From aabe8d3321750e226103100f9aeb3586c622561f Mon Sep 17 00:00:00 2001 From: Anthony Beaver Date: Tue, 21 Jan 2025 13:48:47 -0800 Subject: [PATCH] fix vulns (#284) * snyk fix test * version update --- .snyk | 4 ++-- charts/metrics-agent/Chart.yaml | 4 ++-- charts/metrics-agent/values.yaml | 2 +- go.mod | 2 +- go.sum | 7 ++----- version/version.go | 2 +- 6 files changed, 9 insertions(+), 12 deletions(-) diff --git a/.snyk b/.snyk index 98c5cf7..fc20e91 100644 --- a/.snyk +++ b/.snyk @@ -33,7 +33,7 @@ ignore: SNYK-GOLANG-GOLANGORGXIMAGETIFF-7268348: - '*': reason: No fix available yet - expires: 2025-01-11T00:00:00.000Z + expires: 2025-03-01T00:00:00.000Z created: 2024-07-11T23:07:11.176Z SNYK-GOLANG-K8SIOCLIENTGOTRANSPORT-7538822: - '*': @@ -76,6 +76,6 @@ ignore: reason: >- Ignoring vulnerability for 30 days as newer versions of k8s.io contain several critical vulnerabilities and are still in alpha - expires: 2025-01-01T00:00:00.000Z + expires: 2025-03-01T00:00:00.000Z created: 2024-11-13T23:30:00.999Z patch: {} diff --git a/charts/metrics-agent/Chart.yaml b/charts/metrics-agent/Chart.yaml index b982d0a..8fdfb73 100644 --- a/charts/metrics-agent/Chart.yaml +++ b/charts/metrics-agent/Chart.yaml @@ -14,8 +14,8 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 2.11.36 +version: 2.11.37 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. -appVersion: 2.11.36 \ No newline at end of file +appVersion: 2.11.37 \ No newline at end of file diff --git a/charts/metrics-agent/values.yaml b/charts/metrics-agent/values.yaml index 5d5450f..708d8d8 100644 --- a/charts/metrics-agent/values.yaml +++ b/charts/metrics-agent/values.yaml @@ -24,7 +24,7 @@ pollInterval: 180 image: name: cloudability/metrics-agent - tag: 2.11.36 + tag: 2.11.37 pullPolicy: Always imagePullSecrets: [] diff --git a/go.mod b/go.mod index 58d0b2b..b616293 100644 --- a/go.mod +++ b/go.mod @@ -94,7 +94,7 @@ replace ( github.com/opencontainers/runc => github.com/opencontainers/runc v1.1.14 golang.org/x/crypto => golang.org/x/crypto v0.31.0 golang.org/x/image => golang.org/x/image v0.10.0 - golang.org/x/net => golang.org/x/net v0.23.0 + golang.org/x/net => golang.org/x/net v0.33.0 google.golang.org/grpc => google.golang.org/grpc v1.56.3 google.golang.org/protobuf => google.golang.org/protobuf v1.33.0 ) diff --git a/go.sum b/go.sum index 9892573..02d9b78 100644 --- a/go.sum +++ b/go.sum @@ -1051,8 +1051,8 @@ golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1178,12 +1178,10 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1202,7 +1200,6 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= diff --git a/version/version.go b/version/version.go index 0df8b9b..2fbc28b 100644 --- a/version/version.go +++ b/version/version.go @@ -1,4 +1,4 @@ package version // VERSION is the current version of the agent -var VERSION = "2.11.36" +var VERSION = "2.11.37"