Skip to content

Commit 5e36f94

Browse files
andyzhangxandyzhangx
authored
Merge pull request #437 from andyzhangx/CVE-2024-24786
fix: CVE-2024-24786
2 parents 76b022f + d82aa99 commit 5e36f94

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

65 files changed

+3838
-1154
lines changed

.github/workflows/linux.yml

+5-4
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,11 @@ jobs:
2424

2525
- name: Test
2626
run: go test -covermode=count -coverprofile=profile.cov ./pkg/...
27-
27+
28+
- name: Install goveralls
29+
run: go install github.com/mattn/goveralls@latest
30+
2831
- name: Send coverage
2932
env:
3033
COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
31-
run: |
32-
GO111MODULE=off go get github.com/mattn/goveralls
33-
$(go env GOPATH)/bin/goveralls -coverprofile=profile.cov -service=github
34+
run: goveralls -coverprofile=profile.cov -service=github

go.mod

+2-2
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ require (
5252
github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 // indirect
5353
github.com/gogo/protobuf v1.3.2 // indirect
5454
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
55-
github.com/golang/protobuf v1.5.3 // indirect
55+
github.com/golang/protobuf v1.5.4 // indirect
5656
github.com/google/cel-go v0.12.7 // indirect
5757
github.com/google/gnostic v0.5.7-v3refs // indirect
5858
github.com/google/go-cmp v0.6.0 // indirect
@@ -116,7 +116,7 @@ require (
116116
google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 // indirect
117117
google.golang.org/genproto/googleapis/rpc v0.0.0-20231127180814-3a041ad873d4 // indirect
118118
google.golang.org/grpc v1.59.0 // indirect
119-
google.golang.org/protobuf v1.31.0 // indirect
119+
google.golang.org/protobuf v1.33.0 // indirect
120120
gopkg.in/gcfg.v1 v1.2.3 // indirect
121121
gopkg.in/inf.v0 v0.9.1 // indirect
122122
gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect

go.sum

+4-2
Original file line numberDiff line numberDiff line change
@@ -205,8 +205,9 @@ github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
205205
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
206206
github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM=
207207
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
208-
github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
209208
github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
209+
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
210+
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
210211
github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
211212
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
212213
github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
@@ -1004,8 +1005,9 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0
10041005
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
10051006
google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
10061007
google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
1007-
google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
10081008
google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
1009+
google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
1010+
google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
10091011
gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
10101012
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
10111013
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

vendor/github.com/golang/protobuf/jsonpb/decode.go

+1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/golang/protobuf/jsonpb/encode.go

+1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/golang/protobuf/ptypes/any.go

+4-3
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/google.golang.org/protobuf/encoding/protojson/decode.go

+29-9
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/google.golang.org/protobuf/encoding/protojson/doc.go

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/google.golang.org/protobuf/encoding/protojson/encode.go

+34-5
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/google.golang.org/protobuf/encoding/protojson/well_known_types.go

+20-39
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)