search

xmidt-org / codex-db

The database helper functions.
Apache License 2.0
0 stars 6 forks source link

Bump github.com/xmidt-org/webpa-common/v2 from 2.0.7 to 2.2.2 #65

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 1 year ago

Bumps github.com/xmidt-org/webpa-common/v2 from 2.0.7 to 2.2.2.

Release notes

Sourced from github.com/xmidt-org/webpa-common/v2's releases.

v2.2.2

Changelog

Other Work

  • 0d8c0be19b8fe8bc489667102dddc3969dd4b4fc: Bump github.com/aws/aws-sdk-go from 1.44.298 to 1.44.300 (#940) (@​dependabot[bot])
  • 7a6d689ceaaccc80dd66116f4bf26943065b16d9: Bump github.com/aws/aws-sdk-go from 1.44.300 to 1.44.301 (#941) (@​dependabot[bot])
  • 1545a7184e622544981f80ff6ab2f82fccb966f6: Bump github.com/aws/aws-sdk-go from 1.44.301 to 1.44.304 (#943) (@​dependabot[bot])
  • badf839227c000627b591de861eda811519ca1c2: Bump github.com/aws/aws-sdk-go from 1.44.304 to 1.44.305 (#945) (@​dependabot[bot])
  • 0f470e50ee7e26a4aceeb986f168af28979ac3f0: Bump github.com/aws/aws-sdk-go from 1.44.305 to 1.44.306 (#946) (@​dependabot[bot])
  • d6661a20e28f433115cac930bd266836262933b2: Bump github.com/aws/aws-sdk-go from 1.44.306 to 1.44.307 (#947) (@​dependabot[bot])
  • 51e3576d9a70a9705950379cbc2ca2f01f59c074: Bump github.com/aws/aws-sdk-go from 1.44.307 to 1.44.308 (#948) (@​dependabot[bot])
  • eee580416b0e91ece686524f3e7f2e87bb6bb421: Bump github.com/aws/aws-sdk-go from 1.44.308 to 1.44.309 (#949) (@​dependabot[bot])
  • 633e4ed5708c78b556f898454e53bb390eeb91af: Bump github.com/aws/aws-sdk-go from 1.44.309 to 1.44.312 (#951) (@​dependabot[bot])
  • 687bef48f746c731cdd5a21e612f40ce3df78141: Bump github.com/aws/aws-sdk-go from 1.44.312 to 1.44.313 (#952) (@​dependabot[bot])
  • 58cc16b0d174ead0e5fdd4535fefef0224c1b5a8: Bump github.com/aws/aws-sdk-go from 1.44.313 to 1.44.314 (#954) (@​dependabot[bot])
  • e986f507d8fc7f9c843981fe595eea680e6b51f0: Bump github.com/aws/aws-sdk-go from 1.44.314 to 1.44.316 (#956) (@​dependabot[bot])
  • a6029dd2add8338988e48431d9739e7e35c47d15: Bump github.com/aws/aws-sdk-go from 1.44.316 to 1.44.317 (#957) (@​dependabot[bot])
  • 4f3a26dad12cbdc59f8566171f92d58638a0f2c8: Bump github.com/hashicorp/consul/api from 1.22.0 to 1.23.0 (#944) (@​dependabot[bot])
  • a5c0e7572158576df03271711868727890d3aa06: Bump github.com/hashicorp/consul/api from 1.23.0 to 1.24.0 (#958) (@​dependabot[bot])
  • a091fe76100e1f18a8606941200cd8006b19d2a3: Bump go.uber.org/zap from 1.24.0 to 1.25.0 (#953) (@​dependabot[bot])

v2.2.1

Changelog

Other Work

  • 67152463736a7238cfaf61e5119f15eaea88d28e: Bump github.com/aws/aws-sdk-go from 1.44.282 to 1.44.283 (#919) (@​dependabot[bot])
  • 56ca22e65cc032a5c951654f4935c6876449b09f: Bump github.com/aws/aws-sdk-go from 1.44.283 to 1.44.284 (#920) (@​dependabot[bot])
  • 932718bafe6a984c509ba4d51998517f3eb1aab0: Bump github.com/aws/aws-sdk-go from 1.44.284 to 1.44.285 (#923) (@​dependabot[bot])
  • 0caa37308ab5c9f58c9aec3fc90ed36aba484a03: Bump github.com/aws/aws-sdk-go from 1.44.285 to 1.44.286 (#924) (@​dependabot[bot])
  • 288ac7039709cfea5853a1b4706d152defa605a2: Bump github.com/aws/aws-sdk-go from 1.44.286 to 1.44.287 (#926) (@​dependabot[bot])
  • 2a9512d84ddec048b15b2315c04ec5a4fc2f72ae: Bump github.com/aws/aws-sdk-go from 1.44.287 to 1.44.288 (#927) (@​dependabot[bot])
  • 12463528d5ef479493c27fc0e38cce70431571e9: Bump github.com/aws/aws-sdk-go from 1.44.288 to 1.44.289 (#928) (@​dependabot[bot])
  • 8de81738a08881dd0837009ee6915871740221a8: Bump github.com/aws/aws-sdk-go from 1.44.289 to 1.44.290 (#930) (@​dependabot[bot])
  • cca089e1e9eb5b5883e62504d9a0eacac294c0bb: Bump github.com/aws/aws-sdk-go from 1.44.290 to 1.44.291 (#931) (@​dependabot[bot])
  • 04f661eea6c7ac4007d7c36f1a5ff67c5460507a: Bump github.com/aws/aws-sdk-go from 1.44.291 to 1.44.292 (#932) (@​dependabot[bot])
  • 61b7dcd7565b68cfcf5907e6903d44f649129ddb: Bump github.com/aws/aws-sdk-go from 1.44.292 to 1.44.293 (#933) (@​dependabot[bot])
  • 51b8452cadecb79aa77cae2776fd026bf1fe4c9d: Bump github.com/aws/aws-sdk-go from 1.44.293 to 1.44.294 (#934) (@​dependabot[bot])
  • 64747ac0f8eb1febb3219bf05f595bdf26d07290: Bump github.com/aws/aws-sdk-go from 1.44.294 to 1.44.296 (#936) (@​dependabot[bot])
  • f659020bcde5d4e40a43ace5db31a1eb88258381: Bump github.com/aws/aws-sdk-go from 1.44.296 to 1.44.298 (#938) (@​dependabot[bot])
  • d3f7f441e9c7b81b4eccc6403024dea9eb87b904: Bump github.com/hashicorp/consul/api from 1.21.0 to 1.22.0 (#929) (@​dependabot[bot])
  • 55fa0f68452b2f43d186286a73d0de05c2557d16: Bump github.com/miekg/dns from 1.1.54 to 1.1.55 (#921) (@​dependabot[bot])
  • 1956094ae80b2ddcc27efa49441db32644b53b04: Bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 (#918) (@​dependabot[bot])

v2.1.4

Changelog

Other Work

  • 1e6498b62defc90e4faffedbb0b208432d73f25c: Bump github.com/aws/aws-sdk-go from 1.44.277 to 1.44.279 (#911) (@​dependabot[bot])
  • faf4ed6a07bbe8d68b3ef14501898ee01577c4ff: Bump github.com/aws/aws-sdk-go from 1.44.279 to 1.44.281 (#913) (@​dependabot[bot])
  • 69590fd1f6e116da06d50f790a201ecf96dd91a7: Bump github.com/aws/aws-sdk-go from 1.44.281 to 1.44.282 (#915) (@​dependabot[bot])
  • b5f4dee87698f4870ae945b2d644d4c124a63b15: Bump go.uber.org/fx from 1.19.3 to 1.20.0 (#914) (@​dependabot[bot])
  • 26089fef0d7c5c45d901925d3ba80d625a891af8: added a metric for prometheus gauge (@​maurafortino)
  • 389feaf372b723167b1f25c2ea1fe0ee184a3a5f: added prometheus gauges to registry interface (@​maurafortino)

... (truncated)

Changelog

Sourced from github.com/xmidt-org/webpa-common/v2's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

[Unreleased]

[v2.1.1]

  • Removed gokit/logger and replaced with zap.logger as part of the webpa-common deprecation for scytale, caduceus, and talaria (xmidt-org/webpa-common#655)

[v2.1.0]

Commits
  • 36ecf9d Merge pull request #960 from xmidt-org/denopink/patch/pprof
  • c06c579 chore: patch pprof
  • a5c0e75 Bump github.com/hashicorp/consul/api from 1.23.0 to 1.24.0 (#958)
  • a6029dd Bump github.com/aws/aws-sdk-go from 1.44.316 to 1.44.317 (#957)
  • e986f50 Bump github.com/aws/aws-sdk-go from 1.44.314 to 1.44.316 (#956)
  • a091fe7 Bump go.uber.org/zap from 1.24.0 to 1.25.0 (#953)
  • 58cc16b Bump github.com/aws/aws-sdk-go from 1.44.313 to 1.44.314 (#954)
  • 687bef4 Bump github.com/aws/aws-sdk-go from 1.44.312 to 1.44.313 (#952)
  • 633e4ed Bump github.com/aws/aws-sdk-go from 1.44.309 to 1.44.312 (#951)
  • eee5804 Bump github.com/aws/aws-sdk-go from 1.44.308 to 1.44.309 (#949)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
guardrails[bot] commented 1 year ago

:warning: We detected 76 security issues in this pull request:

Vulnerable Libraries (76)
Severity | Details :-: | :-- Medium | [pkg:golang/github.com/hashicorp/consul/api@v1.12.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L449) - **no patch available** N/A | [pkg:golang/golang.org/x/net@v0.0.0-20210428140749-89ef3d95e781](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1218) upgrade to: *0.7.0* N/A | [pkg:golang/golang.org/x/net@v0.0.0-20210525063256-abc453219eb5](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1220) upgrade to: *1.16.12,1.17.5,0.0.0-20211209124913-491a49abca63* N/A | [pkg:golang/golang.org/x/text@0.3.7](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.mod#L53) upgrade to: *0.3.8* High | [pkg:golang/gopkg.in/yaml.v2@v2.4.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.mod#L58) - **no patch available** Critical | [pkg:golang/github.com/jinzhu/gorm@v1.9.16](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L557) - **no patch available** Medium | [pkg:golang/github.com/yuin/goldmark@v1.1.32](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1003) - **no patch available** Critical | [pkg:golang/github.com/gogo/protobuf@v1.3.2](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L314) - **no patch available** High | [pkg:golang/github.com/hashicorp/consul/api@v1.7.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L447) - **no patch available** High | [pkg:golang/github.com/prometheus/client_golang@v1.4.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L789) upgrade to: *1.11.1* High | [pkg:golang/github.com/gorilla/websocket@v1.5.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L431) - **no patch available** High | [pkg:golang/github.com/hashicorp/consul/sdk@v0.3.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L452) - **no patch available** N/A | [pkg:golang/github.com/aws/aws-sdk-go@v1.40.45](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L126) - **no patch available** N/A | [pkg:golang/golang.org/x/sys@v0.0.0-20190801041406-cbf593c0f2f3](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1294) upgrade to: *1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad* N/A | [pkg:golang/github.com/apache/thrift@v0.12.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L108) upgrade to: *0.13.0* N/A | [pkg:golang/golang.org/x/sys@v0.0.0-20191204072324-ce4227a45e2e](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1304) upgrade to: *1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad* High | [pkg:golang/github.com/miekg/dns@v1.1.26](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L658) - **no patch available** N/A | [pkg:golang/github.com/aws/aws-sdk-go@v1.44.83](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L127) - **no patch available** High | [pkg:golang/github.com/hashicorp/consul/api@v1.1.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L310) - **no patch available** N/A | [pkg:golang/golang.org/x/sys@v0.0.0-20190726091711-fc99dfbffb4e](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1293) upgrade to: *1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad* Medium | [pkg:golang/github.com/gorilla/sessions@v1.2.1](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L427) - **no patch available** High | [pkg:golang/github.com/hashicorp/consul/sdk@v0.1.1](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L451) - **no patch available** High | [pkg:golang/github.com/hashicorp/consul/sdk@v0.4.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L453) - **no patch available** N/A | [pkg:golang/k8s.io/apimachinery@v0.0.0-20180821005732-488889b0007f](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1727) upgrade to: *0.0.0-20190927203648-9ce6eca90e73* N/A | [pkg:golang/golang.org/x/sys@v0.0.0-20190904154756-749cb33beabd](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1296) upgrade to: *1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad* High | [pkg:golang/github.com/hashicorp/vault/sdk@v0.1.13](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L532) - **no patch available** N/A | [pkg:golang/golang.org/x/sys@v0.0.0-20190523142557-0e01d883c5c5](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1290) upgrade to: *1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad* N/A | [pkg:golang/golang.org/x/sys@v0.0.0-20191120155948-bd437916bb0e](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1303) upgrade to: *1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad* High | [pkg:golang/github.com/hashicorp/consul/sdk@v0.6.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L454) - **no patch available** High | [pkg:golang/github.com/gorilla/websocket@v1.4.2](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L430) - **no patch available** High | [pkg:golang/github.com/hashicorp/vault/api@v1.0.4](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L531) - **no patch available** N/A | [pkg:golang/golang.org/x/sys@v0.0.0-20191026070338-33540a1f6037](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1302) upgrade to: *1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad* High | [pkg:golang/gopkg.in/yaml.v2@v2.4.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1709) - **no patch available** N/A | [pkg:golang/k8s.io/apimachinery@v0.0.0-20190223001710-c182ff3b9841](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1728) upgrade to: *0.0.0-20190927203648-9ce6eca90e73* N/A | [pkg:golang/golang.org/x/sys@v0.0.0-20181026203630-95b1ffbd15a5](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1274) upgrade to: *1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad* High | [pkg:golang/github.com/hashicorp/consul/api@v1.3.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L445) - **no patch available** N/A | [pkg:golang/golang.org/x/sys@v0.0.0-20190922100055-0a153f010e69](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1297) upgrade to: *1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad* N/A | [pkg:golang/golang.org/x/sys@v0.0.0-20180909124046-d0be0721c37e](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1273) upgrade to: *1.17.10,1.18.2,0.0.0-20220412211240-33da011f77ad* High | [pkg:golang/github.com/hashicorp/consul/api@v1.14.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L450) - **no patch available** N/A | [pkg:golang/github.com/hashicorp/consul/api@v1.4.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L446) - **no patch available** N/A | [pkg:golang/golang.org/x/text@v0.3.7](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.mod#L53) upgrade to: *0.3.8* Medium | [pkg:golang/gopkg.in/yaml.v2@v2.0.0-20170812160011-eb3733d160e7](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1701) upgrade to: *2.2.8* Medium | [pkg:golang/github.com/hashicorp/consul/sdk@v0.10.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L456) - **no patch available** N/A | [pkg:golang/github.com/gogo/protobuf@v1.1.1](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L311) upgrade to: *1.3.2* N/A | [pkg:golang/gopkg.in/yaml.v2@v2.2.3](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1704) upgrade to: *2.2.8* N/A | [pkg:golang/github.com/gogo/protobuf@v1.2.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L312) upgrade to: *1.3.2* Medium | [pkg:golang/github.com/hashicorp/consul/api@v1.10.1](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L448) - **no patch available** Critical | [pkg:golang/github.com/influxdata/influxdb@v1.7.7](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L544) - **no patch available** Medium | [pkg:golang/gopkg.in/yaml.v2@v2.2.4](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1705) upgrade to: *2.2.8* N/A | [pkg:golang/golang.org/x/text@v0.3.4](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1390) upgrade to: *0.3.7* High | [pkg:golang/github.com/gorilla/websocket@v0.0.0-20170926233335-4201258b820c](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L428) upgrade to: *1.4.1* N/A | [pkg:golang/github.com/gorilla/websocket@v1.4.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L429) upgrade to: *1.4.1* High | [pkg:golang/golang.org/x/net@v0.0.0-20210316092652-d523dce5a7f4](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1215) - **no patch available** High | [pkg:golang/github.com/hashicorp/consul/sdk@v0.8.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L455) - **no patch available** N/A | [pkg:golang/golang.org/x/net@v0.0.0-20210503060351-7fd8e65b6420](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1219) upgrade to: *1.16.12,1.17.5,0.0.0-20211209124913-491a49abca63* N/A | [pkg:golang/github.com/miekg/dns@v1.0.14](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L657) upgrade to: *1.1.25-0.20191211073109-8ebf2e419df7* N/A | [pkg:golang/golang.org/x/net@v0.0.0-20220425223048-2871e0cb64e4](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1230) upgrade to: *1.18.6,1.19.1,0.0.0-20220906165146-f3363e06e74c* High | [pkg:golang/golang.org/x/crypto@v0.0.0-20210920023735-84f357641f63](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1120) upgrade to: *0.0.0-20211202192323-5770296d904e* N/A | [pkg:golang/github.com/aws/aws-sdk-go@v1.25.41](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L123) upgrade to: *1.34.0,1.34.0* N/A | [pkg:golang/github.com/gogo/protobuf@v1.2.1](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L313) upgrade to: *1.3.2* N/A | [pkg:golang/github.com/dgrijalva/jwt-go@v3.2.0+incompatible](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L209) upgrade to: *4.0.0-preview1* High | [pkg:golang/golang.org/x/net@v0.0.0-20181114220301-adae6a3d119a](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1174) upgrade to: *0.0.0-20190125002852-4b62a64f59f7,0.0.0-20190125002852-4b62a64f59f7* Medium | [pkg:golang/golang.org/x/crypto@v0.0.0-20210421170649-83a5a9bb288b](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1117) - **no patch available** N/A | [pkg:golang/golang.org/x/net@v0.0.0-20201209123823-ac852fbbde11](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1211) upgrade to: *1.15.12,1.16.4,0.0.0-20210428140749-89ef3d95e781* N/A | [pkg:golang/golang.org/x/net@v0.0.0-20220412020605-290c469a71a5](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1229) upgrade to: *1.18.9,1.19.4,0.4.0* N/A | [pkg:golang/golang.org/x/net@v0.0.0-20181220203305-927f97764cc3](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1176) upgrade to: *1.11.13,1.12.8,0.0.0-20190813141303-74dc4d7220e7* N/A | [pkg:golang/github.com/coredns/coredns@v1.1.2](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L185) upgrade to: *1.6.6* Low | [pkg:golang/github.com/aws/aws-sdk-go@v1.31.6](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L125) upgrade to: *1.34.0* Low | [pkg:golang/github.com/aws/aws-sdk-go@v1.8.12](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L122) upgrade to: *1.34.0* N/A | [pkg:golang/gopkg.in/yaml.v2@v2.2.5](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1706) upgrade to: *2.2.8* Medium | [pkg:golang/github.com/nats-io/nats-server/v2@v2.5.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L105) upgrade to: *2.7.4,0.24.3* N/A | [pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L1206) upgrade to: *1.18.9,1.19.4,0.4.0* Medium | [pkg:golang/github.com/hashicorp/consul@v1.4.2](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L442) upgrade to: *1.11.9,1.12.5,1.13.2* Medium | [pkg:golang/github.com/hashicorp/consul@v1.7.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L443) upgrade to: *1.10.2,1.9.9,1.8.15* Low | [pkg:golang/github.com/aws/aws-sdk-go@v1.27.0](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L124) upgrade to: *1.34.0* N/A | [pkg:golang/github.com/nats-io/nats-server/v2@v2.1.2](https://github.com/xmidt-org/codex-db/blob/378a509b5bff77c6554393b29f8ce1c28f5afd1b/go.sum#L153) upgrade to: *2.7.2,0.24.1* More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

dependabot[bot] commented 10 months ago

Superseded by #71.