Skip to content

Commit ddd435d

Browse files
DimitriosNaikopoulosDimitriosNaikopoulos
authored
CLD-683: Fix security warning because of docker dependency (#2157)
* CLD-683: Fix security warning because of docker dependency * CLD-683: add changeset file
1 parent 2874079 commit ddd435d

File tree

11 files changed

+43
-30
lines changed

11 files changed

+43
-30
lines changed

framework/.changeset/v0.10.30.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
- Bump docker package dependency

framework/components/dockercompose/go.mod

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ replace github.com/smartcontractkit/chainlink-testing-framework/framework => ../
77
require (
88
github.com/avast/retry-go/v4 v4.6.1
99
github.com/confluentinc/confluent-kafka-go v1.9.2
10-
github.com/docker/docker v28.0.4+incompatible
10+
github.com/docker/docker v28.3.3+incompatible
1111
github.com/docker/go-connections v0.5.0
1212
github.com/google/go-github/v72 v72.0.0
1313
github.com/pkg/errors v0.9.1
@@ -113,7 +113,7 @@ require (
113113
github.com/josharian/intern v1.0.0 // indirect
114114
github.com/json-iterator/go v1.1.12 // indirect
115115
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
116-
github.com/klauspost/compress v1.17.11 // indirect
116+
github.com/klauspost/compress v1.18.0 // indirect
117117
github.com/leodido/go-urn v1.4.0 // indirect
118118
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
119119
github.com/magiconair/properties v1.8.10 // indirect
@@ -128,6 +128,7 @@ require (
128128
github.com/mitchellh/mapstructure v1.5.0 // indirect
129129
github.com/moby/buildkit v0.20.1 // indirect
130130
github.com/moby/docker-image-spec v1.3.1 // indirect
131+
github.com/moby/go-archive v0.1.0 // indirect
131132
github.com/moby/locker v1.0.1 // indirect
132133
github.com/moby/patternmatcher v0.6.0 // indirect
133134
github.com/moby/spdystream v0.4.0 // indirect
@@ -137,7 +138,7 @@ require (
137138
github.com/moby/sys/sequential v0.6.0 // indirect
138139
github.com/moby/sys/signal v0.7.1 // indirect
139140
github.com/moby/sys/symlink v0.3.0 // indirect
140-
github.com/moby/sys/user v0.3.0 // indirect
141+
github.com/moby/sys/user v0.4.0 // indirect
141142
github.com/moby/sys/userns v0.1.0 // indirect
142143
github.com/moby/term v0.5.2 // indirect
143144
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect

framework/components/dockercompose/go.sum

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -165,8 +165,8 @@ github.com/docker/compose/v2 v2.35.0/go.mod h1:S5ejUILn9KTYC6noX3IxznWu3/sb3FxdZ
165165
github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
166166
github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
167167
github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
168-
github.com/docker/docker v28.0.4+incompatible h1:JNNkBctYKurkw6FrHfKqY0nKIDf5nrbxjVBtS+cdcok=
169-
github.com/docker/docker v28.0.4+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
168+
github.com/docker/docker v28.3.3+incompatible h1:Dypm25kh4rmk49v1eiVbsAtpAsYURjYkaKubwuBdxEI=
169+
github.com/docker/docker v28.3.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
170170
github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo=
171171
github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
172172
github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c h1:lzqkGL9b3znc+ZUgi7FlLnqjQhcXxkNM/quxIjBVMD0=
@@ -373,8 +373,8 @@ github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNU
373373
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
374374
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
375375
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
376-
github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc=
377-
github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
376+
github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
377+
github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
378378
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
379379
github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
380380
github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
@@ -432,6 +432,8 @@ github.com/moby/buildkit v0.20.1 h1:sT0ZXhhNo5rVbMcYfgttma3TdUHfO5JjFA0UAL8p9fY=
432432
github.com/moby/buildkit v0.20.1/go.mod h1:Rq9nB/fJImdk6QeM0niKtOHJqwKeYMrK847hTTDVuA4=
433433
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
434434
github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
435+
github.com/moby/go-archive v0.1.0 h1:Kk/5rdW/g+H8NHdJW2gsXyZ7UnzvJNOy6VKJqueWdcQ=
436+
github.com/moby/go-archive v0.1.0/go.mod h1:G9B+YoujNohJmrIYFBpSd54GTUB4lt9S+xVQvsJyFuo=
435437
github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg=
436438
github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc=
437439
github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk=
@@ -450,8 +452,8 @@ github.com/moby/sys/signal v0.7.1 h1:PrQxdvxcGijdo6UXXo/lU/TvHUWyPhj7UOpSo8tuvk0
450452
github.com/moby/sys/signal v0.7.1/go.mod h1:Se1VGehYokAkrSQwL4tDzHvETwUZlnY7S5XtQ50mQp8=
451453
github.com/moby/sys/symlink v0.3.0 h1:GZX89mEZ9u53f97npBy4Rc3vJKj7JBDj/PN2I22GrNU=
452454
github.com/moby/sys/symlink v0.3.0/go.mod h1:3eNdhduHmYPcgsJtZXW1W4XUJdZGBIkttZ8xKqPUJq0=
453-
github.com/moby/sys/user v0.3.0 h1:9ni5DlcW5an3SvRSx4MouotOygvzaXbaSrc/wGDFWPo=
454-
github.com/moby/sys/user v0.3.0/go.mod h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs=
455+
github.com/moby/sys/user v0.4.0 h1:jhcMKit7SA80hivmFJcbB1vqmw//wU61Zdui2eQXuMs=
456+
github.com/moby/sys/user v0.4.0/go.mod h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs=
455457
github.com/moby/sys/userns v0.1.0 h1:tVLXkFOxVu9A64/yh59slHVv9ahO9UIev4JZusOLG/g=
456458
github.com/moby/sys/userns v0.1.0/go.mod h1:IHUYgu/kao6N8YZlp9Cf444ySSvCmDlmzUcYfDHOl28=
457459
github.com/moby/term v0.5.2 h1:6qk3FJAFDs6i/q3W/pQ97SX192qKfZgGjCQqfCJkgzQ=

framework/components/fake/go.mod

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ go 1.24.4
55
replace github.com/smartcontractkit/chainlink-testing-framework/framework => ../../../framework
66

77
require (
8-
github.com/docker/docker v28.3.1+incompatible
8+
github.com/docker/docker v28.3.3+incompatible
99
github.com/docker/go-connections v0.5.0
1010
github.com/gin-gonic/gin v1.10.1
1111
github.com/go-resty/resty/v2 v2.16.5
@@ -55,7 +55,6 @@ require (
5555
github.com/moby/docker-image-spec v1.3.1 // indirect
5656
github.com/moby/go-archive v0.1.0 // indirect
5757
github.com/moby/patternmatcher v0.6.0 // indirect
58-
github.com/moby/sys/atomicwriter v0.1.0 // indirect
5958
github.com/moby/sys/sequential v0.6.0 // indirect
6059
github.com/moby/sys/user v0.4.0 // indirect
6160
github.com/moby/sys/userns v0.1.0 // indirect

framework/components/fake/go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,8 +36,8 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1
3636
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
3737
github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
3838
github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
39-
github.com/docker/docker v28.3.1+incompatible h1:20+BmuA9FXlCX4ByQ0vYJcUEnOmRM6XljDnFWR+jCyY=
40-
github.com/docker/docker v28.3.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
39+
github.com/docker/docker v28.3.3+incompatible h1:Dypm25kh4rmk49v1eiVbsAtpAsYURjYkaKubwuBdxEI=
40+
github.com/docker/docker v28.3.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
4141
github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
4242
github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc=
4343
github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=

framework/examples/myproject/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -189,7 +189,7 @@ require (
189189
github.com/dennwc/varint v1.0.0 // indirect
190190
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
191191
github.com/distribution/reference v0.6.0 // indirect
192-
github.com/docker/docker v28.3.1+incompatible // indirect
192+
github.com/docker/docker v28.3.3+incompatible // indirect
193193
github.com/docker/go-connections v0.5.0 // indirect
194194
github.com/docker/go-units v0.5.0 // indirect
195195
github.com/dustin/go-humanize v1.0.1 // indirect

framework/examples/myproject/go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -395,8 +395,8 @@ github.com/docker/compose/v2 v2.35.0/go.mod h1:S5ejUILn9KTYC6noX3IxznWu3/sb3FxdZ
395395
github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
396396
github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
397397
github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
398-
github.com/docker/docker v28.3.1+incompatible h1:20+BmuA9FXlCX4ByQ0vYJcUEnOmRM6XljDnFWR+jCyY=
399-
github.com/docker/docker v28.3.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
398+
github.com/docker/docker v28.3.3+incompatible h1:Dypm25kh4rmk49v1eiVbsAtpAsYURjYkaKubwuBdxEI=
399+
github.com/docker/docker v28.3.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
400400
github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo=
401401
github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
402402
github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c h1:lzqkGL9b3znc+ZUgi7FlLnqjQhcXxkNM/quxIjBVMD0=

framework/examples/myproject_cll/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ require (
4040
github.com/deckarep/golang-set/v2 v2.6.0 // indirect
4141
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect
4242
github.com/distribution/reference v0.6.0 // indirect
43-
github.com/docker/docker v28.3.1+incompatible // indirect
43+
github.com/docker/docker v28.3.3+incompatible // indirect
4444
github.com/docker/go-connections v0.5.0 // indirect
4545
github.com/docker/go-units v0.5.0 // indirect
4646
github.com/ebitengine/purego v0.8.2 // indirect

framework/examples/myproject_cll/go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -82,8 +82,8 @@ github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 h1:YLtO71vCjJRCBcrPMtQ9nqBsqpA1
8282
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1/go.mod h1:hyedUtir6IdtD/7lIxGeCxkaw7y45JueMRL4DIyJDKs=
8383
github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
8484
github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
85-
github.com/docker/docker v28.3.1+incompatible h1:20+BmuA9FXlCX4ByQ0vYJcUEnOmRM6XljDnFWR+jCyY=
86-
github.com/docker/docker v28.3.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
85+
github.com/docker/docker v28.3.3+incompatible h1:Dypm25kh4rmk49v1eiVbsAtpAsYURjYkaKubwuBdxEI=
86+
github.com/docker/docker v28.3.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
8787
github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
8888
github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc=
8989
github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=

framework/go.mod

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ require (
77
github.com/avast/retry-go/v4 v4.6.1
88
github.com/block-vision/sui-go-sdk v1.0.6
99
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
10-
github.com/docker/docker v28.0.4+incompatible
10+
github.com/docker/docker v28.3.3+incompatible
1111
github.com/docker/go-connections v0.5.0
1212
github.com/ethereum/go-ethereum v1.15.0
1313
github.com/go-playground/locales v0.14.1
@@ -34,14 +34,15 @@ require (
3434
)
3535

3636
require (
37-
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect
3837
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
3938
github.com/Microsoft/go-winio v0.6.2 // indirect
4039
github.com/StackExchange/wmi v1.2.1 // indirect
4140
github.com/bits-and-blooms/bitset v1.17.0 // indirect
4241
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
4342
github.com/consensys/bavard v0.1.22 // indirect
4443
github.com/consensys/gnark-crypto v0.14.0 // indirect
44+
github.com/containerd/errdefs v1.0.0 // indirect
45+
github.com/containerd/errdefs/pkg v0.3.0 // indirect
4546
github.com/containerd/log v0.1.0 // indirect
4647
github.com/containerd/platforms v1.0.0-rc.1 // indirect
4748
github.com/cpuguy83/dockercfg v0.3.2 // indirect
@@ -68,7 +69,7 @@ require (
6869
github.com/gorilla/websocket v1.5.1 // indirect
6970
github.com/holiman/uint256 v1.3.2 // indirect
7071
github.com/json-iterator/go v1.1.12 // indirect
71-
github.com/klauspost/compress v1.17.11 // indirect
72+
github.com/klauspost/compress v1.18.0 // indirect
7273
github.com/klauspost/cpuid/v2 v2.2.8 // indirect
7374
github.com/leodido/go-urn v1.4.0 // indirect
7475
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
@@ -81,9 +82,11 @@ require (
8182
github.com/mitchellh/mapstructure v1.5.0 // indirect
8283
github.com/mmcloughlin/addchain v0.4.0 // indirect
8384
github.com/moby/docker-image-spec v1.3.1 // indirect
85+
github.com/moby/go-archive v0.1.0 // indirect
8486
github.com/moby/patternmatcher v0.6.0 // indirect
87+
github.com/moby/sys/atomicwriter v0.1.0 // indirect
8588
github.com/moby/sys/sequential v0.6.0 // indirect
86-
github.com/moby/sys/user v0.3.0 // indirect
89+
github.com/moby/sys/user v0.4.0 // indirect
8790
github.com/moby/sys/userns v0.1.0 // indirect
8891
github.com/moby/term v0.5.2 // indirect
8992
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
@@ -123,7 +126,6 @@ require (
123126
google.golang.org/protobuf v1.36.4 // indirect
124127
gopkg.in/ini.v1 v1.67.0 // indirect
125128
gopkg.in/yaml.v3 v3.0.1 // indirect
126-
gotest.tools/v3 v3.5.2 // indirect
127129
rsc.io/tmplfunc v0.0.3 // indirect
128130
)
129131

0 commit comments

Comments
 (0)