Skip to content

Commit 79a952d

Browse files
craigconditcraigcondit
committed
[YUNIKORN-3042] Shim: Update dependencies for CVE fixes (#958)
Closes: #958 (cherry picked from commit c81c718)
1 parent 560ef3d commit 79a952d

File tree

3 files changed

+126
-115
lines changed

3 files changed

+126
-115
lines changed

.go_repro_version

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
1.22.10
1+
1.23.7

go.mod

Lines changed: 44 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -18,23 +18,23 @@
1818

1919
module github.com/apache/yunikorn-k8shim
2020

21-
go 1.22.0
21+
go 1.23.0
2222

23-
toolchain go1.22.5
23+
toolchain go1.23.7
2424

2525
require (
26-
github.com/apache/yunikorn-core v1.6.1-2
27-
github.com/apache/yunikorn-scheduler-interface v1.6.1-1
28-
github.com/google/go-cmp v0.6.0
26+
github.com/apache/yunikorn-core v1.6.2-0
27+
github.com/apache/yunikorn-scheduler-interface v1.6.2-0
28+
github.com/google/go-cmp v0.7.0
2929
github.com/google/uuid v1.6.0
30-
github.com/looplab/fsm v1.0.1
31-
github.com/onsi/ginkgo/v2 v2.19.0
32-
github.com/onsi/gomega v1.33.1
30+
github.com/looplab/fsm v1.0.2
31+
github.com/onsi/ginkgo/v2 v2.21.0
32+
github.com/onsi/gomega v1.35.1
3333
github.com/prometheus/client_golang v1.19.1
3434
github.com/sasha-s/go-deadlock v0.3.5
35-
go.uber.org/zap v1.26.0
35+
go.uber.org/zap v1.27.0
3636
gopkg.in/yaml.v3 v3.0.1
37-
gotest.tools/v3 v3.5.1
37+
gotest.tools/v3 v3.5.2
3838
k8s.io/api v0.31.0
3939
k8s.io/apimachinery v0.31.0
4040
k8s.io/cli-runtime v0.31.0
@@ -47,7 +47,8 @@ require (
4747
)
4848

4949
require (
50-
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
50+
cel.dev/expr v0.19.1 // indirect
51+
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
5152
github.com/NYTimes/gziphandler v1.1.1 // indirect
5253
github.com/antlr4-go/antlr/v4 v4.13.0 // indirect
5354
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect
@@ -74,11 +75,11 @@ require (
7475
github.com/gogo/protobuf v1.3.2 // indirect
7576
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
7677
github.com/golang/protobuf v1.5.4 // indirect
77-
github.com/google/btree v1.1.2 // indirect
78-
github.com/google/cel-go v0.20.1 // indirect
78+
github.com/google/btree v1.1.3 // indirect
79+
github.com/google/cel-go v0.22.0 // indirect
7980
github.com/google/gnostic-models v0.6.8 // indirect
8081
github.com/google/gofuzz v1.2.0 // indirect
81-
github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af // indirect
82+
github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db // indirect
8283
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
8384
github.com/gorilla/websocket v1.5.0 // indirect
8485
github.com/gregjones/httpcache v0.0.0-20190212212710-3befbb6ad0cc // indirect
@@ -104,7 +105,7 @@ require (
104105
github.com/opencontainers/runtime-spec v1.0.3-0.20220909204839-494a5a6aca78 // indirect
105106
github.com/opencontainers/selinux v1.11.0 // indirect
106107
github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
107-
github.com/petermattis/goid v0.0.0-20240813172612-4fcff4a6cae7 // indirect
108+
github.com/petermattis/goid v0.0.0-20250303134427-723919f7f203 // indirect
108109
github.com/pkg/errors v0.9.1 // indirect
109110
github.com/prometheus/client_model v0.6.1 // indirect
110111
github.com/prometheus/common v0.55.0 // indirect
@@ -115,34 +116,35 @@ require (
115116
github.com/stoewer/go-strcase v1.2.0 // indirect
116117
github.com/x448/float16 v0.8.4 // indirect
117118
github.com/xlab/treeprint v1.2.0 // indirect
118-
go.etcd.io/etcd/api/v3 v3.5.14 // indirect
119-
go.etcd.io/etcd/client/pkg/v3 v3.5.14 // indirect
120-
go.etcd.io/etcd/client/v3 v3.5.14 // indirect
119+
go.etcd.io/etcd/api/v3 v3.5.16 // indirect
120+
go.etcd.io/etcd/client/pkg/v3 v3.5.16 // indirect
121+
go.etcd.io/etcd/client/v3 v3.5.16 // indirect
122+
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
121123
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.53.0 // indirect
122124
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect
123-
go.opentelemetry.io/otel v1.28.0 // indirect
125+
go.opentelemetry.io/otel v1.34.0 // indirect
124126
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect
125127
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0 // indirect
126-
go.opentelemetry.io/otel/metric v1.28.0 // indirect
127-
go.opentelemetry.io/otel/sdk v1.28.0 // indirect
128-
go.opentelemetry.io/otel/trace v1.28.0 // indirect
128+
go.opentelemetry.io/otel/metric v1.34.0 // indirect
129+
go.opentelemetry.io/otel/sdk v1.34.0 // indirect
130+
go.opentelemetry.io/otel/trace v1.34.0 // indirect
129131
go.opentelemetry.io/proto/otlp v1.3.1 // indirect
130132
go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
131133
go.uber.org/multierr v1.11.0 // indirect
132-
golang.org/x/crypto v0.31.0 // indirect
133-
golang.org/x/exp v0.0.0-20240409090435-93d18d7e34b8 // indirect
134-
golang.org/x/net v0.33.0 // indirect
135-
golang.org/x/oauth2 v0.21.0 // indirect
136-
golang.org/x/sync v0.8.0 // indirect
137-
golang.org/x/sys v0.28.0 // indirect
138-
golang.org/x/term v0.27.0 // indirect
139-
golang.org/x/text v0.21.0 // indirect
140-
golang.org/x/time v0.5.0 // indirect
141-
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
142-
google.golang.org/genproto/googleapis/api v0.0.0-20240528184218-531527333157 // indirect
143-
google.golang.org/genproto/googleapis/rpc v0.0.0-20240701130421-f6361c86f094 // indirect
144-
google.golang.org/grpc v1.65.0 // indirect
145-
google.golang.org/protobuf v1.34.2 // indirect
134+
golang.org/x/crypto v0.35.0 // indirect
135+
golang.org/x/exp v0.0.0-20250228200357-dead58393ab7 // indirect
136+
golang.org/x/net v0.36.0 // indirect
137+
golang.org/x/oauth2 v0.28.0 // indirect
138+
golang.org/x/sync v0.11.0 // indirect
139+
golang.org/x/sys v0.30.0 // indirect
140+
golang.org/x/term v0.29.0 // indirect
141+
golang.org/x/text v0.22.0 // indirect
142+
golang.org/x/time v0.10.0 // indirect
143+
golang.org/x/tools v0.30.0 // indirect
144+
google.golang.org/genproto/googleapis/api v0.0.0-20250106144421-5f5ef82da422 // indirect
145+
google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f // indirect
146+
google.golang.org/grpc v1.71.0 // indirect
147+
google.golang.org/protobuf v1.36.5 // indirect
146148
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
147149
gopkg.in/inf.v0 v0.9.1 // indirect
148150
gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
@@ -168,12 +170,13 @@ require (
168170
)
169171

170172
replace (
171-
golang.org/x/crypto => golang.org/x/crypto v0.31.0
173+
golang.org/x/crypto => golang.org/x/crypto v0.35.0
172174
golang.org/x/lint => golang.org/x/lint v0.0.0-20210508222113-6edffad5e616
173-
golang.org/x/net => golang.org/x/net v0.33.0
174-
golang.org/x/sys => golang.org/x/sys v0.24.0
175-
golang.org/x/text => golang.org/x/text v0.17.0
176-
golang.org/x/tools => golang.org/x/tools v0.24.0
175+
golang.org/x/net => golang.org/x/net v0.36.0
176+
golang.org/x/oauth2 => golang.org/x/oauth2 v0.28.0
177+
golang.org/x/sys => golang.org/x/sys v0.30.0
178+
golang.org/x/text => golang.org/x/text v0.22.0
179+
golang.org/x/tools => golang.org/x/tools v0.30.0
177180
k8s.io/api => k8s.io/api v0.31.0
178181
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.31.0
179182
k8s.io/apimachinery => k8s.io/apimachinery v0.31.0

0 commit comments

Comments
 (0)