Skip to content

Commit f30af49

Browse files
agneumagneum
committed
Merge branch 'nik-upgrade-etcd' into 'master'
chore(engine): explicitly set the minimal dependencies versions to avoid warnings of the security scanner See merge request postgres-ai/database-lab!466
2 parents 8ad03e0 + 5cef3a9 commit f30af49

File tree

2 files changed

+14
-233
lines changed

2 files changed

+14
-233
lines changed

engine/go.mod

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -79,3 +79,16 @@ require (
7979
google.golang.org/protobuf v1.27.1 // indirect
8080
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect
8181
)
82+
83+
// Include the single version of the dependency to clean up go.sum from old revisions.
84+
// Since old and indirect dependencies are listed in the sum file and the vulnerability scanner flags the project as containing vulnerabilities.
85+
replace (
86+
github.com/containerd/containerd => github.com/containerd/containerd v1.5.9 // mitigate CVE-2021-32760 and CVE-2020-15257
87+
github.com/coreos/etcd => github.com/coreos/etcd v3.3.27+incompatible // mitigate CVE-2020-15113 and CVE-2020-15112
88+
github.com/docker/docker => github.com/docker/docker v20.10.12+incompatible // mitigate CVE-2018-20699
89+
github.com/gogo/protobuf => github.com/gogo/protobuf v1.3.2 // mitigate CVE-2021-3121
90+
github.com/opencontainers/image-spec => github.com/opencontainers/image-spec v1.0.2 // mitigate CVE-2021-41190
91+
github.com/opencontainers/runc => github.com/opencontainers/runc v1.0.3 // mitigate CVE-2021-30465
92+
golang.org/x/crypto => golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 // mitigate CVE-2018-16875 and CVE-2020-29652
93+
k8s.io/kubernetes v1.13.0 => k8s.io/kubernetes v1.23.3 // mitigate CVE-2020-8559 and CVE-2020-8565
94+
)

0 commit comments

Comments
 (0)