[TT-13098] [master] exp/modcheck: Update go.mod dependencies

buger commented 2 months ago

User description

Triggered by: titpetric JIRA: https://tyktech.atlassian.net/browse/TT-13098

IMPORT	VERSION	LATEST	WARNINGS	CVES
Masterminds/sprig/v3	v3.2.3	v3.3.0
getkin/kin-openapi	v0.115.0	v0.127.0	Held back from upgrade
hashicorp/consul/api	v1.29.1	v1.29.4
hashicorp/vault/api	v1.14.0	v1.15.0
miekg/dns	v1.1.61	v1.1.62		0 of 3
oschwald/maxminddb-golang	v1.13.0	v1.13.1
rs/cors	v1.11.0	v1.11.1		0 of 2
golang.org/x/crypto	v0.24.0	v0.27.0		0 of 10
golang.org/x/net	v0.26.0	v0.29.0		0 of 16
golang.org/x/sync	v0.7.0	v0.8.0
google.golang.org/grpc	v1.64.0	v1.66.2		0 of 2
go-redsync/redsync/v4	v4.11.0	v4.13.0
redis/go-redis/v9	v9.5.3	v9.6.1
newrelic/go-agent	v2.13.0 +incompatible	v3.34.0+incompatible	Held back from upgrade
go.opentelemetry.io/otel	v1.19.0	v1.30.0	Held back from upgrade
go.opentelemetry.io/otel/trace	v1.19.0	v1.30.0	Held back from upgrade

Steps performed

~~~ + go get github.com/Masterminds/sprig/v3@v3.3.0 go: downloading github.com/Masterminds/sprig/v3 v3.3.0 go: downloading dario.cat/mergo v1.0.1 go: downloading github.com/Masterminds/semver/v3 v3.3.0 go: downloading github.com/huandu/xstrings v1.5.0 go: downloading github.com/shopspring/decimal v1.4.0 go: downloading github.com/spf13/cast v1.7.0 go: downloading golang.org/x/crypto v0.26.0 go: downloading golang.org/x/text v0.17.0 go: downloading golang.org/x/sys v0.23.0 go: added dario.cat/mergo v1.0.1 go: upgraded github.com/Masterminds/semver/v3 v3.2.0 => v3.3.0 go: upgraded github.com/Masterminds/sprig/v3 v3.2.3 => v3.3.0 go: upgraded github.com/huandu/xstrings v1.3.3 => v1.5.0 go: upgraded github.com/shopspring/decimal v1.2.0 => v1.4.0 go: upgraded github.com/spf13/cast v1.6.0 => v1.7.0 go: upgraded golang.org/x/crypto v0.24.0 => v0.26.0 go: upgraded golang.org/x/sync v0.7.0 => v0.8.0 go: upgraded golang.org/x/sys v0.21.0 => v0.23.0 go: upgraded golang.org/x/text v0.16.0 => v0.17.0 + go get github.com/hashicorp/consul/api@v1.29.4 go: downloading github.com/hashicorp/consul/api v1.29.4 go: downloading github.com/hashicorp/consul/proto-public v0.6.2 go: upgraded github.com/hashicorp/consul/api v1.29.1 => v1.29.4 + go get github.com/hashicorp/vault/api@v1.15.0 go: downloading github.com/hashicorp/vault/api v1.15.0 go: downloading github.com/hashicorp/vault v1.15.0 go: downloading github.com/hashicorp/go-retryablehttp v0.7.7 go: upgraded github.com/hashicorp/go-retryablehttp v0.7.6 => v0.7.7 go: upgraded github.com/hashicorp/vault/api v1.14.0 => v1.15.0 + go get github.com/miekg/dns@v1.1.62 go: downloading github.com/miekg/dns v1.1.62 go: downloading golang.org/x/net v0.27.0 go: upgraded github.com/miekg/dns v1.1.61 => v1.1.62 go: upgraded golang.org/x/net v0.26.0 => v0.27.0 + go get github.com/oschwald/maxminddb-golang@v1.13.1 go: downloading github.com/oschwald/maxminddb-golang v1.13.1 go: upgraded github.com/oschwald/maxminddb-golang v1.13.0 => v1.13.1 + go get github.com/rs/cors@v1.11.1 go: downloading github.com/rs/cors v1.11.1 go: upgraded github.com/rs/cors v1.11.0 => v1.11.1 + go get golang.org/x/crypto@v0.27.0 go: downloading golang.org/x/crypto v0.27.0 go: downloading golang.org/x/text v0.18.0 go: upgraded golang.org/x/crypto v0.26.0 => v0.27.0 go: upgraded golang.org/x/sys v0.23.0 => v0.25.0 go: upgraded golang.org/x/text v0.17.0 => v0.18.0 + go get golang.org/x/net@v0.29.0 go: downloading golang.org/x/net v0.29.0 go: upgraded golang.org/x/net v0.27.0 => v0.29.0 + go get golang.org/x/sync@v0.8.0 + go get google.golang.org/grpc@v1.66.2 go: downloading google.golang.org/grpc v1.66.2 go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20240604185151-ef581f913117 go: downloading github.com/cespare/xxhash/v2 v2.3.0 go: downloading github.com/golang/glog v1.2.1 go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20240604185151-ef581f913117 go: upgraded github.com/cespare/xxhash/v2 v2.2.0 => v2.3.0 go: upgraded google.golang.org/genproto/googleapis/api v0.0.0-20240318140521-94a12d6c2237 => v0.0.0-20240604185151-ef581f913117 go: upgraded google.golang.org/genproto/googleapis/rpc v0.0.0-20240415180920-8c6c420018be => v0.0.0-20240604185151-ef581f913117 go: upgraded google.golang.org/grpc v1.64.0 => v1.66.2 + go get github.com/go-redsync/redsync/v4@v4.13.0 go: downloading github.com/go-redsync/redsync/v4 v4.13.0 go: downloading github.com/go-redis/redis/v7 v7.4.1 go: upgraded github.com/go-redsync/redsync/v4 v4.11.0 => v4.13.0 + go get github.com/redis/go-redis/v9@v9.6.1 go: downloading github.com/redis/go-redis/v9 v9.6.1 go: upgraded github.com/redis/go-redis/v9 v9.5.3 => v9.6.1 ~~~

go mod tidy output

``` === RUN TestLint === RUN TestLint/InvalidJSON === RUN TestLint/WrongType === RUN TestLint/FieldTypo === RUN TestLint/Empty === RUN TestLint/Default === RUN TestLint/OldMonitor === RUN TestLint/NullObject === RUN TestLint/MissingPath === RUN TestLint/ExtraPort === RUN TestLint/BadHost === RUN TestLint/BadLogLevel === RUN TestLint/BadStorageType === RUN TestLint/BadPolicySource === RUN TestLint/MalformedDnsCacheEntry === RUN TestLint/BadDnsCacheTTL === RUN TestLint/ExtraDnsCacheCheckInterval === RUN TestLint/InvalidDnsCacheMultipleIPsHandleStrategy --- PASS: TestLint (0.06s) --- PASS: TestLint/InvalidJSON (0.00s) --- PASS: TestLint/WrongType (0.00s) --- PASS: TestLint/FieldTypo (0.00s) --- PASS: TestLint/Empty (0.00s) --- PASS: TestLint/Default (0.00s) --- PASS: TestLint/OldMonitor (0.00s) --- PASS: TestLint/NullObject (0.00s) --- PASS: TestLint/MissingPath (0.00s) --- PASS: TestLint/ExtraPort (0.00s) --- PASS: TestLint/BadHost (0.01s) --- PASS: TestLint/BadLogLevel (0.02s) --- PASS: TestLint/BadStorageType (0.00s) --- PASS: TestLint/BadPolicySource (0.00s) --- PASS: TestLint/MalformedDnsCacheEntry (0.00s) --- PASS: TestLint/BadDnsCacheTTL (0.00s) --- PASS: TestLint/ExtraDnsCacheCheckInterval (0.00s) --- PASS: TestLint/InvalidDnsCacheMultipleIPsHandleStrategy (0.00s) PASS ok github.com/TykTechnologies/tyk/cli/linter 0.118s === RUN TestXTykGateway_Lint --- PASS: TestXTykGateway_Lint (0.01s) PASS ok github.com/TykTechnologies/tyk/apidef/oas 0.052s ```

PR Type

enhancement, dependencies

Description

Updated multiple Go module dependencies to their latest versions in go.mod.
Corresponding updates made to go.sum to reflect new dependency versions.
Improvements in dependency management and potential security enhancements.

Changes walkthrough 📝

Relevant files

Dependencies

go.mod `Update Go module dependencies to latest versions` go.mod Updated `github.com/Masterminds/sprig/v3` from v3.2.3 to v3.3.0. Updated `github.com/hashicorp/consul/api` from v1.29.1 to v1.29.4. Updated `github.com/hashicorp/vault/api` from v1.14.0 to v1.15.0. Updated `golang.org/x/crypto` from v0.24.0 to v0.27.0.	+23/-24
go.sum `Update Go module checksums for dependency updates` go.sum Updated checksums for `github.com/Masterminds/sprig/v3` to v3.3.0. Updated checksums for `github.com/hashicorp/consul/api` to v1.29.4. Updated checksums for `github.com/hashicorp/vault/api` to v1.15.0. Updated checksums for `golang.org/x/crypto` to v0.27.0.	+52/-59

💡 PR-Agent usage: Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

github-actions[bot] commented 2 months ago

API Changes

no api changes detected

github-actions[bot] commented 2 months ago

PR Reviewer Guide 🔍

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Key issues to review

Dependency Update
The PR updates several dependencies in the `go.sum` file. It's crucial to ensure that these updates do not introduce any breaking changes or vulnerabilities. Each dependency update should be verified for compatibility and tested thoroughly. Dependency Management
The `go.mod` file has been updated to include new versions of several packages. It is important to review these changes to ensure that they are necessary and that there are no conflicts with other packages.

github-actions[bot] commented 2 months ago