mirror of
https://github.com/status-im/consul.git
synced 2025-01-10 05:45:46 +00:00
86b0818c1f
security: upgrade vault/api to remove go-jose.v2 This dependency has an open vulnerability (GO-2024-2631), and is no longer needed by the latest `vault/api`. This is a follow-up to the upgrade of `go-jose/v3` in this repository to make all our dependencies consolidate on v3. Also remove the recently added security scan triage block for GO-2024-2631, which was added due to incorrect reports that `go-jose/v3@3.0.3` was impacted; in reality, is was this indirect client dependency (not impacted by CVE) that the scanner was flagging. A bug report has been filed to address the incorrect reporting.
62 lines
2.6 KiB
Modula-2
62 lines
2.6 KiB
Modula-2
module github.com/hashicorp/consul/troubleshoot
|
|
|
|
go 1.19
|
|
|
|
replace (
|
|
github.com/hashicorp/consul/api => ../api
|
|
github.com/hashicorp/consul/envoyextensions => ../envoyextensions
|
|
github.com/hashicorp/consul/proto-public => ../proto-public
|
|
)
|
|
|
|
exclude (
|
|
github.com/hashicorp/go-msgpack v1.1.5 // has breaking changes and must be avoided
|
|
github.com/hashicorp/go-msgpack v1.1.6 // contains retractions but same as v1.1.5
|
|
)
|
|
|
|
require (
|
|
github.com/envoyproxy/go-control-plane v0.12.0
|
|
github.com/envoyproxy/go-control-plane/xdsmatcher v0.0.0-20230524161521-aaaacbfbe53e
|
|
github.com/hashicorp/consul/api v1.26.1
|
|
github.com/hashicorp/consul/envoyextensions v0.5.1
|
|
github.com/hashicorp/consul/sdk v0.15.0
|
|
github.com/stretchr/testify v1.8.4
|
|
google.golang.org/protobuf v1.33.0
|
|
)
|
|
|
|
require (
|
|
github.com/armon/go-metrics v0.4.1 // indirect
|
|
github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect
|
|
github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 // indirect
|
|
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
|
|
github.com/envoyproxy/protoc-gen-validate v1.0.2 // indirect
|
|
github.com/fatih/color v1.16.0 // indirect
|
|
github.com/golang/protobuf v1.5.4 // indirect
|
|
github.com/hashicorp/errwrap v1.1.0 // indirect
|
|
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
|
|
github.com/hashicorp/go-hclog v1.5.0 // indirect
|
|
github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
|
|
github.com/hashicorp/go-multierror v1.1.1 // indirect
|
|
github.com/hashicorp/go-rootcerts v1.0.2 // indirect
|
|
github.com/hashicorp/go-uuid v1.0.3 // indirect
|
|
github.com/hashicorp/go-version v1.2.1 // indirect
|
|
github.com/hashicorp/golang-lru v0.5.4 // indirect
|
|
github.com/hashicorp/serf v0.10.1 // indirect
|
|
github.com/mattn/go-colorable v0.1.13 // indirect
|
|
github.com/mattn/go-isatty v0.0.20 // indirect
|
|
github.com/mitchellh/go-homedir v1.1.0 // indirect
|
|
github.com/mitchellh/mapstructure v1.5.0 // indirect
|
|
github.com/pkg/errors v0.9.1 // indirect
|
|
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
|
|
github.com/prometheus/client_model v0.5.0 // indirect
|
|
go.opentelemetry.io/proto/otlp v1.0.0 // indirect
|
|
golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 // indirect
|
|
golang.org/x/net v0.24.0 // indirect
|
|
golang.org/x/sys v0.19.0 // indirect
|
|
golang.org/x/text v0.14.0 // indirect
|
|
google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98 // indirect
|
|
google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98 // indirect
|
|
google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 // indirect
|
|
google.golang.org/grpc v1.58.3 // indirect
|
|
gopkg.in/yaml.v3 v3.0.1 // indirect
|
|
)
|