Skip to content

Commit 5410b9f

Browse files
flavioflavio
authored
Merge pull request #195 from rancher-sandbox/dependabot/go_modules/github.com/aquasecurity/trivy-0.62.1
chore: bump github.com/aquasecurity/trivy from 0.61.0 to 0.62.1
2 parents eeb14d8 + d76aaa0 commit 5410b9f

3 files changed

Lines changed: 315 additions & 301 deletions

File tree

go.mod

Lines changed: 62 additions & 63 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,12 @@
11
module github.com/rancher/sbombastic
22

3-
go 1.24.0
4-
5-
toolchain go1.24.2
3+
go 1.24.2
64

75
godebug default=go1.23
86

97
require (
108
github.com/Masterminds/squirrel v1.5.4
11-
github.com/aquasecurity/trivy v0.61.0
9+
github.com/aquasecurity/trivy v0.62.1
1210
github.com/go-logr/logr v1.4.2
1311
github.com/google/go-cmp v0.7.0
1412
github.com/google/go-containerregistry v0.20.3
@@ -36,35 +34,35 @@ require (
3634

3735
require (
3836
cel.dev/expr v0.19.1 // indirect
39-
cloud.google.com/go v0.116.0 // indirect
40-
cloud.google.com/go/auth v0.14.0 // indirect
41-
cloud.google.com/go/auth/oauth2adapt v0.2.7 // indirect
37+
cloud.google.com/go v0.118.3 // indirect
38+
cloud.google.com/go/auth v0.15.0 // indirect
39+
cloud.google.com/go/auth/oauth2adapt v0.2.8 // indirect
4240
cloud.google.com/go/compute/metadata v0.6.0 // indirect
43-
cloud.google.com/go/iam v1.2.2 // indirect
44-
cloud.google.com/go/monitoring v1.21.2 // indirect
45-
cloud.google.com/go/storage v1.49.0 // indirect
41+
cloud.google.com/go/iam v1.4.1 // indirect
42+
cloud.google.com/go/monitoring v1.24.0 // indirect
43+
cloud.google.com/go/storage v1.50.0 // indirect
4644
dario.cat/mergo v1.0.1 // indirect
4745
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect
4846
github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20231105174938-2b5cbb29f3e2 // indirect
4947
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect
50-
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0 // indirect
51-
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2 // indirect
52-
github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
48+
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 // indirect
49+
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.9.0 // indirect
50+
github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect
5351
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
5452
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
5553
github.com/Azure/go-autorest/autorest v0.11.29 // indirect
5654
github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect
5755
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
5856
github.com/Azure/go-autorest/logger v0.2.1 // indirect
5957
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
60-
github.com/AzureAD/microsoft-authentication-library-for-go v1.3.3 // indirect
61-
github.com/BurntSushi/toml v1.4.0 // indirect
58+
github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 // indirect
59+
github.com/BurntSushi/toml v1.5.0 // indirect
6260
github.com/CycloneDX/cyclonedx-go v0.9.2 // indirect
6361
github.com/DataDog/zstd v1.5.5 // indirect
6462
github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible // indirect
6563
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.25.0 // indirect
66-
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.48.1 // indirect
67-
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.48.1 // indirect
64+
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.49.0 // indirect
65+
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.49.0 // indirect
6866
github.com/Intevation/gval v1.3.0 // indirect
6967
github.com/Intevation/jsonpath v0.2.1 // indirect
7068
github.com/MakeNowJust/heredoc v1.0.0 // indirect
@@ -74,7 +72,7 @@ require (
7472
github.com/Microsoft/go-winio v0.6.2 // indirect
7573
github.com/Microsoft/hcsshim v0.12.9 // indirect
7674
github.com/NYTimes/gziphandler v1.1.1 // indirect
77-
github.com/ProtonMail/go-crypto v1.1.5 // indirect
75+
github.com/ProtonMail/go-crypto v1.1.6 // indirect
7876
github.com/VividCortex/ewma v1.2.0 // indirect
7977
github.com/agext/levenshtein v1.2.3 // indirect
8078
github.com/agnivade/levenshtein v1.2.1 // indirect
@@ -89,30 +87,30 @@ require (
8987
github.com/aquasecurity/go-version v0.0.1 // indirect
9088
github.com/aquasecurity/iamgo v0.0.10 // indirect
9189
github.com/aquasecurity/jfather v0.0.8 // indirect
92-
github.com/aquasecurity/table v1.8.0 // indirect
90+
github.com/aquasecurity/table v1.10.0 // indirect
9391
github.com/aquasecurity/tml v0.6.1 // indirect
94-
github.com/aquasecurity/trivy-checks v1.8.0 // indirect
92+
github.com/aquasecurity/trivy-checks v1.10.0 // indirect
9593
github.com/aquasecurity/trivy-db v0.0.0-20250227071930-8bd8a9b89e2d // indirect
9694
github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48 // indirect
97-
github.com/aquasecurity/trivy-kubernetes v0.8.0 // indirect
95+
github.com/aquasecurity/trivy-kubernetes v0.8.2 // indirect
9896
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
99-
github.com/aws/aws-sdk-go v1.55.6 // indirect
97+
github.com/aws/aws-sdk-go v1.55.7 // indirect
10098
github.com/aws/aws-sdk-go-v2 v1.36.3 // indirect
101-
github.com/aws/aws-sdk-go-v2/config v1.29.9 // indirect
102-
github.com/aws/aws-sdk-go-v2/credentials v1.17.62 // indirect
99+
github.com/aws/aws-sdk-go-v2/config v1.29.14 // indirect
100+
github.com/aws/aws-sdk-go-v2/credentials v1.17.67 // indirect
103101
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30 // indirect
104102
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect
105103
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect
106104
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
107105
github.com/aws/aws-sdk-go-v2/service/ebs v1.22.1 // indirect
108-
github.com/aws/aws-sdk-go-v2/service/ec2 v1.207.1 // indirect
109-
github.com/aws/aws-sdk-go-v2/service/ecr v1.42.1 // indirect
106+
github.com/aws/aws-sdk-go-v2/service/ec2 v1.213.0 // indirect
107+
github.com/aws/aws-sdk-go-v2/service/ecr v1.44.0 // indirect
110108
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3 // indirect
111109
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15 // indirect
112-
github.com/aws/aws-sdk-go-v2/service/s3 v1.78.1 // indirect
113-
github.com/aws/aws-sdk-go-v2/service/sso v1.25.1 // indirect
114-
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.29.1 // indirect
115-
github.com/aws/aws-sdk-go-v2/service/sts v1.33.17 // indirect
110+
github.com/aws/aws-sdk-go-v2/service/s3 v1.79.3 // indirect
111+
github.com/aws/aws-sdk-go-v2/service/sso v1.25.3 // indirect
112+
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.1 // indirect
113+
github.com/aws/aws-sdk-go-v2/service/sts v1.33.19 // indirect
116114
github.com/aws/smithy-go v1.22.3 // indirect
117115
github.com/beorn7/perks v1.0.1 // indirect
118116
github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
@@ -125,12 +123,12 @@ require (
125123
github.com/cespare/xxhash/v2 v2.3.0 // indirect
126124
github.com/chai2010/gettext-go v1.0.2 // indirect
127125
github.com/cheggaaa/pb/v3 v3.1.7 // indirect
128-
github.com/cloudflare/circl v1.6.0 // indirect
126+
github.com/cloudflare/circl v1.6.1 // indirect
129127
github.com/cncf/xds/go v0.0.0-20241223141626-cff3c89139a3 // indirect
130-
github.com/containerd/cgroups/v3 v3.0.3 // indirect
128+
github.com/containerd/cgroups/v3 v3.0.5 // indirect
131129
github.com/containerd/containerd v1.7.27 // indirect
132130
github.com/containerd/containerd/api v1.8.0 // indirect
133-
github.com/containerd/containerd/v2 v2.0.4 // indirect
131+
github.com/containerd/containerd/v2 v2.0.5 // indirect
134132
github.com/containerd/continuity v0.4.5 // indirect
135133
github.com/containerd/errdefs v1.0.0 // indirect
136134
github.com/containerd/errdefs/pkg v0.3.0 // indirect
@@ -151,10 +149,10 @@ require (
151149
github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 // indirect
152150
github.com/distribution/reference v0.6.0 // indirect
153151
github.com/dlclark/regexp2 v1.4.0 // indirect
154-
github.com/docker/cli v27.5.0+incompatible // indirect
152+
github.com/docker/cli v28.1.1+incompatible // indirect
155153
github.com/docker/distribution v2.8.3+incompatible // indirect
156-
github.com/docker/docker v27.5.1+incompatible // indirect
157-
github.com/docker/docker-credential-helpers v0.8.2 // indirect
154+
github.com/docker/docker v28.1.1+incompatible // indirect
155+
github.com/docker/docker-credential-helpers v0.9.3 // indirect
158156
github.com/docker/go-connections v0.5.0 // indirect
159157
github.com/docker/go-metrics v0.0.1 // indirect
160158
github.com/docker/go-units v0.5.0 // indirect
@@ -175,28 +173,28 @@ require (
175173
github.com/go-errors/errors v1.4.2 // indirect
176174
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
177175
github.com/go-git/go-billy/v5 v5.6.2 // indirect
178-
github.com/go-git/go-git/v5 v5.14.0 // indirect
176+
github.com/go-git/go-git/v5 v5.16.0 // indirect
179177
github.com/go-gorp/gorp/v3 v3.1.0 // indirect
180178
github.com/go-ini/ini v1.67.0 // indirect
181179
github.com/go-jose/go-jose/v4 v4.0.5 // indirect
182-
github.com/go-json-experiment/json v0.0.0-20250211171154-1ae217ad3535 // indirect
180+
github.com/go-json-experiment/json v0.0.0-20250223041408-d3c622f1b874 // indirect
183181
github.com/go-logr/stdr v1.2.2 // indirect
184182
github.com/go-logr/zapr v1.3.0 // indirect
185183
github.com/go-openapi/analysis v0.23.0 // indirect
186-
github.com/go-openapi/errors v0.22.0 // indirect
184+
github.com/go-openapi/errors v0.22.1 // indirect
187185
github.com/go-openapi/jsonpointer v0.21.0 // indirect
188186
github.com/go-openapi/jsonreference v0.21.0 // indirect
189187
github.com/go-openapi/loads v0.22.0 // indirect
190188
github.com/go-openapi/runtime v0.28.0 // indirect
191189
github.com/go-openapi/spec v0.21.0 // indirect
192190
github.com/go-openapi/strfmt v0.23.0 // indirect
193-
github.com/go-openapi/swag v0.23.0 // indirect
191+
github.com/go-openapi/swag v0.23.1 // indirect
194192
github.com/go-openapi/validate v0.24.0 // indirect
195193
github.com/go-redis/redis/v8 v8.11.5 // indirect
196194
github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
197195
github.com/go-viper/mapstructure/v2 v2.2.1 // indirect
198196
github.com/gobwas/glob v0.2.3 // indirect
199-
github.com/gocsaf/csaf/v3 v3.1.1 // indirect
197+
github.com/gocsaf/csaf/v3 v3.2.0 // indirect
200198
github.com/gogo/protobuf v1.3.2 // indirect
201199
github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
202200
github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
@@ -215,7 +213,7 @@ require (
215213
github.com/google/s2a-go v0.1.9 // indirect
216214
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
217215
github.com/google/wire v0.6.0 // indirect
218-
github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
216+
github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect
219217
github.com/googleapis/gax-go/v2 v2.14.1 // indirect
220218
github.com/gorilla/mux v1.8.1 // indirect
221219
github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 // indirect
@@ -257,7 +255,7 @@ require (
257255
github.com/lib/pq v1.10.9 // indirect
258256
github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
259257
github.com/lunixbochs/struc v0.0.0-20200707160740-784aaebc1d40 // indirect
260-
github.com/mailru/easyjson v0.7.7 // indirect
258+
github.com/mailru/easyjson v0.9.0 // indirect
261259
github.com/masahiro331/go-disk v0.0.0-20240625071113-56c933208fee // indirect
262260
github.com/masahiro331/go-ebs-file v0.0.0-20240917043618-e6d2bea5c32e // indirect
263261
github.com/masahiro331/go-ext4-filesystem v0.0.0-20240620024024-ca14e6327bbd // indirect
@@ -276,14 +274,14 @@ require (
276274
github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect
277275
github.com/mitchellh/mapstructure v1.5.0 // indirect
278276
github.com/mitchellh/reflectwalk v1.0.2 // indirect
279-
github.com/moby/buildkit v0.18.2 // indirect
277+
github.com/moby/buildkit v0.21.1 // indirect
280278
github.com/moby/docker-image-spec v1.3.1 // indirect
281279
github.com/moby/locker v1.0.1 // indirect
282280
github.com/moby/spdystream v0.5.0 // indirect
283281
github.com/moby/sys/mountinfo v0.7.2 // indirect
284282
github.com/moby/sys/sequential v0.6.0 // indirect
285283
github.com/moby/sys/signal v0.7.1 // indirect
286-
github.com/moby/sys/user v0.3.0 // indirect
284+
github.com/moby/sys/user v0.4.0 // indirect
287285
github.com/moby/sys/userns v0.1.0 // indirect
288286
github.com/moby/term v0.5.0 // indirect
289287
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
@@ -298,7 +296,7 @@ require (
298296
github.com/nozzle/throttler v0.0.0-20180817012639-2ea982251481 // indirect
299297
github.com/oklog/ulid v1.3.1 // indirect
300298
github.com/oklog/ulid/v2 v2.1.0 // indirect
301-
github.com/open-policy-agent/opa v1.4.0 // indirect
299+
github.com/open-policy-agent/opa v1.4.2 // indirect
302300
github.com/opencontainers/go-digest v1.0.0 // indirect
303301
github.com/opencontainers/image-spec v1.1.1 // indirect
304302
github.com/opencontainers/runtime-spec v1.2.0 // indirect
@@ -326,7 +324,7 @@ require (
326324
github.com/russross/blackfriday/v2 v2.1.0 // indirect
327325
github.com/rust-secure-code/go-rustaudit v0.0.0-20250226111315-e20ec32e963c // indirect
328326
github.com/sagikazarmark/locafero v0.7.0 // indirect
329-
github.com/samber/lo v1.49.1 // indirect
327+
github.com/samber/lo v1.50.0 // indirect
330328
github.com/samber/oops v1.15.0 // indirect
331329
github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect
332330
github.com/sassoftware/go-rpmutils v0.4.0 // indirect
@@ -336,14 +334,15 @@ require (
336334
github.com/shibumi/go-pathspec v1.3.0 // indirect
337335
github.com/shopspring/decimal v1.4.0 // indirect
338336
github.com/sigstore/cosign/v2 v2.2.4 // indirect
339-
github.com/sigstore/rekor v1.3.9 // indirect
340-
github.com/sigstore/sigstore v1.8.12 // indirect
337+
github.com/sigstore/protobuf-specs v0.4.1 // indirect
338+
github.com/sigstore/rekor v1.3.10 // indirect
339+
github.com/sigstore/sigstore v1.9.1 // indirect
341340
github.com/sigstore/timestamp-authority v1.2.2 // indirect
342341
github.com/sirupsen/logrus v1.9.3 // indirect
343342
github.com/skeema/knownhosts v1.3.1 // indirect
344343
github.com/sourcegraph/conc v0.3.0 // indirect
345344
github.com/spf13/afero v1.12.0 // indirect
346-
github.com/spf13/cast v1.7.1 // indirect
345+
github.com/spf13/cast v1.8.0 // indirect
347346
github.com/spf13/pflag v1.0.6 // indirect
348347
github.com/spf13/viper v1.20.1 // indirect
349348
github.com/stoewer/go-strcase v1.3.0 // indirect
@@ -379,7 +378,7 @@ require (
379378
go.opencensus.io v0.24.0 // indirect
380379
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
381380
go.opentelemetry.io/contrib/detectors/gcp v1.34.0 // indirect
382-
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.58.0 // indirect
381+
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.59.0 // indirect
383382
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect
384383
go.opentelemetry.io/otel v1.35.0 // indirect
385384
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0 // indirect
@@ -393,22 +392,22 @@ require (
393392
go.uber.org/multierr v1.11.0 // indirect
394393
go.uber.org/zap v1.27.0 // indirect
395394
golang.org/x/crypto v0.37.0 // indirect
396-
golang.org/x/exp v0.0.0-20250305212735-054e65f0b394 // indirect
395+
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 // indirect
397396
golang.org/x/mod v0.24.0 // indirect
398-
golang.org/x/net v0.38.0 // indirect
399-
golang.org/x/oauth2 v0.27.0 // indirect
397+
golang.org/x/net v0.39.0 // indirect
398+
golang.org/x/oauth2 v0.28.0 // indirect
400399
golang.org/x/sync v0.13.0 // indirect
401400
golang.org/x/sys v0.32.0 // indirect
402401
golang.org/x/term v0.31.0 // indirect
403402
golang.org/x/text v0.24.0 // indirect
404403
golang.org/x/time v0.11.0 // indirect
405-
golang.org/x/tools v0.31.0 // indirect
404+
golang.org/x/tools v0.32.0 // indirect
406405
golang.org/x/xerrors v0.0.0-20240716161551-93cc26a95ae9 // indirect
407406
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
408-
google.golang.org/api v0.218.0 // indirect
409-
google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 // indirect
410-
google.golang.org/genproto/googleapis/api v0.0.0-20250218202821-56aae31c358a // indirect
411-
google.golang.org/genproto/googleapis/rpc v0.0.0-20250218202821-56aae31c358a // indirect
407+
google.golang.org/api v0.228.0 // indirect
408+
google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb // indirect
409+
google.golang.org/genproto/googleapis/api v0.0.0-20250303144028-a0af3efb3deb // indirect
410+
google.golang.org/genproto/googleapis/rpc v0.0.0-20250313205543-e70fdf4c4cb4 // indirect
412411
google.golang.org/grpc v1.71.1 // indirect
413412
google.golang.org/protobuf v1.36.6 // indirect
414413
gopkg.in/cheggaaa/pb.v1 v1.0.28 // indirect
@@ -420,20 +419,20 @@ require (
420419
helm.sh/helm/v3 v3.17.3 // indirect
421420
k8s.io/api v0.33.0 // indirect
422421
k8s.io/apiextensions-apiserver v0.32.2 // indirect
423-
k8s.io/cli-runtime v0.32.3 // indirect
422+
k8s.io/cli-runtime v0.33.0 // indirect
424423
k8s.io/gengo/v2 v2.0.0-20250207200755-1244d31929d7 // indirect
425424
k8s.io/klog/v2 v2.130.1 // indirect
426425
k8s.io/kms v0.33.0 // indirect
427-
k8s.io/kubectl v0.32.3 // indirect
426+
k8s.io/kubectl v0.33.0 // indirect
428427
modernc.org/libc v1.62.1 // indirect
429428
modernc.org/mathutil v1.7.1 // indirect
430429
modernc.org/memory v1.9.1 // indirect
431430
mvdan.cc/sh/v3 v3.11.0 // indirect
432431
oras.land/oras-go v1.2.5 // indirect
433432
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.2 // indirect
434433
sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect
435-
sigs.k8s.io/kustomize/api v0.18.0 // indirect
436-
sigs.k8s.io/kustomize/kyaml v0.18.1 // indirect
434+
sigs.k8s.io/kustomize/api v0.19.0 // indirect
435+
sigs.k8s.io/kustomize/kyaml v0.19.0 // indirect
437436
sigs.k8s.io/randfill v1.0.0 // indirect
438437
sigs.k8s.io/yaml v1.4.0 // indirect
439438
)

0 commit comments

Comments
 (0)