Skip to content

Commit 65ac442

Browse files
dfarrell07submariner-bot
dfarrell07
authored and
submariner-bot
committed
Bump sigstore/fulcio for GHSA-f83f-xpx7-ffpw
Full package: github.com/sigstore/fulcio Signed-off-by: Daniel Farrell <dfarrell@redhat.com>
1 parent 2008b33 commit 65ac442

File tree

2 files changed

+118
-114
lines changed

2 files changed

+118
-114
lines changed

tools/go.mod

Lines changed: 35 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/submariner-io/submariner-operator/tools
22

3-
go 1.24.3
3+
go 1.25.0
44

55
require (
66
cel.dev/expr v0.24.0 // indirect
@@ -21,7 +21,7 @@ require (
2121
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
2222
github.com/beorn7/perks v1.0.1 // indirect
2323
github.com/blang/semver/v4 v4.0.0 // indirect
24-
github.com/cenkalti/backoff/v5 v5.0.2 // indirect
24+
github.com/cenkalti/backoff/v5 v5.0.3 // indirect
2525
github.com/cespare/xxhash/v2 v2.3.0 // indirect
2626
github.com/chai2010/gettext-go v1.0.2 // indirect
2727
github.com/containerd/cgroups/v3 v3.0.5 // indirect
@@ -65,7 +65,7 @@ require (
6565
github.com/go-git/go-billy/v5 v5.6.2 // indirect
6666
github.com/go-git/go-git/v5 v5.16.2 // indirect
6767
github.com/go-gorp/gorp/v3 v3.1.0 // indirect
68-
github.com/go-jose/go-jose/v4 v4.1.0 // indirect
68+
github.com/go-jose/go-jose/v4 v4.1.3 // indirect
6969
github.com/go-logr/logr v1.4.3 // indirect
7070
github.com/go-logr/stdr v1.2.2 // indirect
7171
github.com/go-openapi/analysis v0.23.0 // indirect
@@ -78,13 +78,15 @@ require (
7878
github.com/go-openapi/strfmt v0.23.0 // indirect
7979
github.com/go-openapi/swag v0.23.1 // indirect
8080
github.com/go-openapi/validate v0.24.0 // indirect
81+
github.com/go-sql-driver/mysql v1.9.2 // indirect
8182
github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
8283
github.com/gobuffalo/envy v1.6.5 // indirect
8384
github.com/gobuffalo/flect v1.0.3 // indirect
8485
github.com/gobwas/glob v0.2.3 // indirect
8586
github.com/gogo/protobuf v1.3.2 // indirect
8687
github.com/golang-migrate/migrate/v4 v4.18.3 // indirect
8788
github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
89+
github.com/golang/mock v1.7.0-rc.1 // indirect
8890
github.com/golang/protobuf v1.5.4 // indirect
8991
github.com/google/btree v1.1.3 // indirect
9092
github.com/google/cel-go v0.26.0 // indirect
@@ -97,7 +99,7 @@ require (
9799
github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 // indirect
98100
github.com/gosuri/uitable v0.0.4 // indirect
99101
github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
100-
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.0 // indirect
102+
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 // indirect
101103
github.com/h2non/filetype v1.1.3 // indirect
102104
github.com/h2non/go-is-svg v0.0.0-20160927212452-35e8c4b0612c // indirect
103105
github.com/hashicorp/errwrap v1.1.0 // indirect
@@ -116,16 +118,16 @@ require (
116118
github.com/kr/text v0.2.0 // indirect
117119
github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
118120
github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
119-
github.com/letsencrypt/boulder v0.0.0-20250624003606-5ddd5acf990d // indirect
120121
github.com/lib/pq v1.10.9 // indirect
121122
github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
122123
github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
123124
github.com/mailru/easyjson v0.9.0 // indirect
124125
github.com/markbates/inflect v1.0.4 // indirect
125-
github.com/mattn/go-colorable v0.1.13 // indirect
126+
github.com/mattn/go-colorable v0.1.14 // indirect
126127
github.com/mattn/go-isatty v0.0.20 // indirect
127128
github.com/mattn/go-runewidth v0.0.16 // indirect
128129
github.com/mattn/go-sqlite3 v1.14.28 // indirect
130+
github.com/miekg/dns v1.1.61 // indirect
129131
github.com/miekg/pkcs11 v1.1.1 // indirect
130132
github.com/mitchellh/copystructure v1.2.0 // indirect
131133
github.com/mitchellh/go-homedir v1.1.0 // indirect
@@ -146,6 +148,7 @@ require (
146148
github.com/muesli/termenv v0.11.0 // indirect
147149
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
148150
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
151+
github.com/nxadm/tail v1.4.11 // indirect
149152
github.com/oklog/ulid v1.3.1 // indirect
150153
github.com/onsi/gomega v1.38.1 // indirect
151154
github.com/opencontainers/go-digest v1.0.0 // indirect
@@ -163,36 +166,35 @@ require (
163166
github.com/pkg/errors v0.9.1 // indirect
164167
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
165168
github.com/proglottis/gpgme v0.1.4 // indirect
166-
github.com/prometheus/client_golang v1.22.0 // indirect
169+
github.com/prometheus/client_golang v1.23.2 // indirect
167170
github.com/prometheus/client_model v0.6.2 // indirect
168-
github.com/prometheus/common v0.65.0 // indirect
171+
github.com/prometheus/common v0.67.4 // indirect
169172
github.com/prometheus/procfs v0.16.1 // indirect
170173
github.com/rivo/uniseg v0.4.7 // indirect
171174
github.com/rubenv/sql-migrate v1.8.0 // indirect
172175
github.com/russross/blackfriday/v2 v2.1.0 // indirect
173176
github.com/sagikazarmark/locafero v0.7.0 // indirect
174177
github.com/santhosh-tekuri/jsonschema/v6 v6.0.2 // indirect
175-
github.com/secure-systems-lab/go-securesystemslib v0.9.0 // indirect
178+
github.com/secure-systems-lab/go-securesystemslib v0.9.1 // indirect
176179
github.com/sergi/go-diff v1.4.0 // indirect
177180
github.com/shopspring/decimal v1.4.0 // indirect
178-
github.com/sigstore/fulcio v1.7.1 // indirect
179-
github.com/sigstore/protobuf-specs v0.4.3 // indirect
181+
github.com/sigstore/fulcio v1.8.3 // indirect
182+
github.com/sigstore/protobuf-specs v0.5.0 // indirect
180183
github.com/sigstore/rekor v1.3.10 // indirect
181-
github.com/sigstore/sigstore v1.9.5 // indirect
184+
github.com/sigstore/sigstore v1.10.0 // indirect
182185
github.com/sirupsen/logrus v1.9.3 // indirect
183186
github.com/smallstep/pkcs7 v0.2.1 // indirect
184187
github.com/sourcegraph/conc v0.3.0 // indirect
185188
github.com/spf13/afero v1.14.0 // indirect
186189
github.com/spf13/cast v1.7.1 // indirect
187-
github.com/spf13/cobra v1.9.1 // indirect
188-
github.com/spf13/pflag v1.0.7 // indirect
190+
github.com/spf13/cobra v1.10.2 // indirect
191+
github.com/spf13/pflag v1.0.10 // indirect
189192
github.com/spf13/viper v1.20.1 // indirect
190193
github.com/stefanberger/go-pkcs11uri v0.0.0-20230803200340-78284954bff6 // indirect
191194
github.com/stoewer/go-strcase v1.3.1 // indirect
192-
github.com/stretchr/testify v1.10.0 // indirect
195+
github.com/stretchr/testify v1.11.1 // indirect
193196
github.com/subosito/gotenv v1.6.0 // indirect
194197
github.com/thoas/go-funk v0.9.3 // indirect
195-
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
196198
github.com/ulikunitz/xz v0.5.14 // indirect
197199
github.com/urfave/cli/v2 v2.4.0 // indirect
198200
github.com/uw-labs/lichen v0.1.7 // indirect
@@ -203,34 +205,34 @@ require (
203205
go.etcd.io/bbolt v1.4.2 // indirect
204206
go.mongodb.org/mongo-driver v1.17.4 // indirect
205207
go.opencensus.io v0.24.0 // indirect
206-
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
207-
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect
208-
go.opentelemetry.io/otel v1.36.0 // indirect
209-
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.36.0 // indirect
210-
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.36.0 // indirect
211-
go.opentelemetry.io/otel/metric v1.36.0 // indirect
212-
go.opentelemetry.io/otel/sdk v1.36.0 // indirect
213-
go.opentelemetry.io/otel/trace v1.36.0 // indirect
214-
go.opentelemetry.io/proto/otlp v1.7.0 // indirect
208+
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
209+
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.63.0 // indirect
210+
go.opentelemetry.io/otel v1.38.0 // indirect
211+
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.38.0 // indirect
212+
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.38.0 // indirect
213+
go.opentelemetry.io/otel/metric v1.38.0 // indirect
214+
go.opentelemetry.io/otel/sdk v1.38.0 // indirect
215+
go.opentelemetry.io/otel/trace v1.38.0 // indirect
216+
go.opentelemetry.io/proto/otlp v1.7.1 // indirect
215217
go.uber.org/multierr v1.11.0 // indirect
216-
go.yaml.in/yaml/v2 v2.4.2 // indirect
218+
go.yaml.in/yaml/v2 v2.4.3 // indirect
217219
go.yaml.in/yaml/v3 v3.0.4 // indirect
218220
golang.org/x/crypto v0.45.0 // indirect
219221
golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b // indirect
220222
golang.org/x/mod v0.29.0 // indirect
221223
golang.org/x/net v0.47.0 // indirect
222-
golang.org/x/oauth2 v0.30.0 // indirect
224+
golang.org/x/oauth2 v0.33.0 // indirect
223225
golang.org/x/sync v0.18.0 // indirect
224226
golang.org/x/sys v0.38.0 // indirect
225227
golang.org/x/term v0.37.0 // indirect
226228
golang.org/x/text v0.31.0 // indirect
227-
golang.org/x/time v0.12.0 // indirect
229+
golang.org/x/time v0.14.0 // indirect
228230
golang.org/x/tools v0.38.0 // indirect
229231
google.golang.org/genproto v0.0.0-20250603155806-513f23925822 // indirect
230-
google.golang.org/genproto/googleapis/api v0.0.0-20250603155806-513f23925822 // indirect
231-
google.golang.org/genproto/googleapis/rpc v0.0.0-20250603155806-513f23925822 // indirect
232-
google.golang.org/grpc v1.73.0 // indirect
233-
google.golang.org/protobuf v1.36.7 // indirect
232+
google.golang.org/genproto/googleapis/api v0.0.0-20251022142026-3a174f9686a8 // indirect
233+
google.golang.org/genproto/googleapis/rpc v0.0.0-20251103181224-f26f9409b101 // indirect
234+
google.golang.org/grpc v1.77.0 // indirect
235+
google.golang.org/protobuf v1.36.10 // indirect
234236
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
235237
gopkg.in/inf.v0 v0.9.1 // indirect
236238
gopkg.in/warnings.v0 v0.1.2 // indirect
@@ -249,7 +251,7 @@ require (
249251
k8s.io/klog/v2 v2.130.1 // indirect
250252
k8s.io/kube-openapi v0.0.0-20250710124328-f3f2b991d03b // indirect
251253
k8s.io/kubectl v0.33.3 // indirect
252-
k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect
254+
k8s.io/utils v0.0.0-20250820121507-0af2bda4dd1d // indirect
253255
oras.land/oras-go/v2 v2.6.0 // indirect
254256
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.33.0 // indirect
255257
sigs.k8s.io/controller-runtime v0.21.0 // indirect

0 commit comments

Comments
 (0)