James Blair
f7126aa1c3
depdendency: bump golang.org/x/sys from 0.10.0 to 0.11.0.
...
Signed-off-by: James Blair <mail@jamesblair.net>
2023-08-06 19:02:15 +12:00
=
418bab0ed4
dependency: bump golang.org/x/net 0.12.0 to 0.13.0
...
Co-authored-by: James Blair <mail@jamesblair.net>
Signed-off-by: = <abby.crimlis@outlook.com>
2023-08-04 09:09:16 +12:00
=
5896e40d23
dependency: bump go.uber.org/zap 1.24.0 to 1.25.0
...
Co-authored-by: James Blair <mail@jamesblair.net>
Signed-off-by: = <abby.crimlis@outlook.com>
2023-08-03 14:46:33 +12:00
Chao Chen
24c6fb4b4d
Fix 15877 and bump up gRPC from v1.52.0 to v1.57.0
...
Signed-off-by: Chao Chen <chaochn@amazon.com>
2023-07-31 13:57:24 -07:00
Chao Chen
e59e3d709c
dependency: bump google.golang.org/grpc from 1.51.0 to 1.52.0
...
Signed-off-by: Chao Chen <chaochn@amazon.com>
2023-07-27 13:25:12 -07:00
Benjamin Wang
2c22ca7eba
dependency: bump golang.org/x/net from v0.11.0 to v0.12.0
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-07-10 18:43:30 +01:00
Benjamin Wang
149256735d
dependency: bump golang.org/x/sys from v0.9.0 to v0.10.0
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-07-10 18:38:16 +01:00
ArkaSaha30
37bd1e3382
Bump dependency manually
...
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com>
2023-06-28 12:39:27 +05:30
Benjamin Wang
b92d099360
dependency: bump golang.org/x/net from 0.10.0 to 0.11.0
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-06-19 09:25:07 +01:00
Prasad Chandrasekaran
3a8c6d749f
manual dependency bump
...
Signed-off-by: Prasad Chandrasekaran <prasadc@vmware.com>
2023-06-13 23:28:47 +05:30
Chao Chen
b2c39fc8e6
2023-06-06: bump up dependencies update identified by dependabot
...
Signed-off-by: Chao Chen <chaochn@amazon.com>
2023-06-06 20:18:44 -07:00
Bogdan Kanivets
ef91e8ae78
dependency: bump github.com/stretchr/testify from 1.8.2 to 1.8.3
...
Signed-off-by: Bogdan Kanivets <bkanivets@apple.com>
2023-05-24 23:58:13 -07:00
Prasad Chandrasekaran
9878b134eb
dependency: bump indirect dependencies
...
Signed-off-by: Prasad Chandrasekaran <prasadc@vmware.com>
2023-05-11 18:00:12 +05:30
Prasad Chandrasekaran
c863f1f8c0
dependency: bump dependabot dependencies
...
Signed-off-by: Prasad Chandrasekaran <prasadc@vmware.com>
2023-05-09 18:38:35 +05:30
Benjamin Wang
dddd4780c2
dependency: bump github.com/spf13/cobra from 1.6.1 to 1.7.0
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-04-11 08:51:26 +08:00
Benjamin Wang
eb9b15bf49
dependency: bump golang.org/x/net from 0.8.0 to 0.9.0
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-04-11 08:44:26 +08:00
Benjamin Wang
072c5cb5da
dependency: bump google.golang.org/protobuf from 1.28.1 to 1.30.0
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-04-04 15:28:09 +08:00
Benjamin Wang
56284d5dfe
dependency: bump github.com/golang/protobuf from 1.5.2 to 1.5.3
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-04-04 15:21:22 +08:00
Benjamin Wang
0c66fc9f29
dependency: bump go.uber.org/multierr from 1.9.0 to 1.11.0
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-04-04 15:15:32 +08:00
Benjamin Wang
7ed1219861
dependency: bump golang.org/x/net to v0.8.0
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-03-07 06:52:07 +08:00
Benjamin Wang
d8b8127084
dependency: bump github.com/stretchr/testify from 1.8.1 to 1.8.2
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-02-28 06:44:33 +08:00
Benjamin Wang
a7e94c4843
security: bump golang.org/x/net to v0.7.0 to address CVE GO-2023-1571
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-02-17 11:29:47 +08:00
Benjamin Wang
ac98432f0b
dependency: bump github.com/dustin/go-humanize from v1.0.0 to v1.0.1
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2023-01-17 06:37:19 +08:00
Benjamin Wang
c51540bdd2
deps: bump google.golang.org/protobuf from 1.28.0 to 1.28.1
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 04:07:52 +08:00
Benjamin Wang
2c192f4205
deps: bump go.uber.org/multierr from 1.8.0 to 1.9.0 in /server
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 04:00:49 +08:00
Benjamin Wang
700ad0fdce
deps: bump github.com/creack/pty from 1.1.11 to 1.1.18 in /pkg
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 03:46:14 +08:00
Benjamin Wang
bc41c0963b
deps: bump github.com/coreos/go-systemd/v22 from 22.3.2 to 22.5.0
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 03:38:55 +08:00
Benjamin Wang
259a73d67a
deps: bump github.com/spf13/cobra from 1.4.0 to 1.6.1
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 03:33:24 +08:00
Benjamin Wang
1a0af6fee6
deps: bump go.uber.org/zap from 1.21.0 to 1.24.0
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-14 03:33:24 +08:00
Benjamin Wang
1ba246e1d8
bump golang.org/x/ to v0.4.0
...
Found 1 known vulnerability.
Vulnerability #1 : GO-2022-1144
An attacker can cause excessive memory growth in a Go server
accepting HTTP/2 requests. HTTP/2 server connections contain a
cache of HTTP header keys sent by the client. While the total
number of entries in this cache is capped, an attacker sending
very large keys can cause the server to allocate approximately
64 MiB per open connection.
Call stacks in your code:
Error: tools/etcd-dump-metrics/main.go:158:5: go.etcd.io/etcd/v3/tools/etcd-dump-metrics.main calls go.etcd.io/etcd/server/v3/embed.StartEtcd, which eventually calls golang.org/x/net/http2.Server.ServeConn
Found in: golang.org/x/net/http2@v0.2.0
Fixed in: golang.org/x/net/http2@v0.4.0
More info: https://pkg.go.dev/vuln/GO-2022-1144
Error: Process completed with exit code 3.
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-12-09 08:54:48 +08:00
Benjamin Wang
3f86db5e53
bump golang.org/x imports to address CVEs
...
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-11-30 05:03:43 +08:00
Benjamin Wang
285e44378f
bump github.com/stretchr/testify from v1.7.2 to v1.8.1
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-11-26 10:51:32 +08:00
Wei Fu
cf285ea3c7
bump grpc to v1.51.0 from v1.47.0
...
Signed-off-by: Wei Fu <fuweid89@gmail.com>
2022-11-23 22:16:22 +08:00
Benjamin Wang
cd0b1d0c66
Bump go 1.19: upgrade go version to 1.19 in all go.mod files
...
Signed-off-by: Benjamin Wang <wachao@vmware.com>
2022-09-22 08:47:46 +08:00
Piotr Tabor
e7a84b69c8
Update zap to 1.21.
...
Signed-off-by: Piotr Tabor <ptab@google.com>
2022-06-17 10:05:25 +02:00
Piotr Tabor
17c1dcd614
Update grpc to 1.47 and go-cmp to 0.5.8.
...
Signed-off-by: Piotr Tabor <ptab@google.com>
2022-06-17 08:57:22 +02:00
Marek Siarkowicz
d58f971895
tests: Use zaptest.NewLogger in places we missed
2022-05-06 12:23:20 +02:00
ahrtr
0dae4b3b1e
rollback the opentelemetry bumpping to recover the pipeline failures
2022-04-14 16:13:28 +08:00
Will Beason
eab1e0c5d5
go.mod: upgrade opentelemetry deps
...
Downstream users of etcd experience build issues when using dependencies
which require more recent (incompatible) versions of opentelemetry. This
commit upgrades the dependencies so that downstream users stop
experiencing these issues.
2022-04-13 07:14:10 -07:00
Kay Yan
afecd3139c
fix the api dependency in pkg, and update cobra to 1.4.0
...
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
2022-03-25 17:18:56 +08:00
Marek Siarkowicz
fb55910500
version: bump up to 3.6.0-alpha.0
2022-02-28 13:20:27 +01:00
Your Name
77bf0a5a9e
update cobra version to 1.2.1
...
Signed-off-by: yankay <kay.yan@daocloud.io>
2021-12-29 17:35:25 +08:00
Kushal Pisavadia
71493bde3e
*: Upgrade to use go.opentelemetry.io/otel@v1.2.0
...
Upgrading from v1.0.1.
Upgrading related dependencies
------------------------------
The following dependencies also had to be upgraded:
- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.26.1
From v0.25.0. This gets rid of a transitive dependency on go.opentelemetry.io/otel@v1.0.1.
- google.golang.org/genproto@v0.0.0-20211118181313-81c1377c94b1
2021-11-24 16:03:33 +00:00
Lili Cosic
e6e279a14d
*: Bump go to go v1.17.2
2021-10-27 13:44:54 +02:00
Vladimir Ermakov
49a8aa7f49
run fix.sh
...
To fix dependencies.
Signed-off-by: Vladimir Ermakov <vooon341@gmail.com>
2021-10-13 14:08:27 +03:00
Lili Cosic
df696a7e76
go.mod: Bump etcd to 3.5.0
2021-06-22 12:25:39 +02:00
Piotr Tabor
404efd70f7
Upgrade of prometheous deps.
...
For now we need to depend on unstable: prometheus/client_golang
2021-06-03 16:07:01 +02:00
Piotr Tabor
edcfe575cf
Update dependencies:
...
- github.com/coreos/go-systemd/v22 v22.3.2
- github.com/google/btree v1.0.1
- github.com/json-iterator/go v1.1.11
- github.com/mattn/go-runewidth v0.0.13
- github.com/prometheus/client_golang v1.10.0
- github.com/prometheus/common v0.26.0
- github.com/sirupsen/logrus v1.8.1
2021-06-03 13:03:01 +02:00
Piotr Tabor
b240625d21
Update bbolt to v1.3.6.
...
`./scripts/update_dep.sh go.etcd.io/bbolt v1.3.6`
2021-06-03 12:39:53 +02:00
Piotr Tabor
90cea7d4e7
Update zap to v1.17.0.
2021-06-03 12:37:43 +02:00