Bump prometheus/client_golang from v1.7.1 to v1.12.1

improbable-eng / grpc-web

gRPC Web implementation for Golang and TypeScript

Apache License 2.0

4.39k stars 436 forks source link

Bump prometheus/client_golang from v1.7.1 to v1.12.1 #1090

Closed a-krause closed 2 years ago

a-krause commented 2 years ago

Changes

Bump prometheus/client_golang from v1.7.1 to v1.12.1 which fixes CVE-2022-21698. Also generated updated integration test go proto file and ran go mod tidy to clean up dependencies.

Verification

Verified local tests show no errors.

johanbrandhorst commented 2 years ago

Nice, thanks for this, I'll wrangle the tests