mirror of
https://github.com/status-im/consul.git
synced 2025-01-09 13:26:07 +00:00
86b0818c1f
security: upgrade vault/api to remove go-jose.v2 This dependency has an open vulnerability (GO-2024-2631), and is no longer needed by the latest `vault/api`. This is a follow-up to the upgrade of `go-jose/v3` in this repository to make all our dependencies consolidate on v3. Also remove the recently added security scan triage block for GO-2024-2631, which was added due to incorrect reports that `go-jose/v3@3.0.3` was impacted; in reality, is was this indirect client dependency (not impacted by CVE) that the scanner was flagging. A bug report has been filed to address the incorrect reporting.
15 lines
488 B
Modula-2
15 lines
488 B
Modula-2
module github.com/hashicorp/consul/internal/tools/proto-gen-rpc-glue
|
|
|
|
go 1.17
|
|
|
|
require github.com/stretchr/testify v1.8.4
|
|
|
|
require (
|
|
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
|
|
github.com/kr/pretty v0.3.0 // indirect
|
|
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
|
|
github.com/rogpeppe/go-internal v1.9.0 // indirect
|
|
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
|
|
gopkg.in/yaml.v3 v3.0.1 // indirect
|
|
)
|