-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: upgrade opa to address vulns [IAC-2960]
- Loading branch information
1 parent
c8028e7
commit f67a886
Showing
3 changed files
with
263 additions
and
1,802 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,103 +1,112 @@ | ||
module opa | ||
|
||
go 1.18 | ||
go 1.21 | ||
|
||
toolchain go1.21.1 | ||
|
||
require ( | ||
github.com/open-policy-agent/opa v0.48.0 | ||
github.com/snyk/snyk-iac-parsers v0.0.0-00010101000000-000000000000 | ||
github.com/open-policy-agent/opa v0.64.1 | ||
github.com/snyk/snyk-iac-parsers v1.2.3 | ||
) | ||
|
||
require ( | ||
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect | ||
github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect | ||
github.com/Microsoft/hcsshim v0.12.3 // indirect | ||
github.com/OneOfOne/xxhash v1.2.8 // indirect | ||
github.com/agext/levenshtein v1.2.3 // indirect | ||
github.com/agnivade/levenshtein v1.1.1 // indirect | ||
github.com/apparentlymart/go-textseg/v12 v12.0.0 // indirect | ||
github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect | ||
github.com/beorn7/perks v1.0.1 // indirect | ||
github.com/bytecodealliance/wasmtime-go v1.0.0 // indirect | ||
github.com/bytecodealliance/wasmtime-go/v3 v3.0.2 // indirect | ||
github.com/cenkalti/backoff/v4 v4.2.0 // indirect | ||
github.com/cenkalti/backoff/v4 v4.3.0 // indirect | ||
github.com/cespare/xxhash v1.1.0 // indirect | ||
github.com/cespare/xxhash/v2 v2.2.0 // indirect | ||
github.com/containerd/containerd v1.6.19 // indirect | ||
github.com/cespare/xxhash/v2 v2.3.0 // indirect | ||
github.com/containerd/containerd v1.7.17 // indirect | ||
github.com/containerd/log v0.1.0 // indirect | ||
github.com/dgraph-io/badger/v3 v3.2103.5 // indirect | ||
github.com/dgraph-io/ristretto v0.1.1 // indirect | ||
github.com/docker/cli v20.10.21+incompatible // indirect | ||
github.com/docker/distribution v2.8.1+incompatible // indirect | ||
github.com/docker/docker v20.10.21+incompatible // indirect | ||
github.com/docker/docker-credential-helpers v0.7.0 // indirect | ||
github.com/docker/go-connections v0.4.0 // indirect | ||
github.com/docker/go-metrics v0.0.1 // indirect | ||
github.com/docker/go-units v0.4.0 // indirect | ||
github.com/dustin/go-humanize v1.0.0 // indirect | ||
github.com/felixge/httpsnoop v1.0.3 // indirect | ||
github.com/fsnotify/fsnotify v1.6.0 // indirect | ||
github.com/dustin/go-humanize v1.0.1 // indirect | ||
github.com/felixge/httpsnoop v1.0.4 // indirect | ||
github.com/fsnotify/fsnotify v1.7.0 // indirect | ||
github.com/ghodss/yaml v1.0.0 // indirect | ||
github.com/go-ini/ini v1.67.0 // indirect | ||
github.com/go-logr/logr v1.2.3 // indirect | ||
github.com/go-logr/logr v1.4.1 // indirect | ||
github.com/go-logr/stdr v1.2.2 // indirect | ||
github.com/gobwas/glob v0.2.3 // indirect | ||
github.com/gogo/protobuf v1.3.2 // indirect | ||
github.com/golang/glog v1.0.0 // indirect | ||
github.com/golang/glog v1.2.1 // indirect | ||
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect | ||
github.com/golang/protobuf v1.5.3 // indirect | ||
github.com/golang/protobuf v1.5.4 // indirect | ||
github.com/golang/snappy v0.0.4 // indirect | ||
github.com/google/flatbuffers v1.12.1 // indirect | ||
github.com/gorilla/mux v1.8.0 // indirect | ||
github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect | ||
github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 // indirect | ||
github.com/hashicorp/hcl/v2 v2.6.0 // indirect | ||
github.com/inconshreveable/mousetrap v1.0.1 // indirect | ||
github.com/klauspost/compress v1.13.6 // indirect | ||
github.com/mattn/go-runewidth v0.0.9 // indirect | ||
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect | ||
github.com/google/flatbuffers v24.3.25+incompatible // indirect | ||
github.com/google/uuid v1.6.0 // indirect | ||
github.com/gorilla/mux v1.8.1 // indirect | ||
github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect | ||
github.com/hashicorp/hcl v1.0.0 // indirect | ||
github.com/hashicorp/hcl/v2 v2.20.1 // indirect | ||
github.com/inconshreveable/mousetrap v1.1.0 // indirect | ||
github.com/klauspost/compress v1.17.8 // indirect | ||
github.com/magiconair/properties v1.8.7 // indirect | ||
github.com/mattn/go-runewidth v0.0.15 // indirect | ||
github.com/mitchellh/go-wordwrap v1.0.1 // indirect | ||
github.com/mitchellh/mapstructure v1.5.0 // indirect | ||
github.com/moby/locker v1.0.1 // indirect | ||
github.com/moby/term v0.0.0-20221205130635-1aeaba878587 // indirect | ||
github.com/morikuni/aec v1.0.0 // indirect | ||
github.com/olekukonko/tablewriter v0.0.5 // indirect | ||
github.com/opencontainers/go-digest v1.0.0 // indirect | ||
github.com/opencontainers/image-spec v1.1.0-rc2 // indirect | ||
github.com/opencontainers/image-spec v1.1.0 // indirect | ||
github.com/pelletier/go-toml/v2 v2.2.2 // indirect | ||
github.com/peterh/liner v1.2.2 // indirect | ||
github.com/pkg/errors v0.9.1 // indirect | ||
github.com/prometheus/client_golang v1.14.0 // indirect | ||
github.com/prometheus/client_model v0.3.0 // indirect | ||
github.com/prometheus/common v0.37.0 // indirect | ||
github.com/prometheus/procfs v0.8.0 // indirect | ||
github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0 // indirect | ||
github.com/sirupsen/logrus v1.9.0 // indirect | ||
github.com/spf13/cobra v1.6.1 // indirect | ||
github.com/prometheus/client_golang v1.19.1 // indirect | ||
github.com/prometheus/client_model v0.6.1 // indirect | ||
github.com/prometheus/common v0.53.0 // indirect | ||
github.com/prometheus/procfs v0.15.0 // indirect | ||
github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect | ||
github.com/rivo/uniseg v0.2.0 // indirect | ||
github.com/sagikazarmark/locafero v0.4.0 // indirect | ||
github.com/sagikazarmark/slog-shim v0.1.0 // indirect | ||
github.com/sergi/go-diff v1.3.1 // indirect | ||
github.com/sirupsen/logrus v1.9.3 // indirect | ||
github.com/sourcegraph/conc v0.3.0 // indirect | ||
github.com/spf13/afero v1.11.0 // indirect | ||
github.com/spf13/cast v1.6.0 // indirect | ||
github.com/spf13/cobra v1.8.0 // indirect | ||
github.com/spf13/pflag v1.0.5 // indirect | ||
github.com/spf13/viper v1.18.2 // indirect | ||
github.com/subosito/gotenv v1.6.0 // indirect | ||
github.com/tchap/go-patricia/v2 v2.3.1 // indirect | ||
github.com/tmccombs/hcl2json v0.3.1 // indirect | ||
github.com/vektah/gqlparser/v2 v2.4.6 // indirect | ||
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect | ||
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect | ||
github.com/yashtewari/glob-intersection v0.1.0 // indirect | ||
github.com/zclconf/go-cty v1.6.1 // indirect | ||
go.opencensus.io v0.23.0 // indirect | ||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.37.0 // indirect | ||
go.opentelemetry.io/otel v1.14.0 // indirect | ||
go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.14.0 // indirect | ||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.14.0 // indirect | ||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.14.0 // indirect | ||
go.opentelemetry.io/otel/internal/metric v0.26.0 // indirect | ||
go.opentelemetry.io/otel/metric v0.34.0 // indirect | ||
go.opentelemetry.io/otel/sdk v1.14.0 // indirect | ||
go.opentelemetry.io/otel/trace v1.14.0 // indirect | ||
go.opentelemetry.io/proto/otlp v0.19.0 // indirect | ||
go.uber.org/automaxprocs v1.5.1 // indirect | ||
golang.org/x/net v0.8.0 // indirect | ||
golang.org/x/sync v0.1.0 // indirect | ||
golang.org/x/sys v0.6.0 // indirect | ||
golang.org/x/text v0.8.0 // indirect | ||
golang.org/x/time v0.3.0 // indirect | ||
google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f // indirect | ||
google.golang.org/grpc v1.53.0 // indirect | ||
google.golang.org/protobuf v1.28.1 // indirect | ||
github.com/yashtewari/glob-intersection v0.2.0 // indirect | ||
github.com/zclconf/go-cty v1.14.4 // indirect | ||
go.opencensus.io v0.24.0 // indirect | ||
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 // indirect | ||
go.opentelemetry.io/otel v1.26.0 // indirect | ||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.26.0 // indirect | ||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.26.0 // indirect | ||
go.opentelemetry.io/otel/metric v1.26.0 // indirect | ||
go.opentelemetry.io/otel/sdk v1.26.0 // indirect | ||
go.opentelemetry.io/otel/trace v1.26.0 // indirect | ||
go.opentelemetry.io/proto/otlp v1.2.0 // indirect | ||
go.uber.org/automaxprocs v1.5.3 // indirect | ||
go.uber.org/multierr v1.11.0 // indirect | ||
golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 // indirect | ||
golang.org/x/mod v0.17.0 // indirect | ||
golang.org/x/net v0.25.0 // indirect | ||
golang.org/x/sync v0.7.0 // indirect | ||
golang.org/x/sys v0.20.0 // indirect | ||
golang.org/x/text v0.15.0 // indirect | ||
golang.org/x/time v0.5.0 // indirect | ||
golang.org/x/tools v0.21.0 // indirect | ||
google.golang.org/genproto/googleapis/api v0.0.0-20240515191416-fc5f0ca64291 // indirect | ||
google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 // indirect | ||
google.golang.org/grpc v1.64.0 // indirect | ||
google.golang.org/protobuf v1.34.1 // indirect | ||
gopkg.in/ini.v1 v1.67.0 // indirect | ||
gopkg.in/yaml.v2 v2.4.0 // indirect | ||
oras.land/oras-go v1.2.2 // indirect | ||
oras.land/oras-go/v2 v2.0.0 // indirect | ||
gopkg.in/yaml.v3 v3.0.1 // indirect | ||
oras.land/oras-go/v2 v2.5.0 // indirect | ||
sigs.k8s.io/yaml v1.4.0 // indirect | ||
) | ||
|
||
replace github.com/snyk/snyk-iac-parsers => ../../ |
Oops, something went wrong.