v1.6.0 // indirect
2020
dario.cat/mergo v1.0.1 // indirect
2121
github.com/BurntSushi/toml v1.4.0 // indirect
2222
github.com/Microsoft/go-winio v0.6.2 // indirect
@@ -28,8 +28,10 @@ require (
2828
github.com/blang/semver v3.5.1+incompatible // indirect
2929
github.com/charmbracelet/bubbles v0.20.0 // indirect
3030
github.com/charmbracelet/bubbletea v1.3.4 // indirect
31-
github.com/charmbracelet/lipgloss v1.0.0 // indirect
31+
github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc // indirect
32+
github.com/charmbracelet/lipgloss v1.1.0 // indirect
3233
github.com/charmbracelet/x/ansi v0.8.0 // indirect
34+
github.com/charmbracelet/x/cellbuf v0.0.13 // indirect
3335
github.com/charmbracelet/x/term v0.2.1 // indirect
3436
github.com/cheggaaa/pb v1.0.29 // indirect
3537
github.com/cloudflare/circl v1.6.0 // indirect
@@ -51,9 +53,9 @@ require (
5153
github.com/go-git/go-billy/v5 v5.6.2 // indirect
5254
github.com/go-logr/logr v1.4.2 // indirect
5355
github.com/go-logr/stdr v1.2.2 // indirect
54-
github.com/go-openapi/jsonpointer v0.21.0 // indirect
56+
github.com/go-openapi/jsonpointer v0.21.1 // indirect
5557
github.com/go-openapi/jsonreference v0.21.0 // indirect
56-
github.com/go-openapi/swag v0.23.0 // indirect
58+
github.com/go-openapi/swag v0.23.1 // indirect
5759
github.com/gogo/protobuf v1.3.2 // indirect
5860
github.com/golang/glog v1.2.4 // indirect
5961
github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
@@ -91,7 +93,7 @@ require (
9193
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
9294
github.com/nxadm/tail v1.4.11 // indirect
9395
github.com/opencontainers/go-digest v1.0.0 // indirect
94-
github.com/opencontainers/image-spec v1.1.0 // indirect
96+
github.com/opencontainers/image-spec v1.1.1 // indirect
9597
github.com/opentracing/basictracer-go v1.1.0 // indirect
9698
github.com/opentracing/opentracing-go v1.2.0 // indirect
9799
github.com/pborman/uuid v1.2.1 // indirect
@@ -101,7 +103,7 @@ require (
101103
github.com/pkg/errors v0.9.1 // indirect
102104
github.com/pkg/term v1.1.0 // indirect
103105
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect
104-
github.com/pulumi/esc v0.12.0 // indirect
106+
github.com/pulumi/esc v0.13.0 // indirect
105107
github.com/rivo/uniseg v0.4.7 // indirect
106108
github.com/rogpeppe/go-internal v1.14.1 // indirect
107109
github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 // indirect
@@ -114,40 +116,42 @@ require (
114116
github.com/uber/jaeger-lib v2.4.1+incompatible // indirect
115117
github.com/x448/float16 v0.8.4 // indirect
116118
github.com/xanzy/ssh-agent v0.3.3 // indirect
119+
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
117120
github.com/zclconf/go-cty v1.16.2 // indirect
118121
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
119-
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.59.0 // indirect
120-
go.opentelemetry.io/otel v1.34.0 // indirect
122+
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect
123+
go.opentelemetry.io/otel v1.35.0 // indirect
121124
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.25.0 // indirect
122-
go.opentelemetry.io/otel/metric v1.34.0 // indirect
123-
go.opentelemetry.io/otel/trace v1.34.0 // indirect
125+
go.opentelemetry.io/otel/metric v1.35.0 // indirect
126+
go.opentelemetry.io/otel/trace v1.35.0 // indirect
124127
go.uber.org/atomic v1.11.0 // indirect
125-
golang.org/x/crypto v0.35.0 // indirect
126-
golang.org/x/exp v0.0.0-20250218142911-aa4b98e5adaa // indirect
127-
golang.org/x/mod v0.23.0 // indirect
128-
golang.org/x/net v0.35.0 // indirect
129-
golang.org/x/oauth2 v0.27.0 // indirect
130-
golang.org/x/sync v0.11.0 // indirect
131-
golang.org/x/sys v0.30.0 // indirect
132-
golang.org/x/term v0.29.0 // indirect
133-
golang.org/x/text v0.22.0 // indirect
134-
golang.org/x/time v0.10.0 // indirect
135-
golang.org/x/tools v0.30.0 // indirect
136-
google.golang.org/genproto/googleapis/rpc v0.0.0-20250227231956-55c901821b1e // indirect
137-
google.golang.org/grpc v1.70.0 // indirect
128+
golang.org/x/crypto v0.36.0 // indirect
129+
golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 // indirect
130+
golang.org/x/mod v0.24.0 // indirect
131+
golang.org/x/net v0.37.0 // indirect
132+
golang.org/x/oauth2 v0.28.0 // indirect
133+
golang.org/x/sync v0.12.0 // indirect
134+
golang.org/x/sys v0.31.0 // indirect
135+
golang.org/x/term v0.30.0 // indirect
136+
golang.org/x/text v0.23.0 // indirect
137+
golang.org/x/time v0.11.0 // indirect
138+
golang.org/x/tools v0.31.0 // indirect
139+
google.golang.org/genproto/googleapis/rpc v0.0.0-20250313205543-e70fdf4c4cb4 // indirect
140+
google.golang.org/grpc v1.71.0 // indirect
138141
google.golang.org/protobuf v1.36.5 // indirect
139142
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
140143
gopkg.in/inf.v0 v0.9.1 // indirect
141144
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
142145
gopkg.in/warnings.v0 v0.1.2 // indirect
143146
gopkg.in/yaml.v3 v3.0.1 // indirect
144147
gotest.tools/v3 v3.5.1 // indirect
145-
k8s.io/api v0.32.2 // indirect
148+
k8s.io/api v0.32.3 // indirect
146149
k8s.io/klog/v2 v2.130.1 // indirect
147-
k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 // indirect
150+
k8s.io/kube-openapi v0.0.0-20250304201544-e5f78fe3ede9 // indirect
148151
k8s.io/utils v0.0.0-20241210054802-24370beab758 // indirect
149152
lukechampine.com/frand v1.5.1 // indirect
150153
sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect
151-
sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect
154+
sigs.k8s.io/randfill v1.0.0 // indirect
155+
sigs.k8s.io/structured-merge-diff/v4 v4.6.0 // indirect
152156
sigs.k8s.io/yaml v1.4.0 // indirect
153157
)

0 commit comments

Comments
 (0)