search

spf13 / viper

Go configuration with fangs
MIT License
26.27k stars 2k forks source link

go-difflib library v1.0.0 reached End Of Life #1877

Open vlbarou opened 2 days ago

vlbarou commented 2 days ago

Preflight Checklist

Viper Version

1.19.0

Go Version

1.22.4

Config Source

Defaults

Format

No response

Repl.it link

No response

Code reproducing the issue

No response

Expected Behavior

Latest version depends on EOL library go.mod: github.com/pmezard/go-difflib v1.0.0, which raises security concerns

Actual Behavior

An easy way to check, is to download the master branch and do a grep -r go-difflib. The output is the following:

go.mod: github.com/pmezard/go-difflib v1.0.0 // indirect
go.sum:github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
go.sum:github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
remote/go.sum:github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
remote/go.sum:github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
remote/go.sum:github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=

Steps To Reproduce

No response

Additional Information

No response

github-actions[bot] commented 2 days ago

👋 Thanks for reporting!

A maintainer will take a look at your issue shortly. 👀

In the meantime: We are working on Viper v2 and we would love to hear your thoughts about what you like or don't like about Viper, so we can improve or fix those issues.

⏰ If you have a couple minutes, please take some time and share your thoughts: https://forms.gle/R6faU74qPRPAzchZ9

📣 If you've already given us your feedback, you can still help by spreading the news, either by sharing the above link or telling people about this on Twitter:

https://twitter.com/sagikazarmark/status/1306904078967074816

Thank you! ❤️