Skip to content

Commit 3c08e9a

Browse files
rekbyasmyasnikov
rekby
authored and
asmyasnikov
committed
upgrade x sync for prevent security issues
1 parent 01f431f commit 3c08e9a

File tree

4 files changed

+19
-12
lines changed

4 files changed

+19
-12
lines changed

.github/workflows/tests.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ jobs:
1212
cancel-in-progress: true
1313
strategy:
1414
matrix:
15-
go-version: [1.16.x, 1.19.x, 1.20.x]
15+
go-version: [1.17.x, 1.19.x, 1.20.x]
1616
os: [ubuntu-latest, windows-latest, macOS-latest]
1717
env:
1818
OS: ${{ matrix.os }}
@@ -39,7 +39,7 @@ jobs:
3939
cancel-in-progress: true
4040
strategy:
4141
matrix:
42-
go-version: [1.16.x, 1.19.x, 1.20.x]
42+
go-version: [1.17.x, 1.19.x, 1.20.x]
4343
os: [ubuntu-latest]
4444
services:
4545
ydb:
@@ -83,7 +83,7 @@ jobs:
8383
cancel-in-progress: true
8484
strategy:
8585
matrix:
86-
go-version: [1.16.x, 1.19.x, 1.20.x]
86+
go-version: [1.17.x, 1.19.x, 1.20.x]
8787
os: [ubuntu-latest]
8888
services:
8989
ydb:

CHANGELOG.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,10 @@ Changes in ydb connection:
1414
* Changed argument type for ydb.GRPCConn from `ydb.Connection` to `*ydb.Driver`
1515
* Removed method `With` from `ydb.Connection` (use *Driver.With) if need.
1616

17+
Dependencies:
18+
* Up minimal supported version of go to 1.17 for update dependencies (new golang.org/x doesn't compiled for go 1.16)
19+
* Upgrade golang.org/x/... for prevent issues: CVE-2021-33194, CVE-2022-27664, CVE-2021-31525, CVE-2022-41723
20+
1721
## v3.42.15
1822
* Fixed checking `nil` error with `internal/xerrors.Is`
1923

go.mod

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ require (
99
github.com/jonboulle/clockwork v0.2.2
1010
github.com/stretchr/testify v1.7.1
1111
github.com/ydb-platform/ydb-go-genproto v0.0.0-20221215182650-986f9d10542f
12-
golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f
12+
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4
1313
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1
1414
google.golang.org/grpc v1.49.0
1515
google.golang.org/protobuf v1.28.0
@@ -19,9 +19,9 @@ require (
1919
github.com/davecgh/go-spew v1.1.0 // indirect
2020
github.com/golang/protobuf v1.5.2 // indirect
2121
github.com/pmezard/go-difflib v1.0.0 // indirect
22-
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 // indirect
23-
golang.org/x/sys v0.0.0-20210510120138-977fb7262007 // indirect
24-
golang.org/x/text v0.3.3 // indirect
22+
golang.org/x/net v0.7.0 // indirect
23+
golang.org/x/sys v0.5.0 // indirect
24+
golang.org/x/text v0.7.0 // indirect
2525
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013 // indirect
2626
gopkg.in/yaml.v3 v3.0.0 // indirect
2727
)

go.sum

Lines changed: 8 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -84,17 +84,18 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn
8484
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
8585
golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
8686
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
87-
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 h1:4nGaVu0QrbjT/AK2PRLuQfQuh6DJve+pELhqTdAj3x0=
8887
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
88+
golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
89+
golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
8990
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
9091
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
9192
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
9293
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
9394
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
9495
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
9596
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
96-
golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f h1:Ax0t5p6N38Ga0dThY21weqDEyz2oklo4IvDkpigvkD8=
97-
golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
97+
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 h1:uVc8UZUe6tr40fFVnUP5Oj+veunVezqYl9z7DYw9xzw=
98+
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
9899
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
99100
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
100101
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -103,12 +104,14 @@ golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7w
103104
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
104105
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
105106
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
106-
golang.org/x/sys v0.0.0-20210510120138-977fb7262007 h1:gG67DSER+11cZvqIMb8S8bt0vZtiN6xWYARwirrOSfE=
107107
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
108+
golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
109+
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
108110
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
109111
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
110-
golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
111112
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
113+
golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
114+
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
112115
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
113116
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
114117
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=

0 commit comments

Comments
 (0)