Skip to content

Commit e2b9da4

Browse files
ParthaImisraved
ParthaI
and
misraved
authored
Fixed the critical vulnerability for the plugin (#262)
 Co-authored-by: Ved misra <47312748+misraved@users.noreply.github.com>
1 parent 8c62b35 commit e2b9da4

File tree

4 files changed

+175
-432
lines changed

4 files changed

+175
-432
lines changed

go.mod

Lines changed: 44 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -12,11 +12,11 @@ require (
1212
github.com/turbot/steampipe-plugin-sdk/v5 v5.10.4
1313
golang.org/x/text v0.15.0
1414
gopkg.in/yaml.v3 v3.0.1
15-
helm.sh/helm/v3 v3.10.0
16-
k8s.io/api v0.26.3
17-
k8s.io/apiextensions-apiserver v0.25.2
18-
k8s.io/apimachinery v0.26.3
19-
k8s.io/client-go v0.25.2
15+
helm.sh/helm/v3 v3.13.3
16+
k8s.io/api v0.28.4
17+
k8s.io/apiextensions-apiserver v0.28.4
18+
k8s.io/apimachinery v0.28.4
19+
k8s.io/client-go v0.28.4
2020

2121
)
2222

@@ -27,19 +27,15 @@ require (
2727
cloud.google.com/go/compute/metadata v0.3.0 // indirect
2828
cloud.google.com/go/iam v1.1.8 // indirect
2929
cloud.google.com/go/storage v1.41.0 // indirect
30+
github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect
3031
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
31-
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
32-
github.com/Azure/go-autorest/autorest v0.11.27 // indirect
33-
github.com/Azure/go-autorest/autorest/adal v0.9.20 // indirect
34-
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
35-
github.com/Azure/go-autorest/logger v0.2.1 // indirect
36-
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
37-
github.com/BurntSushi/toml v1.2.0 // indirect
32+
github.com/BurntSushi/toml v1.3.2 // indirect
3833
github.com/MakeNowJust/heredoc v1.0.0 // indirect
3934
github.com/Masterminds/goutils v1.1.1 // indirect
40-
github.com/Masterminds/semver/v3 v3.1.1 // indirect
41-
github.com/Masterminds/sprig/v3 v3.2.2 // indirect
42-
github.com/Masterminds/squirrel v1.5.3 // indirect
35+
github.com/Masterminds/semver/v3 v3.2.1 // indirect
36+
github.com/Masterminds/sprig/v3 v3.2.3 // indirect
37+
github.com/Masterminds/squirrel v1.5.4 // indirect
38+
github.com/Microsoft/hcsshim v0.11.0 // indirect
4339
github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect
4440
github.com/agext/levenshtein v1.2.3 // indirect
4541
github.com/allegro/bigcache/v3 v3.1.0 // indirect
@@ -52,14 +48,14 @@ require (
5248
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
5349
github.com/cespare/xxhash/v2 v2.3.0 // indirect
5450
github.com/chai2010/gettext-go v1.0.2 // indirect
55-
github.com/containerd/containerd v1.6.8 // indirect
56-
github.com/cyphar/filepath-securejoin v0.2.3 // indirect
51+
github.com/containerd/containerd v1.7.6 // indirect
52+
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
5753
github.com/danwakefield/fnmatch v0.0.0-20160403171240-cbb64ac3d964 // indirect
5854
github.com/davecgh/go-spew v1.1.1 // indirect
5955
github.com/dgraph-io/ristretto v0.1.1 // indirect
60-
github.com/docker/cli v20.10.18+incompatible // indirect
56+
github.com/docker/cli v24.0.6+incompatible // indirect
6157
github.com/docker/distribution v2.8.2+incompatible // indirect
62-
github.com/docker/docker v20.10.18+incompatible // indirect
58+
github.com/docker/docker v24.0.7+incompatible // indirect
6359
github.com/docker/docker-credential-helpers v0.7.0 // indirect
6460
github.com/docker/go-connections v0.4.0 // indirect
6561
github.com/docker/go-metrics v0.0.1 // indirect
@@ -68,7 +64,7 @@ require (
6864
github.com/eko/gocache/lib/v4 v4.1.6 // indirect
6965
github.com/eko/gocache/store/bigcache/v4 v4.2.1 // indirect
7066
github.com/eko/gocache/store/ristretto/v4 v4.2.1 // indirect
71-
github.com/emicklei/go-restful/v3 v3.9.0 // indirect
67+
github.com/emicklei/go-restful/v3 v3.10.1 // indirect
7268
github.com/evanphx/json-patch v5.6.0+incompatible // indirect
7369
github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect
7470
github.com/fatih/color v1.17.0 // indirect
@@ -77,21 +73,20 @@ require (
7773
github.com/gertd/go-pluralize v0.2.1 // indirect
7874
github.com/ghodss/yaml v1.0.0 // indirect
7975
github.com/go-errors/errors v1.4.2 // indirect
80-
github.com/go-gorp/gorp/v3 v3.0.2 // indirect
76+
github.com/go-gorp/gorp/v3 v3.1.0 // indirect
8177
github.com/go-logr/logr v1.4.2 // indirect
8278
github.com/go-logr/stdr v1.2.2 // indirect
83-
github.com/go-openapi/jsonpointer v0.19.5 // indirect
84-
github.com/go-openapi/jsonreference v0.20.0 // indirect
79+
github.com/go-openapi/jsonpointer v0.19.6 // indirect
80+
github.com/go-openapi/jsonreference v0.20.2 // indirect
8581
github.com/go-openapi/swag v0.22.3 // indirect
8682
github.com/gobwas/glob v0.2.3 // indirect
8783
github.com/gogo/protobuf v1.3.2 // indirect
88-
github.com/golang-jwt/jwt/v4 v4.2.0 // indirect
8984
github.com/golang/glog v1.2.1 // indirect
9085
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
9186
github.com/golang/mock v1.6.0 // indirect
9287
github.com/golang/protobuf v1.5.4 // indirect
9388
github.com/google/btree v1.1.2 // indirect
94-
github.com/google/gnostic v0.6.9 // indirect
89+
github.com/google/gnostic-models v0.6.8 // indirect
9590
github.com/google/go-cmp v0.6.0 // indirect
9691
github.com/google/gofuzz v1.2.0 // indirect
9792
github.com/google/s2a-go v0.1.7 // indirect
@@ -103,25 +98,27 @@ require (
10398
github.com/gosuri/uitable v0.0.4 // indirect
10499
github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
105100
github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect
101+
github.com/hashicorp/errwrap v1.1.0 // indirect
106102
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
107103
github.com/hashicorp/go-getter v1.7.5 // indirect
108104
github.com/hashicorp/go-hclog v1.6.3 // indirect
105+
github.com/hashicorp/go-multierror v1.1.1 // indirect
109106
github.com/hashicorp/go-plugin v1.6.1 // indirect
110107
github.com/hashicorp/go-safetemp v1.0.0 // indirect
111108
github.com/hashicorp/go-version v1.7.0 // indirect
112109
github.com/hashicorp/hcl/v2 v2.20.1 // indirect
113110
github.com/hashicorp/yamux v0.1.1 // indirect
114-
github.com/huandu/xstrings v1.3.2 // indirect
111+
github.com/huandu/xstrings v1.4.0 // indirect
115112
github.com/imdario/mergo v0.3.13 // indirect
116-
github.com/inconshreveable/mousetrap v1.0.1 // indirect
113+
github.com/inconshreveable/mousetrap v1.1.0 // indirect
117114
github.com/jmespath/go-jmespath v0.4.0 // indirect
118115
github.com/jmoiron/sqlx v1.3.5 // indirect
119116
github.com/josharian/intern v1.0.0 // indirect
120117
github.com/json-iterator/go v1.1.12 // indirect
121118
github.com/klauspost/compress v1.17.8 // indirect
122119
github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
123120
github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
124-
github.com/lib/pq v1.10.7 // indirect
121+
github.com/lib/pq v1.10.9 // indirect
125122
github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
126123
github.com/mailru/easyjson v0.7.7 // indirect
127124
github.com/mattn/go-colorable v0.1.13 // indirect
@@ -134,7 +131,7 @@ require (
134131
github.com/mitchellh/reflectwalk v1.0.2 // indirect
135132
github.com/moby/locker v1.0.1 // indirect
136133
github.com/moby/spdystream v0.2.0 // indirect
137-
github.com/moby/term v0.0.0-20220808134915-39b0c02b01ae // indirect
134+
github.com/moby/term v0.5.0 // indirect
138135
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
139136
github.com/modern-go/reflect2 v1.0.2 // indirect
140137
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
@@ -143,29 +140,29 @@ require (
143140
github.com/oklog/run v1.1.0 // indirect
144141
github.com/olekukonko/tablewriter v0.0.5 // indirect
145142
github.com/opencontainers/go-digest v1.0.0 // indirect
146-
github.com/opencontainers/image-spec v1.1.0-rc2 // indirect
143+
github.com/opencontainers/image-spec v1.1.0-rc5 // indirect
147144
github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
148145
github.com/pkg/errors v0.9.1 // indirect
149146
github.com/prometheus/client_golang v1.19.1 // indirect
150147
github.com/prometheus/client_model v0.6.1 // indirect
151148
github.com/prometheus/common v0.53.0 // indirect
152149
github.com/prometheus/procfs v0.15.0 // indirect
153150
github.com/rivo/uniseg v0.4.7 // indirect
154-
github.com/rubenv/sql-migrate v1.2.0 // indirect
155-
github.com/russross/blackfriday v1.6.0 // indirect
151+
github.com/rubenv/sql-migrate v1.5.2 // indirect
152+
github.com/russross/blackfriday/v2 v2.1.0 // indirect
156153
github.com/sethvargo/go-retry v0.2.4 // indirect
157154
github.com/shopspring/decimal v1.3.1 // indirect
158-
github.com/sirupsen/logrus v1.9.0 // indirect
155+
github.com/sirupsen/logrus v1.9.3 // indirect
159156
github.com/spf13/cast v1.5.0 // indirect
160-
github.com/spf13/cobra v1.5.0 // indirect
157+
github.com/spf13/cobra v1.7.0 // indirect
161158
github.com/spf13/pflag v1.0.5 // indirect
162159
github.com/stevenle/topsort v0.2.0 // indirect
163160
github.com/tkrajina/go-reflector v0.5.6 // indirect
164161
github.com/ulikunitz/xz v0.5.12 // indirect
165162
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
166163
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
167164
github.com/xeipuuv/gojsonschema v1.2.0 // indirect
168-
github.com/xlab/treeprint v1.1.0 // indirect
165+
github.com/xlab/treeprint v1.2.0 // indirect
169166
github.com/zclconf/go-cty v1.14.4 // indirect
170167
go.opencensus.io v0.24.0 // indirect
171168
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.52.0 // indirect
@@ -179,7 +176,7 @@ require (
179176
go.opentelemetry.io/otel/sdk/metric v1.27.0 // indirect
180177
go.opentelemetry.io/otel/trace v1.27.0 // indirect
181178
go.opentelemetry.io/proto/otlp v1.2.0 // indirect
182-
go.starlark.net v0.0.0-20220928063852-5fccb4daaf6d // indirect
179+
go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
183180
golang.org/x/crypto v0.23.0 // indirect
184181
golang.org/x/exp v0.0.0-20240525044651-4c93da0ed11d // indirect
185182
golang.org/x/mod v0.17.0 // indirect
@@ -198,17 +195,17 @@ require (
198195
google.golang.org/protobuf v1.34.1 // indirect
199196
gopkg.in/inf.v0 v0.9.1 // indirect
200197
gopkg.in/yaml.v2 v2.4.0 // indirect
201-
k8s.io/apiserver v0.25.2 // indirect
202-
k8s.io/cli-runtime v0.25.2 // indirect
203-
k8s.io/component-base v0.25.2 // indirect
204-
k8s.io/klog/v2 v2.80.1 // indirect
205-
k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
206-
k8s.io/kubectl v0.25.2 // indirect
207-
k8s.io/utils v0.0.0-20221107191617-1a15be271d1d // indirect
208-
oras.land/oras-go v1.2.0 // indirect
209-
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
210-
sigs.k8s.io/kustomize/api v0.12.1 // indirect
211-
sigs.k8s.io/kustomize/kyaml v0.13.9 // indirect
198+
k8s.io/apiserver v0.28.4 // indirect
199+
k8s.io/cli-runtime v0.28.4 // indirect
200+
k8s.io/component-base v0.28.4 // indirect
201+
k8s.io/klog/v2 v2.100.1 // indirect
202+
k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect
203+
k8s.io/kubectl v0.28.4 // indirect
204+
k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 // indirect
205+
oras.land/oras-go v1.2.4 // indirect
206+
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
207+
sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect
208+
sigs.k8s.io/kustomize/kyaml v0.14.3-0.20230601165947-6ce0bf390ce3 // indirect
212209
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
213210
sigs.k8s.io/yaml v1.3.0 // indirect
214211
)

0 commit comments

Comments
 (0)