Skip to content

Commit a39afe5

Browse files
Update go modules
1 parent b4eea6f commit a39afe5

6 files changed

Lines changed: 157 additions & 136 deletions

File tree

acceptance/go.mod

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -3,17 +3,17 @@ module github.com/conforma/cli/acceptance
33
go 1.25.9
44

55
require (
6-
cuelang.org/go v0.15.1
6+
cuelang.org/go v0.15.4
77
github.com/cucumber/godog v0.15.1
88
github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467
99
github.com/doiit/picocolors v1.0.1
10-
github.com/enterprise-contract/enterprise-contract-controller/api v0.1.257
10+
github.com/enterprise-contract/enterprise-contract-controller/api v0.1.281
1111
github.com/evanphx/json-patch/v5 v5.9.11
12-
github.com/gkampitakis/go-snaps v0.5.19
12+
github.com/gkampitakis/go-snaps v0.5.22
1313
github.com/go-git/go-billy/v5 v5.8.0
14-
github.com/go-git/go-git/v5 v5.17.1
14+
github.com/go-git/go-git/v5 v5.17.2
1515
github.com/go-openapi/strfmt v0.25.0
16-
github.com/google/go-containerregistry v0.21.5
16+
github.com/google/go-containerregistry v0.21.7
1717
github.com/in-toto/in-toto-golang v0.10.0
1818
github.com/konflux-ci/application-api v0.0.0-20240812090716-e7eb2ecfb409
1919
github.com/opencontainers/image-spec v1.1.1
@@ -22,21 +22,21 @@ require (
2222
github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e
2323
github.com/pkg/errors v0.9.1
2424
github.com/secure-systems-lab/go-securesystemslib v0.10.0
25-
github.com/sigstore/cosign/v2 v2.6.2
25+
github.com/sigstore/cosign/v2 v2.6.3
2626
github.com/sigstore/rekor v1.5.0
27-
github.com/sigstore/sigstore v1.10.5
27+
github.com/sigstore/sigstore v1.10.8
2828
github.com/stretchr/testify v1.11.1
29-
github.com/tektoncd/cli v0.44.0
29+
github.com/tektoncd/cli v0.44.2
3030
github.com/tektoncd/pipeline v1.12.0
3131
github.com/testcontainers/testcontainers-go v0.34.1
3232
github.com/transparency-dev/merkle v0.0.2
3333
github.com/wiremock/go-wiremock v1.11.0
3434
github.com/yudai/gojsondiff v1.0.0
3535
golang.org/x/exp v0.0.0-20260312153236-7ab1446f8b90
3636
gopkg.in/go-jose/go-jose.v2 v2.6.3
37-
k8s.io/api v0.35.4
38-
k8s.io/apimachinery v0.35.4
39-
k8s.io/client-go v0.35.4
37+
k8s.io/api v0.35.6
38+
k8s.io/apimachinery v0.35.6
39+
k8s.io/client-go v0.35.6
4040
oras.land/oras-go/v2 v2.6.0
4141
sigs.k8s.io/kind v0.26.0
4242
sigs.k8s.io/kustomize/api v0.20.1
@@ -45,7 +45,7 @@ require (
4545
)
4646

4747
// Maybe less important in acceptance, but it seems sensible to use the fork here too
48-
replace github.com/google/go-containerregistry => github.com/conforma/go-containerregistry v0.20.7-0.20250703195040-6f40a3734728
48+
replace github.com/google/go-containerregistry => github.com/conforma/go-containerregistry v0.20.7
4949

5050
require (
5151
cel.dev/expr v0.25.1 // indirect

go.mod

Lines changed: 39 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -3,37 +3,37 @@ module github.com/conforma/cli
33
go 1.25.9
44

55
require (
6-
cuelang.org/go v0.16.0
6+
cuelang.org/go v0.16.1
77
github.com/CycloneDX/cyclonedx-go v0.10.0
88
github.com/MakeNowJust/heredoc v1.0.0
99
github.com/Maldris/go-billy-afero v0.0.0-20200815120323-e9d3de59c99a
1010
github.com/conforma/go-gather v1.0.2
1111
github.com/docker/docker v28.5.2+incompatible
12-
github.com/enterprise-contract/enterprise-contract-controller/api v0.1.257
12+
github.com/enterprise-contract/enterprise-contract-controller/api v0.1.281
1313
github.com/evanphx/json-patch v5.9.11+incompatible
14-
github.com/gkampitakis/go-snaps v0.5.19
15-
github.com/go-git/go-git/v5 v5.17.1
14+
github.com/gkampitakis/go-snaps v0.5.22
15+
github.com/go-git/go-git/v5 v5.17.2
1616
github.com/go-logr/logr v1.4.3
17-
github.com/go-openapi/strfmt v0.26.1
17+
github.com/go-openapi/strfmt v0.26.4
1818
github.com/google/go-cmp v0.7.0
19-
github.com/google/go-containerregistry v0.21.5
19+
github.com/google/go-containerregistry v0.21.7
2020
github.com/google/safearchive v0.0.0-20241025131057-f7ce9d7b6f9c
2121
github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b
2222
github.com/in-toto/in-toto-golang v0.10.0
2323
github.com/jstemmer/go-junit-report/v2 v2.1.0
2424
github.com/konflux-ci/application-api v0.0.0-20240812090716-e7eb2ecfb409
2525
github.com/leanovate/gopter v0.2.11
26-
github.com/mattn/go-isatty v0.0.20
26+
github.com/mattn/go-isatty v0.0.22
2727
github.com/mitchellh/go-wordwrap v1.0.1
2828
github.com/open-policy-agent/conftest v0.66.0
2929
github.com/open-policy-agent/opa v1.15.2
30-
github.com/package-url/packageurl-go v0.1.3
30+
github.com/package-url/packageurl-go v0.1.6
3131
github.com/qri-io/jsonpointer v0.1.1
3232
github.com/santhosh-tekuri/jsonschema/v5 v5.3.1
33-
github.com/secure-systems-lab/go-securesystemslib v0.10.0
34-
github.com/sigstore/cosign/v2 v2.4.1
33+
github.com/secure-systems-lab/go-securesystemslib v0.11.0
34+
github.com/sigstore/cosign/v2 v2.4.3
3535
github.com/sigstore/rekor v1.5.0
36-
github.com/sigstore/sigstore v1.10.5
36+
github.com/sigstore/sigstore v1.10.8
3737
github.com/sirupsen/logrus v1.9.4
3838
github.com/smarty/cproxy/v2 v2.1.1
3939
github.com/spdx/tools-golang v0.5.7
@@ -48,19 +48,19 @@ require (
4848
github.com/testcontainers/testcontainers-go/modules/registry v0.34.0
4949
golang.org/x/benchmarks v0.0.0-20241115175113-a2b48b605b42
5050
golang.org/x/exp v0.0.0-20260312153236-7ab1446f8b90
51-
golang.org/x/net v0.53.0
52-
golang.org/x/sync v0.20.0
53-
k8s.io/apiextensions-apiserver v0.35.4
54-
k8s.io/apimachinery v0.35.4
55-
k8s.io/client-go v0.35.4
51+
golang.org/x/net v0.56.0
52+
golang.org/x/sync v0.21.0
53+
k8s.io/apiextensions-apiserver v0.35.6
54+
k8s.io/apimachinery v0.35.6
55+
k8s.io/client-go v0.35.6
5656
k8s.io/klog/v2 v2.130.1
5757
k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912
5858
oras.land/oras-go/v2 v2.6.0
5959
sigs.k8s.io/yaml v1.6.0
6060
)
6161

6262
// use forked version until we can get the fixes merged see https://github.com/conforma/go-containerregistry/blob/main/hack/ec-patches.sh for a list of patches we carry
63-
replace github.com/google/go-containerregistry => github.com/conforma/go-containerregistry v0.20.7-0.20250703195040-6f40a3734728
63+
replace github.com/google/go-containerregistry => github.com/conforma/go-containerregistry v0.20.7
6464

6565
// Force moby/go-archive to v0.1.0 for compatibility with docker/docker v28.5.2
6666
// v0.2.0 removed archive.Compression type which docker still uses
@@ -76,7 +76,6 @@ require (
7676
cloud.google.com/go/monitoring v1.24.3 // indirect
7777
cloud.google.com/go/storage v1.61.3 // indirect
7878
dario.cat/mergo v1.0.2 // indirect
79-
filippo.io/edwards25519 v1.1.0 // indirect
8079
github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/provider v0.15.0 // indirect
8180
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect
8281
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
@@ -191,7 +190,7 @@ require (
191190
github.com/felixge/httpsnoop v1.0.4 // indirect
192191
github.com/fsnotify/fsnotify v1.9.0 // indirect
193192
github.com/fxamacker/cbor/v2 v2.9.0 // indirect
194-
github.com/gkampitakis/ciinfo v0.3.2 // indirect
193+
github.com/gkampitakis/ciinfo v0.3.4 // indirect
195194
github.com/go-akka/configuration v0.0.0-20200606091224-a002c0330665 // indirect
196195
github.com/go-chi/chi/v5 v5.2.4 // indirect
197196
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
@@ -202,7 +201,7 @@ require (
202201
github.com/go-logr/stdr v1.2.2 // indirect
203202
github.com/go-ole/go-ole v1.2.6 // indirect
204203
github.com/go-openapi/analysis v0.24.3 // indirect
205-
github.com/go-openapi/errors v0.22.7 // indirect
204+
github.com/go-openapi/errors v0.22.8 // indirect
206205
github.com/go-openapi/jsonpointer v0.22.5 // indirect
207206
github.com/go-openapi/jsonreference v0.21.5 // indirect
208207
github.com/go-openapi/loads v0.23.3 // indirect
@@ -221,10 +220,11 @@ require (
221220
github.com/go-openapi/swag/typeutils v0.25.5 // indirect
222221
github.com/go-openapi/swag/yamlutils v0.25.5 // indirect
223222
github.com/go-openapi/validate v0.25.2 // indirect
223+
github.com/go-piv/piv-go/v2 v2.4.0 // indirect
224224
github.com/go-viper/mapstructure/v2 v2.5.0 // indirect
225225
github.com/gobwas/glob v0.2.3 // indirect
226226
github.com/goccy/go-json v0.10.5 // indirect
227-
github.com/goccy/go-yaml v1.18.0 // indirect
227+
github.com/goccy/go-yaml v1.19.2 // indirect
228228
github.com/gogo/protobuf v1.3.2 // indirect
229229
github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
230230
github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
@@ -272,7 +272,7 @@ require (
272272
github.com/logrusorgru/aurora v2.0.3+incompatible // indirect
273273
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
274274
github.com/magiconair/properties v1.8.10 // indirect
275-
github.com/maruel/natural v1.1.1 // indirect
275+
github.com/maruel/natural v1.3.0 // indirect
276276
github.com/mattn/go-colorable v0.1.14 // indirect
277277
github.com/mattn/go-runewidth v0.0.19 // indirect
278278
github.com/miekg/dns v1.1.61 // indirect
@@ -327,9 +327,12 @@ require (
327327
github.com/shirou/gopsutil/v3 v3.23.12 // indirect
328328
github.com/shoenig/go-m1cpu v0.1.6 // indirect
329329
github.com/shteou/go-ignore v0.3.1 // indirect
330-
github.com/sigstore/fulcio v1.6.3 // indirect
330+
github.com/sigstore/fulcio v1.6.6 // indirect
331331
github.com/sigstore/protobuf-specs v0.5.0 // indirect
332-
github.com/sigstore/timestamp-authority v1.2.2 // indirect
332+
github.com/sigstore/rekor-tiles/v2 v2.0.1 // indirect
333+
github.com/sigstore/sigstore-go v1.1.4 // indirect
334+
github.com/sigstore/timestamp-authority v1.2.9 // indirect
335+
github.com/sigstore/timestamp-authority/v2 v2.0.3 // indirect
333336
github.com/skeema/knownhosts v1.3.1 // indirect
334337
github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 // indirect
335338
github.com/spf13/cast v1.10.0 // indirect
@@ -340,7 +343,8 @@ require (
340343
github.com/tchap/go-patricia/v2 v2.3.3 // indirect
341344
github.com/thales-e-security/pool v0.0.2 // indirect
342345
github.com/theupdateframework/go-tuf v0.7.0 // indirect
343-
github.com/tidwall/gjson v1.18.0 // indirect
346+
github.com/theupdateframework/go-tuf/v2 v2.4.1 // indirect
347+
github.com/tidwall/gjson v1.19.0 // indirect
344348
github.com/tidwall/match v1.1.1 // indirect
345349
github.com/tidwall/pretty v1.2.1 // indirect
346350
github.com/tidwall/sjson v1.2.5 // indirect
@@ -349,19 +353,21 @@ require (
349353
github.com/tklauser/numcpus v0.6.1 // indirect
350354
github.com/tmccombs/hcl2json v0.6.7 // indirect
351355
github.com/tonistiigi/go-csvvalue v0.0.0-20240814133006-030d3b2625d0 // indirect
356+
github.com/transparency-dev/formats v0.0.0-20251017110053-404c0d5b696c // indirect
352357
github.com/transparency-dev/merkle v0.0.2 // indirect
353358
github.com/ulikunitz/xz v0.5.15 // indirect
354359
github.com/valyala/fastjson v1.6.7 // indirect
355360
github.com/vbatts/tar-split v0.12.2 // indirect
356361
github.com/vektah/gqlparser/v2 v2.5.32 // indirect
357362
github.com/x448/float16 v0.8.4 // indirect
358-
github.com/xanzy/go-gitlab v0.109.0 // indirect
359363
github.com/xanzy/ssh-agent v0.3.3 // indirect
360364
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
361365
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
362366
github.com/yashtewari/glob-intersection v0.2.0 // indirect
367+
github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect
363368
github.com/yusufpapurcu/wmi v1.2.3 // indirect
364369
github.com/zclconf/go-cty v1.16.2 // indirect
370+
gitlab.com/gitlab-org/api/client-go v0.123.0 // indirect
365371
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
366372
go.opentelemetry.io/contrib/detectors/gcp v1.39.0 // indirect
367373
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.63.0 // indirect
@@ -379,20 +385,19 @@ require (
379385
go.opentelemetry.io/otel/sdk/metric v1.43.0 // indirect
380386
go.opentelemetry.io/otel/trace v1.43.0 // indirect
381387
go.opentelemetry.io/proto/otlp v1.10.0 // indirect
382-
go.step.sm/crypto v0.74.0 // indirect
383388
go.uber.org/automaxprocs v1.6.0 // indirect
384389
go.uber.org/multierr v1.11.0 // indirect
385390
go.uber.org/zap v1.28.0 // indirect
386391
go.yaml.in/yaml/v2 v2.4.3 // indirect
387392
go.yaml.in/yaml/v3 v3.0.4 // indirect
388-
golang.org/x/crypto v0.50.0 // indirect
389-
golang.org/x/mod v0.35.0 // indirect
393+
golang.org/x/crypto v0.53.0 // indirect
394+
golang.org/x/mod v0.36.0 // indirect
390395
golang.org/x/oauth2 v0.36.0 // indirect
391-
golang.org/x/sys v0.43.0 // indirect
392-
golang.org/x/term v0.42.0 // indirect
393-
golang.org/x/text v0.36.0 // indirect
396+
golang.org/x/sys v0.46.0 // indirect
397+
golang.org/x/term v0.44.0 // indirect
398+
golang.org/x/text v0.38.0 // indirect
394399
golang.org/x/time v0.15.0 // indirect
395-
golang.org/x/tools v0.44.0 // indirect
400+
golang.org/x/tools v0.45.0 // indirect
396401
gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect
397402
google.golang.org/api v0.271.0 // indirect
398403
google.golang.org/genproto v0.0.0-20260128011058-8636f8732409 // indirect
@@ -405,7 +410,7 @@ require (
405410
gopkg.in/ini.v1 v1.67.1 // indirect
406411
gopkg.in/warnings.v0 v0.1.2 // indirect
407412
gopkg.in/yaml.v3 v3.0.1 // indirect
408-
k8s.io/api v0.35.4 // indirect
413+
k8s.io/api v0.35.6 // indirect
409414
k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect
410415
knative.dev/pkg v0.0.0-20260318013857-98d5a706d4fd // indirect
411416
olympos.io/encoding/edn v0.0.0-20201019073823-d3554ca0b0a3 // indirect

0 commit comments

Comments
 (0)