Skip to content

Commit 4a82127

Browse files
SUSTAPLE117SUSTAPLE117
authored
Bumped Go deps + Go 1.25 (#353)
* Bumped Go deps + Go 1.25 * handle error
1 parent 0d64277 commit 4a82127

File tree

8 files changed

+219
-147
lines changed

8 files changed

+219
-147
lines changed

.github/workflows/build_test.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ jobs:
2323
- name: Setup Go
2424
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
2525
with:
26-
go-version: '1.24'
26+
go-version: '1.25'
2727
- name: Install dependencies
2828
run: go mod download
2929
- name: Verify dependencies

.github/workflows/golangci-lint.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
1919
- uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # 5.5.0
2020
with:
21-
go-version: '1.24'
21+
go-version: '1.25'
2222
cache: false
2323
- name: golangci-lint
2424
uses: golangci/golangci-lint-action@4afd733a84b1f43292c63897423277bb7f4313a9 # v8.0.0

.github/workflows/release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ on:
88
- "v1.[0-9]+.[0-9]+"
99

1010
env:
11-
GO_VERSION: 1.24
11+
GO_VERSION: 1.25
1212
GO_RELEASER_VERSION: v2.4.7
1313

1414
permissions: {}

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -119,7 +119,7 @@ See [.poutine.sample.yml](.poutine.sample.yml) for an example configuration file
119119

120120
## Building from source
121121

122-
Building `poutine` requires Go 1.24+.
122+
Building `poutine` requires Go 1.25+.
123123

124124
```bash
125125
git clone https://github.com/boostsecurityio/poutine.git

dagger/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,3 @@
11
module dagger/poutine
22

3-
go 1.24.0
3+
go 1.25.0

formatters/pretty/pretty.go

Lines changed: 23 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ import (
1010
"strings"
1111

1212
"github.com/boostsecurityio/poutine/results"
13+
"github.com/olekukonko/tablewriter/tw"
1314

1415
"github.com/rs/zerolog/log"
1516

@@ -78,8 +79,12 @@ func (f *Format) FormatWithPath(ctx context.Context, packages []*models.PackageI
7879
func (f *Format) printFindingsPerWorkflow(out io.Writer, results map[string]map[string]bool, pathAssociations map[string][]*models.RepoInfo) error {
7980
// Skip rules with no findings.
8081
table := tablewriter.NewWriter(out)
81-
table.SetAutoMergeCells(true)
82-
table.SetHeader([]string{"Workflow sha", "Rule", "Location", "URL"})
82+
table.Options(tablewriter.WithConfig(tablewriter.Config{
83+
Row: tw.CellConfig{
84+
Formatting: tw.CellFormatting{MergeMode: tw.MergeHierarchical},
85+
},
86+
}))
87+
table.Header([]string{"Workflow sha", "Rule", "Location", "URL"})
8388

8489
for blobsha, repoInfos := range pathAssociations {
8590
findings := results[blobsha]
@@ -132,7 +137,10 @@ func (f *Format) printFindingsPerWorkflow(out io.Writer, results map[string]map[
132137
}
133138
}
134139

135-
table.AppendBulk(blobshaTable)
140+
err := table.Bulk(blobshaTable)
141+
if err != nil {
142+
return fmt.Errorf("failed to bulk insert into table: %w", err)
143+
}
136144
table.Append([]string{"", "", "", ""})
137145
}
138146

@@ -156,8 +164,12 @@ func printFindingsPerRule(out io.Writer, results map[string][]results.Finding, r
156164
}
157165

158166
table := tablewriter.NewWriter(out)
159-
table.SetAutoMergeCells(true)
160-
table.SetHeader([]string{"Repository", "Details", "URL"})
167+
table.Options(tablewriter.WithConfig(tablewriter.Config{
168+
Row: tw.CellConfig{
169+
Formatting: tw.CellFormatting{MergeMode: tw.MergeHierarchical},
170+
},
171+
}))
172+
table.Header([]string{"Repository", "Details", "URL"})
161173

162174
fmt.Fprintf(out, "Rule: %s\n", rules[ruleId].Title)
163175
fmt.Fprintf(out, "Severity: %s\n", rules[ruleId].Level)
@@ -212,8 +224,12 @@ func printFindingsPerRule(out io.Writer, results map[string][]results.Finding, r
212224

213225
func printSummaryTable(out io.Writer, failures map[string]int, rules map[string]results.Rule) {
214226
table := tablewriter.NewWriter(out)
215-
table.SetHeader([]string{"Rule ID", "Rule Name", "Failures", "Status"})
216-
table.SetColWidth(80)
227+
table.Options(tablewriter.WithConfig(tablewriter.Config{
228+
Row: tw.CellConfig{
229+
ColMaxWidths: tw.CellWidth{Global: 80},
230+
},
231+
}))
232+
table.Header([]string{"Rule ID", "Rule Name", "Failures", "Status"})
217233

218234
sortedRuleIDs := make([]string, 0, len(rules))
219235
for ruleID := range rules {

go.mod

Lines changed: 56 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,25 @@
11
module github.com/boostsecurityio/poutine
22

3-
go 1.24
4-
5-
toolchain go1.24.1
3+
go 1.25
64

75
require (
86
github.com/gofri/go-github-ratelimit v1.1.1
97
github.com/google/go-github/v59 v59.0.0
108
github.com/hashicorp/go-version v1.7.0
11-
github.com/mark3labs/mcp-go v0.41.0
12-
github.com/olekukonko/tablewriter v0.0.5
13-
github.com/open-policy-agent/opa v1.7.1
9+
github.com/mark3labs/mcp-go v0.41.1
10+
github.com/olekukonko/tablewriter v1.1.0
11+
github.com/open-policy-agent/opa v1.9.0
1412
github.com/owenrumney/go-sarif/v2 v2.3.3
1513
github.com/package-url/packageurl-go v0.1.3
1614
github.com/rs/zerolog v1.34.0
1715
github.com/schollz/progressbar/v3 v3.18.0
1816
github.com/shurcooL/githubv4 v0.0.0-20240727222349-48295856cce7
19-
github.com/spf13/cobra v1.9.1
20-
github.com/spf13/viper v1.20.1
21-
github.com/stretchr/testify v1.10.0
22-
gitlab.com/gitlab-org/api/client-go v0.137.0
23-
golang.org/x/oauth2 v0.30.0
24-
golang.org/x/sync v0.16.0
17+
github.com/spf13/cobra v1.10.1
18+
github.com/spf13/viper v1.21.0
19+
github.com/stretchr/testify v1.11.1
20+
gitlab.com/gitlab-org/api/client-go v0.151.0
21+
golang.org/x/oauth2 v0.31.0
22+
golang.org/x/sync v0.17.0
2523
gopkg.in/yaml.v3 v3.0.1
2624
)
2725

@@ -31,59 +29,83 @@ require (
3129
github.com/beorn7/perks v1.0.1 // indirect
3230
github.com/buger/jsonparser v1.1.1 // indirect
3331
github.com/cespare/xxhash/v2 v2.3.0 // indirect
32+
github.com/clipperhouse/uax29/v2 v2.2.0 // indirect
3433
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
34+
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect
35+
github.com/dgraph-io/ristretto/v2 v2.3.0 // indirect
36+
github.com/fatih/color v1.18.0 // indirect
3537
github.com/fsnotify/fsnotify v1.9.0 // indirect
3638
github.com/go-ini/ini v1.67.0 // indirect
3739
github.com/go-logr/logr v1.4.3 // indirect
3840
github.com/go-logr/stdr v1.2.2 // indirect
3941
github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
4042
github.com/gobwas/glob v0.2.3 // indirect
43+
github.com/goccy/go-json v0.10.5 // indirect
44+
github.com/google/flatbuffers v25.9.23+incompatible // indirect
4145
github.com/google/go-querystring v1.1.0 // indirect
4246
github.com/google/uuid v1.6.0 // indirect
47+
github.com/grpc-ecosystem/grpc-gateway/v2 v2.27.3 // indirect
4348
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
4449
github.com/hashicorp/go-retryablehttp v0.7.8 // indirect
4550
github.com/inconshreveable/mousetrap v1.1.0 // indirect
4651
github.com/invopop/jsonschema v0.13.0 // indirect
52+
github.com/lestrrat-go/blackmagic v1.0.4 // indirect
53+
github.com/lestrrat-go/dsig v1.0.0 // indirect
54+
github.com/lestrrat-go/dsig-secp256k1 v1.0.0 // indirect
55+
github.com/lestrrat-go/httpcc v1.0.1 // indirect
56+
github.com/lestrrat-go/httprc/v3 v3.0.1 // indirect
57+
github.com/lestrrat-go/jwx/v3 v3.0.11 // indirect
58+
github.com/lestrrat-go/option v1.0.1 // indirect
59+
github.com/lestrrat-go/option/v2 v2.0.0 // indirect
4760
github.com/mailru/easyjson v0.7.7 // indirect
4861
github.com/mattn/go-colorable v0.1.14 // indirect
4962
github.com/mattn/go-isatty v0.0.20 // indirect
50-
github.com/mattn/go-runewidth v0.0.16 // indirect
63+
github.com/mattn/go-runewidth v0.0.19 // indirect
5164
github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect
5265
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
66+
github.com/olekukonko/cat v0.0.0-20250911104152-50322a0618f6 // indirect
67+
github.com/olekukonko/errors v1.1.0 // indirect
68+
github.com/olekukonko/ll v0.1.1 // indirect
5369
github.com/pelletier/go-toml/v2 v2.2.4 // indirect
5470
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
55-
github.com/prometheus/client_golang v1.22.0 // indirect
71+
github.com/prometheus/client_golang v1.23.2 // indirect
5672
github.com/prometheus/client_model v0.6.2 // indirect
57-
github.com/prometheus/common v0.63.0 // indirect
58-
github.com/prometheus/procfs v0.16.1 // indirect
73+
github.com/prometheus/common v0.66.1 // indirect
74+
github.com/prometheus/procfs v0.17.0 // indirect
5975
github.com/rcrowley/go-metrics v0.0.0-20250401214520-65e299d6c5c9 // indirect
6076
github.com/rivo/uniseg v0.4.7 // indirect
61-
github.com/sagikazarmark/locafero v0.9.0 // indirect
77+
github.com/sagikazarmark/locafero v0.12.0 // indirect
78+
github.com/segmentio/asm v1.2.1 // indirect
6279
github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466 // indirect
63-
github.com/sirupsen/logrus v1.9.3 // indirect
64-
github.com/sourcegraph/conc v0.3.0 // indirect
65-
github.com/spf13/afero v1.14.0 // indirect
66-
github.com/spf13/cast v1.8.0 // indirect
67-
github.com/spf13/pflag v1.0.7 // indirect
80+
github.com/sirupsen/logrus v1.9.4-0.20230606125235-dd1b4c2e81af // indirect
81+
github.com/spf13/afero v1.15.0 // indirect
82+
github.com/spf13/cast v1.10.0 // indirect
83+
github.com/spf13/pflag v1.0.10 // indirect
6884
github.com/subosito/gotenv v1.6.0 // indirect
6985
github.com/tchap/go-patricia/v2 v2.3.3 // indirect
86+
github.com/valyala/fastjson v1.6.4 // indirect
7087
github.com/vektah/gqlparser/v2 v2.5.30 // indirect
7188
github.com/wk8/go-ordered-map/v2 v2.1.8 // indirect
7289
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
7390
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
7491
github.com/yashtewari/glob-intersection v0.2.0 // indirect
7592
github.com/yosida95/uritemplate/v3 v3.0.2 // indirect
76-
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
77-
go.opentelemetry.io/otel v1.37.0 // indirect
78-
go.opentelemetry.io/otel/metric v1.37.0 // indirect
79-
go.opentelemetry.io/otel/sdk v1.37.0 // indirect
80-
go.opentelemetry.io/otel/trace v1.37.0 // indirect
81-
go.uber.org/multierr v1.11.0 // indirect
82-
go.yaml.in/yaml/v2 v2.4.2 // indirect
83-
golang.org/x/sys v0.34.0 // indirect
84-
golang.org/x/term v0.33.0 // indirect
85-
golang.org/x/text v0.27.0 // indirect
86-
golang.org/x/time v0.12.0 // indirect
87-
google.golang.org/protobuf v1.36.6 // indirect
93+
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
94+
go.opentelemetry.io/otel v1.38.0 // indirect
95+
go.opentelemetry.io/otel/metric v1.38.0 // indirect
96+
go.opentelemetry.io/otel/sdk v1.38.0 // indirect
97+
go.opentelemetry.io/otel/trace v1.38.0 // indirect
98+
go.opentelemetry.io/proto/otlp v1.8.0 // indirect
99+
go.yaml.in/yaml/v2 v2.4.3 // indirect
100+
go.yaml.in/yaml/v3 v3.0.4 // indirect
101+
golang.org/x/crypto v0.42.0 // indirect
102+
golang.org/x/exp v0.0.0-20251002181428-27f1f14c8bb9 // indirect
103+
golang.org/x/sys v0.36.0 // indirect
104+
golang.org/x/term v0.35.0 // indirect
105+
golang.org/x/text v0.29.0 // indirect
106+
golang.org/x/time v0.13.0 // indirect
107+
google.golang.org/genproto/googleapis/api v0.0.0-20251002232023-7c0ddcbb5797 // indirect
108+
google.golang.org/genproto/googleapis/rpc v0.0.0-20251002232023-7c0ddcbb5797 // indirect
109+
google.golang.org/protobuf v1.36.10 // indirect
88110
sigs.k8s.io/yaml v1.6.0 // indirect
89111
)

0 commit comments

Comments
 (0)