Closed titpetric closed 9 months ago
IMPORT | VERSION | LATEST | WARNINGS |
---|---|---|---|
Jeffail/gabs | v1.4.0 | ✖ No info | Bad request, possibly renamed |
Jeffail/tunny | v0.1.4 | ✖ No info | Bad request, possibly renamed |
Masterminds/sprig/v3 | v3.2.2 | ✖ No info | Bad request, possibly renamed |
TykTechnologies/again | v0.0.0 20190805133618 6ad301e7eaed | Skipped | Dependency without go.mod |
TykTechnologies/circuitbreaker | v2.2.2 +incompatible | Skipped | |
TykTechnologies/drl | v0.0.0 20221208085827 9bc9b4338f26 | Skipped | Dependency without go.mod |
TykTechnologies/goautosocket | v0.0.0 20190430121222 97bfa5e7e481 | Skipped | Dependency without go.mod |
TykTechnologies/gojsonschema | v0.0.0 20170222154038 dcb3e4bb7990 | Skipped | Dependency without go.mod |
TykTechnologies/gorpc | v0.0.0 20210624160652 fe65bda0ccb9 | Skipped | Dependency without go.mod |
TykTechnologies/goverify | v0.0.0 20220808203004 1486f89e7708 | Skipped | Dependency without go.mod |
TykTechnologies/graphql-go-tools | v1.6.2 0.20231121123800 70500778ba66 | Skipped | |
TykTechnologies/leakybucket | v0.0.0 20170301023702 71692c943e3c | Skipped | Dependency without go.mod |
TykTechnologies/murmur3 | v0.0.0 20230310161213 aad17efd5632 | Skipped | Dependency without go.mod |
TykTechnologies/openid2go | v0.1.2 | Skipped | |
TykTechnologies/storage | v1.0.8 | Skipped | |
TykTechnologies/tyk-pump | v1.8.1 rc1.0.20231030094653 9984a1ee29ee | Skipped | |
akutz/memconn | v0.1.0 | ✓ Up to date | |
bshuster-repo/logrus-logstash-hook | v1.1.0 | ✓ Up to date | |
buger/jsonparser | v1.1.1 | ✓ Up to date | |
cenk/backoff | v2.2.1 +incompatible | ✓ Up to date | |
cenkalti/backoff/v4 | v4.2.1 | ✓ Up to date | |
clbanning/mxj | v1.8.4 | ✓ Up to date | |
evalphobia/logrus_sentry | v0.8.2 | ✓ Up to date | |
gemnasium/logrus-graylog-hook | v2.0.7 +incompatible | ✓ Up to date | |
getkin/kin-openapi | v0.115.0 | v0.122.0 | |
go-redis/redis/v8 | v8.11.5 | ✓ Up to date | |
gocraft/health | v0.0.0 20170925182251 8675af27fef0 | No versions available | Dependency without go.mod |
gofrs/uuid | v4.0.0 +incompatible | v4.4.0+incompatible | |
golang-jwt/jwt/v4 | v4.4.2 | v4.5.0 | |
golang/protobuf | v1.5.3 | ✓ Up to date | |
gorilla/mux | v1.8.0 | v1.8.1 | |
gorilla/websocket | v1.5.0 | v1.5.1 | |
hashicorp/consul/api | v1.3.0 | v1.26.1 | |
hashicorp/go-multierror | v1.1.1 | ✓ Up to date | |
hashicorp/go-version | v1.4.0 | v1.6.0 | |
hashicorp/vault/api | v1.0.4 | v1.10.0 | |
jensneuse/abstractlogger | v0.0.4 | ✓ Up to date | |
justinas/alice | v1.2.0 | ✓ Up to date | |
kelseyhightower/envconfig | v1.4.0 | ✓ Up to date | |
lonelycode/osin | v0.0.0 20160423095202 da239c9dacb6 | No versions available | Dependency without go.mod |
mavricknz/ldap | v0.0.0 20160227184754 f5a958005e43 | No versions available | Dependency without go.mod |
miekg/dns | v1.1.56 | v1.1.57 | |
mitchellh/mapstructure | v1.5.0 | ✓ Up to date | |
newrelic/go-agent | v2.13.0 +incompatible | v3.28.1+incompatible | |
nsf/jsondiff | v0.0.0 20210303162244 6ea32392771e | No versions available | Dependency without go.mod |
opentracing/opentracing-go | v1.2.0 | ✓ Up to date | |
openzipkin/zipkin-go | v0.2.2 | v0.4.2 | |
oschwald/maxminddb-golang | v1.11.0 | v1.12.0 | |
paulbellamy/ratecounter | v0.2.0 | ✓ Up to date | |
pires/go-proxyproto | v0.7.0 | ✓ Up to date | |
pmylund/go-cache | v2.1.0 +incompatible | ✓ Up to date | |
robertkrimen/otto | v0.0.0 20180617131154 15f95af6e78d | v0.2.1 | Dependency without go.mod |
rs/cors | v1.7.0 | v1.10.1 | |
sirupsen/logrus | v1.9.3 | ✓ Up to date | |
spf13/afero | v1.6.0 | v1.11.0 | |
square/go-jose | v2.4.1 +incompatible | v2.6.0+incompatible | |
stretchr/testify | v1.8.4 | ✓ Up to date | |
uber/jaeger-client-go | v2.30.1 0.20220110192849 8d8e8fcfd04d +incompatible | v2.30.0+incompatible | Version ahead of latest release |
valyala/fasthttp | v1.43.0 | v1.51.0 | |
vmihailenco/msgpack | v4.0.4 +incompatible | ✓ Up to date | |
xeipuuv/gojsonschema | v1.2.0 | ✓ Up to date | |
golang.org/x/crypto | v0.14.0 | v0.16.0 | |
golang.org/x/net | v0.17.0 | v0.19.0 | |
golang.org/x/sync | v0.4.0 | v0.5.0 | |
google.golang.org/grpc | v1.59.0 | v1.61.0-dev | |
google.golang.org/grpc/examples | v0.0.0 20220317213542 f95b001a48df | No versions available | Dependency without go.mod |
google.golang.org/protobuf | v1.31.0 | ✓ Up to date | |
gopkg.in/alecthomas/kingpin.v2 | v2.2.6 | v2.4.0 | Deprecated import (gopkg.in) |
gopkg.in/vmihailenco/msgpack.v2 | v2.9.1 | v2.9.2 | Deprecated import (gopkg.in) |
gopkg.in/xmlpath.v2 | v2.0.0 20150820204837 860cbeca3ebc | No versions available | Deprecated import (gopkg.in) |
gopkg.in/yaml.v3 | v3.0.1 | ✓ Up to date | Deprecated import (gopkg.in) |
TykTechnologies/kin-openapi | v0.90.0 | Skipped | |
TykTechnologies/opentelemetry | v0.0.20 | Skipped | |
google/go-cmp | v0.5.9 | v0.6.0 | |
go.opentelemetry.io/otel | v1.19.0 | v1.21.0 | |
go.opentelemetry.io/otel/trace | v1.19.0 | v1.21.0 | |
go.uber.org/mock | v0.3.0 | ✓ Up to date |
Is the newrelic/go-agent
dependency expected to be addressed eventually?
Hi @smarusa,
We don't have a plan to update the newrelic dependency as it is not bringing any high impact CVEs to the product.
We are deprecating Open Tracing support in favour of Open Telemetry, so do not plan further development of our legacy Open Tracing/New Relic specific support.
I'm closing this issue as it was opened in error - we perform regular dependency checks and focus attention on those libraries that require updates for security or functionality reasons.
Thanks for your support.