fleet/go.mod

330 lines
16 KiB
Modula-2
Raw Normal View History

2021-06-26 04:46:51 +00:00
module github.com/fleetdm/fleet/v4
go 1.21
require (
2023-11-02 02:11:35 +00:00
cloud.google.com/go/pubsub v1.33.0
Fix Fleet Desktop bugs on Windows (#16402) #15821 This PR is adding two improvements and fixing two Windows bugs in Fleet Desktop: ## Improvement - We are now capturing the stderr of Fleet Desktop. This helped me find bug (1) below (otherwise the panic output below was hidden from us). - To reduce complexity I'm removing the "Theme detection" routine because we made the decision to use the colored icon for both themes..., see here: https://github.com/fleetdm/fleet/blob/415d1f493b91d9f40d87b968ce95cfc01e810e56/orbit/cmd/desktop/desktop_windows.go#L21-L27 ## Bug fixes 1. Fleet Desktop icon not showing in the task bar. This was fixed by updating to use the latest version of `fyne.io/systray`. (See https://github.com/fyne-io/systray/issues/22#issuecomment-1173157898.) 2. Orbit now properly detects if Fleet Desktop isn't running on Windows. Bug (1)'s panic output ``` panic: runtime error: invalid memory address or nil pointer dereference [signal 0xc0000005 code=0x0 addr=0x0 pc=0x72b14b] goroutine 23 [running]: fyne.io/systray.(*winTray).setTooltip(0x1eb5d40, {0x126923f?, 0x0?}) /Users/luk/gopath/pkg/mod/fyne.io/systray@v1.10.0/systray_windows.go:260 +0xcb fyne.io/systray.SetTooltip({0x126923f?, 0x125fc16?}) /Users/luk/gopath/pkg/mod/fyne.io/systray@v1.10.0/systray_windows.go:961 +0x29 main.main.func1() /Users/luk/fleetdm/git/fleet/orbit/cmd/desktop/desktop.go:103 +0xba fyne.io/systray.Register.func2() /Users/luk/gopath/pkg/mod/fyne.io/systray@v1.10.0/systray.go:98 +0x2f created by fyne.io/systray.Register in goroutine 1 /Users/luk/gopath/pkg/mod/fyne.io/systray@v1.10.0/systray.go:96 +0xb1 ``` - [X] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [X] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [X] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [x] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).
2024-01-29 21:52:55 +00:00
fyne.io/systray v1.10.1-0.20240111184411-11c585fff98d
github.com/AbGuthrie/goquery/v2 v2.0.1
github.com/DATA-DOG/go-sqlmock v1.5.0
github.com/Masterminds/semver v1.5.0
github.com/RobotsAndPencils/buford v0.14.0
github.com/VividCortex/mysqlerr v0.0.0-20170204212430-6c6b55f8796f
github.com/WatchBeam/clock v0.0.0-20170901150240-b08e6b4da7ea
github.com/XSAM/otelsql v0.10.0
github.com/andygrunwald/go-jira v1.16.0
github.com/antchfx/xmlquery v1.3.14
Bump github.com/aws/aws-sdk-go from 1.43.16 to 1.44.288 (#12466) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.16 to 1.44.288. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aws/aws-sdk-go/releases">github.com/aws/aws-sdk-go's releases</a>.</em></p> <blockquote> <h1>Release v1.44.288 (2023-06-22)</h1> <h3>Service Client Updates</h3> <ul> <li><code>service/chime-sdk-identity</code>: Updates service API and documentation</li> <li><code>service/chime-sdk-messaging</code>: Updates service API and documentation</li> <li><code>service/kendra</code>: Updates service API and documentation <ul> <li>Introducing Amazon Kendra Retrieve API that can be used to retrieve relevant passages or text excerpts given an input query.</li> </ul> </li> <li><code>service/states</code>: Updates service API and documentation <ul> <li>Adds support for Versions and Aliases. Adds 8 operations: PublishStateMachineVersion, DeleteStateMachineVersion, ListStateMachineVersions, CreateStateMachineAlias, DescribeStateMachineAlias, UpdateStateMachineAlias, DeleteStateMachineAlias, ListStateMachineAliases</li> </ul> </li> </ul> <h1>Release v1.44.287 (2023-06-21)</h1> <h3>Service Client Updates</h3> <ul> <li><code>service/dynamodb</code>: Updates service API, documentation, waiters, paginators, and examples <ul> <li>Documentation updates for DynamoDB</li> </ul> </li> <li><code>service/elasticmapreduce</code>: Updates service API, documentation, and paginators <ul> <li>This release introduces a new Amazon EMR EPI called ListSupportedInstanceTypes that returns a list of all instance types supported by a given EMR release.</li> </ul> </li> <li><code>service/inspector2</code>: Updates service API and documentation</li> <li><code>service/mediaconvert</code>: Updates service API and documentation <ul> <li>This release introduces the bandwidth reduction filter for the HEVC encoder, increases the limits of outputs per job, and updates support for the Nagra SDK to version 1.14.7.</li> </ul> </li> <li><code>service/mq</code>: Updates service API and documentation <ul> <li>The Cross Region Disaster Recovery feature allows to replicate a brokers state from one region to another in order to provide customers with multi-region resiliency in the event of a regional outage.</li> </ul> </li> <li><code>service/sagemaker</code>: Updates service API and documentation <ul> <li>This release provides support in SageMaker for output files in training jobs to be uploaded without compression and enable customer to deploy uncompressed model from S3 to real-time inference Endpoints. In addition, ml.trn1n.32xlarge is added to supported instance type list in training job.</li> </ul> </li> <li><code>service/transfer</code>: Updates service API and documentation <ul> <li>This release adds a new parameter StructuredLogDestinations to CreateServer, UpdateServer APIs.</li> </ul> </li> </ul> <h1>Release v1.44.286 (2023-06-20)</h1> <h3>Service Client Updates</h3> <ul> <li><code>service/appflow</code>: Updates service API and documentation</li> <li><code>service/config</code>: Updates service API</li> <li><code>service/ec2</code>: Updates service API and documentation <ul> <li>Adds support for targeting Dedicated Host allocations by assetIds in AWS Outposts</li> </ul> </li> <li><code>service/lambda</code>: Updates service API and documentation <ul> <li>This release adds RecursiveInvocationException to the Invoke API and InvokeWithResponseStream API.</li> </ul> </li> <li><code>service/redshift</code>: Updates service API, documentation, and paginators <ul> <li>Added support for custom domain names for Redshift Provisioned clusters. This feature enables customers to create a custom domain name and use ACM to generate fully secure connections to it.</li> </ul> </li> </ul> <h1>Release v1.44.285 (2023-06-19)</h1> <h3>Service Client Updates</h3> <ul> <li><code>service/cloudformation</code>: Updates service API and documentation <ul> <li>Specify desired CloudFormation behavior in the event of ChangeSet execution failure using the CreateChangeSet OnStackFailure parameter</li> </ul> </li> <li><code>service/ec2</code>: Updates service API, documentation, and examples <ul> <li>API changes to AWS Verified Access to include data from trust providers in logs</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aws/aws-sdk-go/commit/4db4de06bcdea158c89e162bebc9ef464db2d097"><code>4db4de0</code></a> Release v1.44.288 (2023-06-22) (<a href="https://redirect.github.com/aws/aws-sdk-go/issues/4892">#4892</a>)</li> <li><a href="https://github.com/aws/aws-sdk-go/commit/ac3d1b0ef272c87cfb310dc386722da682452844"><code>ac3d1b0</code></a> Release v1.44.287 (2023-06-21) (<a href="https://redirect.github.com/aws/aws-sdk-go/issues/4891">#4891</a>)</li> <li><a href="https://github.com/aws/aws-sdk-go/commit/e85309cb1185c143632138d55cf076dde3a4cd3e"><code>e85309c</code></a> Release v1.44.286 (2023-06-20) (<a href="https://redirect.github.com/aws/aws-sdk-go/issues/4890">#4890</a>)</li> <li><a href="https://github.com/aws/aws-sdk-go/commit/d3b5bbea5dfa92116795f6e8e1352cf2f1abd967"><code>d3b5bbe</code></a> Release v1.44.285 (2023-06-19) (<a href="https://redirect.github.com/aws/aws-sdk-go/issues/4889">#4889</a>)</li> <li><a href="https://github.com/aws/aws-sdk-go/commit/87a671cef0f83f5e2938a694bd2f2ef40b6fedd0"><code>87a671c</code></a> Release v1.44.284 (2023-06-16) (<a href="https://redirect.github.com/aws/aws-sdk-go/issues/4887">#4887</a>)</li> <li><a href="https://github.com/aws/aws-sdk-go/commit/efb91b58d6d087c0602a3f25ecc5d85c8ce8691b"><code>efb91b5</code></a> Release v1.44.283 (2023-06-15) (<a href="https://redirect.github.com/aws/aws-sdk-go/issues/4884">#4884</a>)</li> <li><a href="https://github.com/aws/aws-sdk-go/commit/89629049301e41185fb4255a8ce81e3c5cf688ae"><code>8962904</code></a> Release v1.44.282 (2023-06-13) (<a href="https://redirect.github.com/aws/aws-sdk-go/issues/4882">#4882</a>)</li> <li><a href="https://github.com/aws/aws-sdk-go/commit/dd4970433c7c164049a9764162e6fd3601dfa7fb"><code>dd49704</code></a> Release v1.44.281 (2023-06-12) (<a href="https://redirect.github.com/aws/aws-sdk-go/issues/4881">#4881</a>)</li> <li><a href="https://github.com/aws/aws-sdk-go/commit/12e9c10fa126fadd8b2b03eff1237e98c0d7851c"><code>12e9c10</code></a> Release v1.44.280 (2023-06-09) (<a href="https://redirect.github.com/aws/aws-sdk-go/issues/4880">#4880</a>)</li> <li><a href="https://github.com/aws/aws-sdk-go/commit/a5bef1542952d979233bd92569aa09eeb7686c6a"><code>a5bef15</code></a> Release v1.44.279 (2023-06-08) (<a href="https://redirect.github.com/aws/aws-sdk-go/issues/4878">#4878</a>)</li> <li>Additional commits viewable in <a href="https://github.com/aws/aws-sdk-go/compare/v1.43.16...v1.44.288">compare view</a></li> </ul> </details> <br /> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 19:43:29 +00:00
github.com/aws/aws-sdk-go v1.44.288
github.com/beevik/etree v1.1.0
2023-01-17 20:33:27 +00:00
github.com/beevik/ntp v0.3.0
github.com/briandowns/spinner v1.13.0
github.com/cenkalti/backoff v2.2.1+incompatible
2023-11-02 02:11:35 +00:00
github.com/cenkalti/backoff/v4 v4.2.1
github.com/clbanning/mxj v1.8.4
github.com/danieljoos/wincred v1.2.1
github.com/davecgh/go-spew v1.1.1
github.com/dgraph-io/badger/v2 v2.2007.2
github.com/digitalocean/go-smbios v0.0.0-20180907143718-390a4f403a8e
Bump github.com/docker/docker from 23.0.4+incompatible to 24.0.7+incompatible (#14795) Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.4+incompatible to 24.0.7+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v24.0.7</h2> <h2>24.0.7</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A24.0.7">docker/cli, 24.0.7 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A24.0.7">moby/moby, 24.0.7 milestone</a></li> </ul> <h3>Bug fixes and enhancements</h3> <ul> <li>Write overlay2 layer metadata atomically. <a href="https://redirect.github.com/moby/moby/pull/46703">moby/moby#46703</a></li> <li>Fix &quot;Rootful-in-Rootless&quot; Docker-in-Docker on systemd version 250 and later. <a href="https://redirect.github.com/moby/moby/pull/46626">moby/moby#46626</a></li> <li>Fix <code>dockerd-rootless-setuptools.sh</code> when username contains a backslash. <a href="https://redirect.github.com/moby/moby/pull/46407">moby/moby#46407</a></li> <li>Fix a bug that would prevent network sandboxes to be fully deleted when stopping containers with no network attachments and when <code>dockerd --bridge=none</code> is used. <a href="https://redirect.github.com/moby/moby/pull/46702">moby/moby#46702</a></li> <li>Fix a bug where cancelling an API request could interrupt container restart. <a href="https://redirect.github.com/moby/moby/pull/46697">moby/moby#46697</a></li> <li>Fix an issue where containers would fail to start when providing <code>--ip-range</code> with a range larger than the subnet. <a href="https://redirect.github.com/docker/for-mac/issues/6870">docker/for-mac#6870</a></li> <li>Fix data corruption with zstd output. <a href="https://redirect.github.com/moby/moby/pull/46709">moby/moby#46709</a></li> <li>Fix the conditions under which the container's MAC address is applied. <a href="https://redirect.github.com/moby/moby/pull/46478">moby/moby#46478</a></li> <li>Improve the performance of the stats collector. <a href="https://redirect.github.com/moby/moby/pull/46448">moby/moby#46448</a></li> <li>Fix an issue with source policy rules ending up in the wrong order. <a href="https://redirect.github.com/moby/moby/pull/46441">moby/moby#46441</a></li> </ul> <h3>Packaging updates</h3> <ul> <li>Add support for Fedora 39 and Ubuntu 23.10. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/940">docker/docker-ce-packaging#940</a>, <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/955">docker/docker-ce-packaging#955</a></li> <li>Fix <code>docker.socket</code> not getting disabled when uninstalling the <code>docker-ce</code> RPM package. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/852">docker/docker-ce-packaging#852</a></li> <li>Upgrade Go to <code>go1.20.10</code>. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/951">docker/docker-ce-packaging#951</a></li> <li>Upgrade containerd to <code>v1.7.6</code> (static binaries only). <a href="https://redirect.github.com/moby/moby/pull/46103">moby/moby#46103</a></li> <li>Upgrade the <code>containerd.io</code> package to <a href="https://github.com/containerd/containerd/releases/tag/v1.6.24"><code>v1.6.24</code></a>.</li> </ul> <h3>Security</h3> <ul> <li>Deny containers access to <code>/sys/devices/virtual/powercap</code> by default. This change hardens against <a href="https://scout.docker.com/v/CVE-2020-8694">CVE-2020-8694</a>, <a href="https://scout.docker.com/v/CVE-2020-8695">CVE-2020-8695</a>, and <a href="https://scout.docker.com/v/CVE-2020-12912">CVE-2020-12912</a>, and an attack known as <a href="https://platypusattack.com/">the PLATYPUS attack</a>. For more details, see <a href="https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p">advisory</a>, <a href="https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35">commit</a>.</li> </ul> <h2>v24.0.6</h2> <h2>24.0.6</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A24.0.6">docker/cli, 24.0.6 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A24.0.6">moby/moby, 24.0.6 milestone</a></li> </ul> <h3>Bug fixes and enhancements</h3> <ul> <li>containerd storage backend: Fix <code>docker ps</code> failing when a container image is no longer present in the content store. <a href="https://redirect.github.com/moby/moby/pull/46095">moby/moby#46095</a></li> <li>containerd storage backend: Fix <code>docker ps -s -a</code> and <code>docker container prune</code> failing when a container image config is no longer present in the content store. <a href="https://redirect.github.com/moby/moby/pull/46097">moby/moby#46097</a></li> <li>containerd storage backend: Fix <code>docker inspect</code> failing when a container image config is no longer (or was never) present in the content store. <a href="https://redirect.github.com/moby/moby/pull/46244">moby/moby#46244</a></li> <li>containerd storage backend: Fix diff and export with the <code>overlayfs</code> snapshotter by using reference-counted rootfs mounts. <a href="https://redirect.github.com/moby/moby/pull/46266">moby/moby#46266</a></li> <li>containerd storage backend: Fix a misleading error message when the image platforms available locally do not match the desired platform. <a href="https://redirect.github.com/moby/moby/pull/46300">moby/moby#46300</a></li> <li>containerd storage backend: Fix the <code>FROM scratch</code> Dockerfile instruction with the classic builder. <a href="https://redirect.github.com/moby/moby/pull/46302">moby/moby#46302</a></li> <li>containerd storage backend: Fix <code>mismatched image rootfs and manifest layers</code> errors with the classic builder. <a href="https://redirect.github.com/moby/moby/pull/46310">moby/moby#46310</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/moby/moby/commit/311b9ff0aa93aa55880e1e5f8871c4fb69583426"><code>311b9ff</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/46697">#46697</a> from thaJeztah/24.0_backport_restart_nocancel</li> <li><a href="https://github.com/moby/moby/commit/af608045eef0b87f31a24d21fb7af80de76134aa"><code>af60804</code></a> Merge pull request from GHSA-jq35-85cj-fj4p</li> <li><a href="https://github.com/moby/moby/commit/3cf363e1ee33fe00dbedfdb7d6caf299990d5568"><code>3cf363e</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/46709">#46709</a> from thaJeztah/24.0_backport_bump_compress</li> <li><a href="https://github.com/moby/moby/commit/05d7386665793b7f8398eb80b4e85adff5486035"><code>05d7386</code></a> daemon: daemon.containerRestart: don't cancel restart on context cancel</li> <li><a href="https://github.com/moby/moby/commit/649c9440f28c7334ee5c9f17889448a81dcc8729"><code>649c944</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/46703">#46703</a> from thaJeztah/24.0_backport_atomic-layer-data-write</li> <li><a href="https://github.com/moby/moby/commit/9b20b1a5fe0919a79cc15f6a3f331f2cdae0a37a"><code>9b20b1a</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/46702">#46702</a> from thaJeztah/24.0_backport_releaseNetwork_Network...</li> <li><a href="https://github.com/moby/moby/commit/dd37b0b960ec4d3da0ca2efe78fa47484d4c6380"><code>dd37b0b</code></a> vendor: github.com/klauspost/compress v1.17.2</li> <li><a href="https://github.com/moby/moby/commit/7058c0d24da8ac9267e52224b6a3beaa24ce5e9f"><code>7058c0d</code></a> vendor: github.com/klauspost/compress v1.16.5</li> <li><a href="https://github.com/moby/moby/commit/57bd38858262922b86ceea37770536ff535fa2af"><code>57bd388</code></a> daemon: overlay2: Write layer metadata atomically</li> <li><a href="https://github.com/moby/moby/commit/05d95fd5038a8a56ff69294a3bdd33b2d2769ba3"><code>05d95fd</code></a> daemon: release sandbox even when NetworkDisabled</li> <li>Additional commits viewable in <a href="https://github.com/docker/docker/compare/v23.0.4...v24.0.7">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/docker&package-manager=go_modules&previous-version=23.0.4+incompatible&new-version=24.0.7+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-01 16:52:56 +00:00
github.com/docker/docker v24.0.7+incompatible
Add Apple MDM functionality (#7940) * WIP * Adding DEP functionality to Fleet * Better organize additional MDM code * Add cmdr.py and amend API paths * Fix lint * Add demo file * Fix demo.md * go mod tidy * Add munki setup to Fleet * Add diagram to demo.md * Add fixes * Update TODOs and demo.md * Fix cmdr.py and add TODO * Add endpoints to demo.md * Add more Munki PoC/demo stuff * WIP * Remove proposals from PoC * Replace prepare commands with fleetctl commands * Update demo.md with current state * Remove config field * Amend demo * Remove Munki setup from MVP-Dogfood * Update demo.md * Add apple mdm commands (#7769) * fleetctl enqueue mdm command * fix deps * Fix build Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com> * Add command to upload installers * go mod tidy * fix subcommands help There is a bug in urfave/cli where help text is not generated properly when subcommands are nested too deep. * Add support for installing apps * Add a way to list enrolled devices * Add dep listing * Rearrange endpoints * Move DEP routine to schedule * Define paths globally * Add a way to list enrollments and installers * Parse device-ids as comma-separated string * Remove unused types * Add simple commands and nest under enqueue-command * Fix simple commands * Add help to enqueue-command * merge apple_mdm database * Fix commands * update nanomdm * Split nanomdm and nanodep schemas * Set 512 MB in memory for upload * Remove empty file * Amend profile * Add sample commands * Add delete installers and fix bug in DEP profile assigning * Add dogfood.md deployment guide * Update schema.sql * Dump schema with MySQL 5 * Set default value for authenticate_at * add tokens to enrollment profiles When a device downloads an MDM enrollment profile, verify the token passed as a query parameter. This ensures untrusted devices don't enroll with our MDM server. - Rename enrollments to enrollment profiles. Enrollments is used by nano to refer to devices that are enrolled with MDM - Rename endpoint /api/<version>/fleet/mdm/apple/enrollments to ../enrollmentprofiles - Generate a token for authentication when creating an enrollment profile - Return unauthorized if token is invalid when downloading an enrollment profile from /api/mdm/apple/enroll?token= * remove mdm apple server url * update docs * make dump-test-schema * Update nanomdm with missing prefix table * Add docs and simplify changes * Add changes file * Add method docs * Fix compile and revert prepare.go changes * Revert migration status check change * Amend comments * Add more docs * Clarify storage of installers * Remove TODO * Remove unused * update dogfood.md * remove cmdr.py * Add authorization tests * Add TODO comment * use kitlog for nano logging * Add yaml tags * Remove unused flag * Remove changes file * Only run DEP routine if MDM is enabled * Add docs to all new exported types * Add docs * more nano logging changes * Fix unintentional removal * more nano logging changes * Fix compile test * Use string for configs and fix config test * Add docs and amend changes * revert changes to basicAuthHandler * remove exported BasicAuthHandler * rename rego authz type * Add more information to dep list * add db tag * update deps * Fix schema * Remove unimplemented Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com> Co-authored-by: Michal Nicpon <michal@fleetdm.com>
2022-10-05 22:53:54 +00:00
github.com/docker/go-units v0.4.0
github.com/doug-martin/goqu/v9 v9.18.0
github.com/e-dard/netbug v0.0.0-20151029172837-e64d308a0b20
github.com/elazarl/go-bindata-assetfs v1.0.1
github.com/facebookincubator/nvdtools v0.1.6-0.20231010102659-d14ce526f176
github.com/fatih/color v1.15.0
Bump github.com/getsentry/sentry-go from 0.12.0 to 0.18.0 (#9793) Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.12.0 to 0.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-go/releases">github.com/getsentry/sentry-go's releases</a>.</em></p> <blockquote> <h2>0.18.0</h2> <p>The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.18.0. This release contains initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a> and various other bug fixes and improvements.</p> <p><strong>Note</strong>: This is the last release supporting Go 1.17.</p> <h3>Features</h3> <ul> <li> <p>Initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a>. You can now send all your OpenTelemetry spans to Sentry.</p> <p>Install the <code>otel</code> module</p> <pre lang="bash"><code>go get github.com/getsentry/sentry-go \ github.com/getsentry/sentry-go/otel </code></pre> <p>Configure the Sentry and OpenTelemetry SDKs</p> <pre lang="go"><code>import ( &quot;go.opentelemetry.io/otel&quot; sdktrace &quot;go.opentelemetry.io/otel/sdk/trace&quot; &quot;github.com/getsentry/sentry-go&quot; &quot;github.com/getsentry/sentry-go/otel&quot; // ... ) <p>// Initlaize the Sentry SDK sentry.Init(sentry.ClientOptions{ Dsn: &quot;<strong>DSN</strong>&quot;, EnableTracing: true, TracesSampleRate: 1.0, })</p> <p>// Set up the Sentry span processor tp := sdktrace.NewTracerProvider( sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()), // ... ) otel.SetTracerProvider(tp)</p> <p>// Set up the Sentry propagator otel.SetTextMapPropagator(sentryotel.NewSentryPropagator()) </code></pre></p> <p>You can read more about using OpenTelemetry with Sentry in our <a href="https://docs.sentry.io/platforms/go/performance/instrumentation/opentelemetry/">docs</a>.</p> </li> </ul> <h3>Bug Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md">github.com/getsentry/sentry-go's changelog</a>.</em></p> <blockquote> <h2>0.18.0</h2> <p>The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.18.0. This release contains initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a> and various other bug fixes and improvements.</p> <p><strong>Note</strong>: This is the last release supporting Go 1.17.</p> <h3>Features</h3> <ul> <li> <p>Initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a>. You can now send all your OpenTelemetry spans to Sentry.</p> <p>Install the <code>otel</code> module</p> <pre lang="bash"><code>go get github.com/getsentry/sentry-go \ github.com/getsentry/sentry-go/otel </code></pre> <p>Configure the Sentry and OpenTelemetry SDKs</p> <pre lang="go"><code>import ( &quot;go.opentelemetry.io/otel&quot; sdktrace &quot;go.opentelemetry.io/otel/sdk/trace&quot; &quot;github.com/getsentry/sentry-go&quot; &quot;github.com/getsentry/sentry-go/otel&quot; // ... ) <p>// Initlaize the Sentry SDK sentry.Init(sentry.ClientOptions{ Dsn: &quot;<strong>DSN</strong>&quot;, EnableTracing: true, TracesSampleRate: 1.0, })</p> <p>// Set up the Sentry span processor tp := sdktrace.NewTracerProvider( sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()), // ... ) otel.SetTracerProvider(tp)</p> <p>// Set up the Sentry propagator otel.SetTextMapPropagator(sentryotel.NewSentryPropagator()) </code></pre></p> <p>You can read more about using OpenTelemetry with Sentry in our <a href="https://docs.sentry.io/platforms/go/performance/instrumentation/opentelemetry/">docs</a>.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-go/commit/4b97c8e66159e9da864d79c502e4cbf59eb38031"><code>4b97c8e</code></a> release: 0.18.0</li> <li><a href="https://github.com/getsentry/sentry-go/commit/79724631e3ad22e2c3a167dfa13936e4e4a6d5d0"><code>7972463</code></a> fix(release): Bump root module version in submodules (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/576">#576</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/612c16704968c81c84c2479cd9d74b4373a0e62a"><code>612c167</code></a> fix(build): Tidy otel submodule (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/575">#575</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/3ec394335539ae0d0de0e87c012c5a845ce8849f"><code>3ec3943</code></a> doc: Prepare 0.18.0 (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/572">#572</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/bb6e2bdbf0d32bf4645ab8a29fed6f3183ddfee7"><code>bb6e2bd</code></a> fix(otel): Use vendored bagggage implementation in propagator (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/573">#573</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/3964ecefd0682870f9e1891cf85231db52be6c07"><code>3964ece</code></a> fix(baggage): Update baggage parsing and encoding in vendored otel package (#...</li> <li><a href="https://github.com/getsentry/sentry-go/commit/ef3a838eef937b2d67445dbe70a3fae83e4ec718"><code>ef3a838</code></a> test: Add Codecov configuration file (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/569">#569</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/de904d6e9788a7e2c165bd4ec4dec06ea43c38b5"><code>de904d6</code></a> fix(otel): Require otel 1.11.0 and higher (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/567">#567</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/d0a2aa3ebdba03d70bf5228c585cae1f2a800424"><code>d0a2aa3</code></a> fix: Create a frozen DSC when calling ToBaggage (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/566">#566</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/fb7618028bababd9197569610a87e59bdacb037e"><code>fb76180</code></a> release: Update .craft.yml to be ready for otel submodule release (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/565">#565</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-go/compare/v0.12.0...v0.18.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/getsentry/sentry-go&package-manager=go_modules&previous-version=0.12.0&new-version=0.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 02:24:03 +00:00
github.com/getsentry/sentry-go v0.18.0
github.com/ghodss/yaml v1.0.0
2023-11-02 02:11:35 +00:00
github.com/go-ini/ini v1.67.0
github.com/go-kit/kit v0.12.0
Bump github.com/go-kit/log from 0.2.0 to 0.2.1 (#10187) Bumps [github.com/go-kit/log](https://github.com/go-kit/log) from 0.2.0 to 0.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-kit/log/releases">github.com/go-kit/log's releases</a>.</em></p> <blockquote> <h2>v0.2.1</h2> <p>This release fixes a few small bugs and adds <code>level.Parse</code> which allows levels to be set by a string input from e.g. flags or environment variables. Thanks, <a href="https://github.com/mcosta74"><code>@​mcosta74</code></a>!</p> <h2>What's Changed</h2> <ul> <li>fix safeError &amp; safeString for json format by <a href="https://github.com/dwiyanr"><code>@​dwiyanr</code></a> in <a href="https://github-redirect.dependabot.com/go-kit/log/pull/20">go-kit/log#20</a></li> <li>Update CI and add badges to README by <a href="https://github.com/ChrisHines"><code>@​ChrisHines</code></a> in <a href="https://github-redirect.dependabot.com/go-kit/log/pull/21">go-kit/log#21</a></li> <li>Allow to configure allowed levels by string value by <a href="https://github.com/mcosta74"><code>@​mcosta74</code></a> in <a href="https://github-redirect.dependabot.com/go-kit/log/pull/22">go-kit/log#22</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dwiyanr"><code>@​dwiyanr</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/go-kit/log/pull/20">go-kit/log#20</a></li> <li><a href="https://github.com/mcosta74"><code>@​mcosta74</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/go-kit/log/pull/22">go-kit/log#22</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-kit/log/compare/v0.2.0...v0.2.1">https://github.com/go-kit/log/compare/v0.2.0...v0.2.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-kit/log/commit/0b69c7049332e99c25d5fd0f4d08317cfe45e7d8"><code>0b69c70</code></a> Allow to configure allowed levels by string value (<a href="https://github-redirect.dependabot.com/go-kit/log/issues/22">#22</a>)</li> <li><a href="https://github.com/go-kit/log/commit/3752ef76bbc4d0e88bff071af7339629c1a8c0e4"><code>3752ef7</code></a> Update CI and add badges to README (<a href="https://github-redirect.dependabot.com/go-kit/log/issues/21">#21</a>)</li> <li><a href="https://github.com/go-kit/log/commit/2b8dc2beb3395f30c74b00b2f585b7e9a3fea8d1"><code>2b8dc2b</code></a> fix safeError &amp; safeString for json format (<a href="https://github-redirect.dependabot.com/go-kit/log/issues/20">#20</a>)</li> <li>See full diff in <a href="https://github.com/go-kit/log/compare/v0.2.0...v0.2.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-kit/log&package-manager=go_modules&previous-version=0.2.0&new-version=0.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 01:26:57 +00:00
github.com/go-kit/log v0.2.1
github.com/go-ole/go-ole v1.2.6
github.com/go-sql-driver/mysql v1.7.1
github.com/gocarina/gocsv v0.0.0-20220310154401-d4df709ca055
github.com/golang-jwt/jwt/v4 v4.4.2
github.com/gomodule/redigo v1.8.9
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@​steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@​anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@​anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@​steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/5d08d3bd94c65a3b6c25c6fba6907d12b0dac4ca"><code>5d08d3b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/958">#958</a> from pjbgf/workval</li> <li><a href="https://github.com/go-git/go-git/commit/5bd1d8f4abcfbf1345a1e5a5ec9a96121f3746dc"><code>5bd1d8f</code></a> build: Ensure checkout is the first operation</li> <li><a href="https://github.com/go-git/go-git/commit/b2c19824771bbcbb21abb51abb319c1a610aa6b3"><code>b2c1982</code></a> git: worktree, Align validation with upstream rules</li> <li><a href="https://github.com/go-git/go-git/commit/cec7da63ca0412fce55a0bf0715b7ba44a41eaa2"><code>cec7da6</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/953">#953</a> from pjbgf/alternates</li> <li><a href="https://github.com/go-git/go-git/commit/8b47ceb1aa854f3c3bfa1c347157a04324fcd51e"><code>8b47ceb</code></a> storage: filesystem, Add option to set a specific FS for alternates</li> <li><a href="https://github.com/go-git/go-git/commit/4f614891047bae5d0f7a253f014175505b9821d7"><code>4f61489</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/941">#941</a> from djmoch/filestats-rename</li> <li><a href="https://github.com/go-git/go-git/commit/ae552ce0bf32cddb689727c4c9fa6bf4d3bd6499"><code>ae552ce</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/939">#939</a> from dhoizner/fix-pull-after-shallow</li> <li><a href="https://github.com/go-git/go-git/commit/cc1895b905ebadb09504d88444ff05932fa6e928"><code>cc1895b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/950">#950</a> from aymanbagabas/validate-ref</li> <li><a href="https://github.com/go-git/go-git/commit/de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd"><code>de1d5a5</code></a> git: validate reference names</li> <li><a href="https://github.com/go-git/go-git/commit/d87110b492c94d99ebdaea732b23a54b7efba94b"><code>d87110b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/948">#948</a> from go-git/dependabot/go_modules/cli/go-git/github.c...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-29 14:38:17 +00:00
github.com/google/go-cmp v0.6.0
github.com/google/go-github/v37 v37.0.0
github.com/google/uuid v1.3.0
github.com/goreleaser/goreleaser v1.1.0
github.com/goreleaser/nfpm/v2 v2.10.0
github.com/gorilla/mux v1.8.0
github.com/gorilla/websocket v1.4.2
github.com/gosuri/uilive v0.0.4
Add Apple MDM functionality (#7940) * WIP * Adding DEP functionality to Fleet * Better organize additional MDM code * Add cmdr.py and amend API paths * Fix lint * Add demo file * Fix demo.md * go mod tidy * Add munki setup to Fleet * Add diagram to demo.md * Add fixes * Update TODOs and demo.md * Fix cmdr.py and add TODO * Add endpoints to demo.md * Add more Munki PoC/demo stuff * WIP * Remove proposals from PoC * Replace prepare commands with fleetctl commands * Update demo.md with current state * Remove config field * Amend demo * Remove Munki setup from MVP-Dogfood * Update demo.md * Add apple mdm commands (#7769) * fleetctl enqueue mdm command * fix deps * Fix build Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com> * Add command to upload installers * go mod tidy * fix subcommands help There is a bug in urfave/cli where help text is not generated properly when subcommands are nested too deep. * Add support for installing apps * Add a way to list enrolled devices * Add dep listing * Rearrange endpoints * Move DEP routine to schedule * Define paths globally * Add a way to list enrollments and installers * Parse device-ids as comma-separated string * Remove unused types * Add simple commands and nest under enqueue-command * Fix simple commands * Add help to enqueue-command * merge apple_mdm database * Fix commands * update nanomdm * Split nanomdm and nanodep schemas * Set 512 MB in memory for upload * Remove empty file * Amend profile * Add sample commands * Add delete installers and fix bug in DEP profile assigning * Add dogfood.md deployment guide * Update schema.sql * Dump schema with MySQL 5 * Set default value for authenticate_at * add tokens to enrollment profiles When a device downloads an MDM enrollment profile, verify the token passed as a query parameter. This ensures untrusted devices don't enroll with our MDM server. - Rename enrollments to enrollment profiles. Enrollments is used by nano to refer to devices that are enrolled with MDM - Rename endpoint /api/<version>/fleet/mdm/apple/enrollments to ../enrollmentprofiles - Generate a token for authentication when creating an enrollment profile - Return unauthorized if token is invalid when downloading an enrollment profile from /api/mdm/apple/enroll?token= * remove mdm apple server url * update docs * make dump-test-schema * Update nanomdm with missing prefix table * Add docs and simplify changes * Add changes file * Add method docs * Fix compile and revert prepare.go changes * Revert migration status check change * Amend comments * Add more docs * Clarify storage of installers * Remove TODO * Remove unused * update dogfood.md * remove cmdr.py * Add authorization tests * Add TODO comment * use kitlog for nano logging * Add yaml tags * Remove unused flag * Remove changes file * Only run DEP routine if MDM is enabled * Add docs to all new exported types * Add docs * more nano logging changes * Fix unintentional removal * more nano logging changes * Fix compile test * Use string for configs and fix config test * Add docs and amend changes * revert changes to basicAuthHandler * remove exported BasicAuthHandler * rename rego authz type * Add more information to dep list * add db tag * update deps * Fix schema * Remove unimplemented Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com> Co-authored-by: Michal Nicpon <michal@fleetdm.com>
2022-10-05 22:53:54 +00:00
github.com/groob/plist v0.0.0-20220217120414-63fa881b19a5
github.com/hashicorp/go-multierror v1.1.1
github.com/hectane/go-acl v0.0.0-20190604041725-da78bae5fc95
github.com/hillu/go-ntdll v0.0.0-20220801201350-0d23f057ef1f
Update `sockjs-go` package to `v3.0.2` (#11884) In #10957, a customer attempted to run a live query on ~60k devices. We saw that Fleet receives all results from the devices, but stops sending them to the browser. We believe this _might_ be a deadlock (we couldn't confirm this because of lack of access to the Fleet instance itself). We haven't fully confirmed this to be the reason of the hang/missing-results, but it's worth updating because it [fixes a possible deadlock in the package](https://github.com/igm/sockjs-go/releases/tag/v3.0.2). The remaining changes are the result of running `go mod tidy`. - ~[ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information.~ - ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md)~ - ~[ ] Documented any permissions changes~ - ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements)~ - ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features.~ - ~[ ] Added/updated tests~ - [X] Manual QA for all new/changed functionality - ~For Orbit and Fleet Desktop changes:~ - ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux.~ - ~[ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-05-25 11:12:24 +00:00
github.com/igm/sockjs-go/v3 v3.0.2
github.com/jmoiron/sqlx v1.2.1-0.20190826204134-d7d95172beb5
Update `sockjs-go` package to `v3.0.2` (#11884) In #10957, a customer attempted to run a live query on ~60k devices. We saw that Fleet receives all results from the devices, but stops sending them to the browser. We believe this _might_ be a deadlock (we couldn't confirm this because of lack of access to the Fleet instance itself). We haven't fully confirmed this to be the reason of the hang/missing-results, but it's worth updating because it [fixes a possible deadlock in the package](https://github.com/igm/sockjs-go/releases/tag/v3.0.2). The remaining changes are the result of running `go mod tidy`. - ~[ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information.~ - ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md)~ - ~[ ] Documented any permissions changes~ - ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements)~ - ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features.~ - ~[ ] Added/updated tests~ - [X] Manual QA for all new/changed functionality - ~For Orbit and Fleet Desktop changes:~ - ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux.~ - ~[ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-05-25 11:12:24 +00:00
github.com/josephspurrier/goversioninfo v1.4.0
Bump github.com/kevinburke/go-bindata from 3.22.0+incompatible to 3.24.0+incompatible (#10186) Bumps [github.com/kevinburke/go-bindata](https://github.com/kevinburke/go-bindata) from 3.22.0+incompatible to 3.24.0+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/kevinburke/go-bindata/releases">github.com/kevinburke/go-bindata's releases</a>.</em></p> <blockquote> <p>v3.24.0</p> <p>v3.23.0</p> <p>test</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/kevinburke/go-bindata/blob/master/CHANGELOG.md">github.com/kevinburke/go-bindata's changelog</a>.</em></p> <blockquote> <h2>3.24.0</h2> <p>Remove uses of io/ioutil; you must use Go 1.18 or higher with this version of go-bindata and its generated asset files.</p> <p>Update generated doc comments for compatibility with Go's updated doc comment guidelines.</p> <h2>3.21.0</h2> <p>Replace &quot;Debug&quot; with &quot;AssetDebug&quot; to reduce the likelihood of conflicts.</p> <h2>3.20.0</h2> <p>Add the &quot;Debug&quot; constant if assets have been generated using the <code>--debug</code> flag at the command line.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kevinburke/go-bindata/commit/1b67e2de036bbd2b4f3e89944881f961eb8eeadc"><code>1b67e2d</code></a> v3.24.0</li> <li><a href="https://github.com/kevinburke/go-bindata/commit/2708ad279191cdfdb4bfaf6a0d53383865904609"><code>2708ad2</code></a> CHANGELOG.md: prep for v3.24 release</li> <li><a href="https://github.com/kevinburke/go-bindata/commit/5708eee1c210176ac0862c5b7d8790abd12b85ca"><code>5708eee</code></a> .github: add Go 1.18, 1.19</li> <li><a href="https://github.com/kevinburke/go-bindata/commit/4a992e31ef7e65186ac6bb6b19ad467ef831c2cd"><code>4a992e3</code></a> all: replace use of io/ioutil</li> <li><a href="https://github.com/kevinburke/go-bindata/commit/adf7cd2dcfd672212090fd763de8b70c1d6290d5"><code>adf7cd2</code></a> v3.23.0</li> <li><a href="https://github.com/kevinburke/go-bindata/commit/54fe8e9bc4b009734b2a4c7d4dd237fe302f7f06"><code>54fe8e9</code></a> Release binaries for arm64</li> <li><a href="https://github.com/kevinburke/go-bindata/commit/7ea02012884d824beeb40577295803bcb57b94fa"><code>7ea0201</code></a> .github: use latest Go versions</li> <li><a href="https://github.com/kevinburke/go-bindata/commit/12dca65da1b8e849252e7e201101743b0d7e44f9"><code>12dca65</code></a> benchmark should write to tmp dir, not ./testdata. Fixes <a href="https://github-redirect.dependabot.com/kevinburke/go-bindata/issues/42">#42</a>.</li> <li><a href="https://github.com/kevinburke/go-bindata/commit/0d7fe269ac0c7e61df03326dcfae61679d4fd2d1"><code>0d7fe26</code></a> go-bindata: don't panic if given invalid regex</li> <li><a href="https://github.com/kevinburke/go-bindata/commit/930726ace64fd012467c05e32670708313c13914"><code>930726a</code></a> release: remove underscores from function names</li> <li>Additional commits viewable in <a href="https://github.com/kevinburke/go-bindata/compare/v3.22.0...v3.24.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/kevinburke/go-bindata&package-manager=go_modules&previous-version=3.22.0+incompatible&new-version=3.24.0+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-01 03:28:12 +00:00
github.com/kevinburke/go-bindata v3.24.0+incompatible
github.com/kolide/launcher v1.0.12
github.com/lib/pq v1.10.9
github.com/macadmins/osquery-extension v0.0.15
github.com/mattermost/xml-roundtrip-validator v0.0.0-20201213122252-bcd7e1b9601e
github.com/mattn/go-sqlite3 v1.14.13
Add Apple MDM functionality (#7940) * WIP * Adding DEP functionality to Fleet * Better organize additional MDM code * Add cmdr.py and amend API paths * Fix lint * Add demo file * Fix demo.md * go mod tidy * Add munki setup to Fleet * Add diagram to demo.md * Add fixes * Update TODOs and demo.md * Fix cmdr.py and add TODO * Add endpoints to demo.md * Add more Munki PoC/demo stuff * WIP * Remove proposals from PoC * Replace prepare commands with fleetctl commands * Update demo.md with current state * Remove config field * Amend demo * Remove Munki setup from MVP-Dogfood * Update demo.md * Add apple mdm commands (#7769) * fleetctl enqueue mdm command * fix deps * Fix build Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com> * Add command to upload installers * go mod tidy * fix subcommands help There is a bug in urfave/cli where help text is not generated properly when subcommands are nested too deep. * Add support for installing apps * Add a way to list enrolled devices * Add dep listing * Rearrange endpoints * Move DEP routine to schedule * Define paths globally * Add a way to list enrollments and installers * Parse device-ids as comma-separated string * Remove unused types * Add simple commands and nest under enqueue-command * Fix simple commands * Add help to enqueue-command * merge apple_mdm database * Fix commands * update nanomdm * Split nanomdm and nanodep schemas * Set 512 MB in memory for upload * Remove empty file * Amend profile * Add sample commands * Add delete installers and fix bug in DEP profile assigning * Add dogfood.md deployment guide * Update schema.sql * Dump schema with MySQL 5 * Set default value for authenticate_at * add tokens to enrollment profiles When a device downloads an MDM enrollment profile, verify the token passed as a query parameter. This ensures untrusted devices don't enroll with our MDM server. - Rename enrollments to enrollment profiles. Enrollments is used by nano to refer to devices that are enrolled with MDM - Rename endpoint /api/<version>/fleet/mdm/apple/enrollments to ../enrollmentprofiles - Generate a token for authentication when creating an enrollment profile - Return unauthorized if token is invalid when downloading an enrollment profile from /api/mdm/apple/enroll?token= * remove mdm apple server url * update docs * make dump-test-schema * Update nanomdm with missing prefix table * Add docs and simplify changes * Add changes file * Add method docs * Fix compile and revert prepare.go changes * Revert migration status check change * Amend comments * Add more docs * Clarify storage of installers * Remove TODO * Remove unused * update dogfood.md * remove cmdr.py * Add authorization tests * Add TODO comment * use kitlog for nano logging * Add yaml tags * Remove unused flag * Remove changes file * Only run DEP routine if MDM is enabled * Add docs to all new exported types * Add docs * more nano logging changes * Fix unintentional removal * more nano logging changes * Fix compile test * Use string for configs and fix config test * Add docs and amend changes * revert changes to basicAuthHandler * remove exported BasicAuthHandler * rename rego authz type * Add more information to dep list * add db tag * update deps * Fix schema * Remove unimplemented Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com> Co-authored-by: Michal Nicpon <michal@fleetdm.com>
2022-10-05 22:53:54 +00:00
github.com/micromdm/micromdm v1.9.0
github.com/micromdm/nanodep v0.1.0
github.com/micromdm/scep/v2 v2.1.0
github.com/mitchellh/go-ps v1.0.0
github.com/mitchellh/gon v0.2.6-0.20231031204852-2d4f161ccecd
github.com/mna/redisc v1.3.2
2023-11-02 02:11:35 +00:00
github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646
github.com/ngrok/sqlmw v0.0.0-20211220175533-9d16fdc47b31
github.com/nukosuke/go-zendesk v0.13.1
github.com/oklog/run v1.1.0
github.com/olekukonko/tablewriter v0.0.5
github.com/open-policy-agent/opa v0.44.0
github.com/oschwald/geoip2-golang v1.8.0
github.com/osquery/osquery-go v0.0.0-20230603132358-d2e851b3991b
github.com/pandatix/nvdapi v0.6.4
github.com/patrickmn/go-cache v2.1.0+incompatible
github.com/pkg/errors v0.9.1
Bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#15741) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"><code>9d2ee97</code></a> ssh: implement strict KEX protocol changes</li> <li><a href="https://github.com/golang/crypto/commit/4e5a26183ecb4f9a0f85c8f8dbe7982885435436"><code>4e5a261</code></a> ssh: close net.Conn on all NewServerConn errors</li> <li><a href="https://github.com/golang/crypto/commit/152cdb1503ebc13bc0fbb68f92ee189ebf9e3d00"><code>152cdb1</code></a> x509roots/fallback: update bundle</li> <li><a href="https://github.com/golang/crypto/commit/fdfe1f8531a1adcc300c8eba98cb372044826d62"><code>fdfe1f8</code></a> ssh: defer channel window adjustment</li> <li><a href="https://github.com/golang/crypto/commit/b8ffc16e10063067bac0e15c6d7f7995937503ce"><code>b8ffc16</code></a> blake2b: drop Go 1.6, Go 1.8 compatibility</li> <li><a href="https://github.com/golang/crypto/commit/7e6fbd82c804e1760feb603fe21caecb0af0a124"><code>7e6fbd8</code></a> ssh: wrap errors from client handshake</li> <li><a href="https://github.com/golang/crypto/commit/bda2f3f5cfce3f27039acccd823693f6d67c2a74"><code>bda2f3f</code></a> argon2: avoid clobbering BP</li> <li><a href="https://github.com/golang/crypto/commit/325b735346247f48971d2b37d24dd180a35f391f"><code>325b735</code></a> ssh/test: skip TestSSHCLIAuth on Windows</li> <li><a href="https://github.com/golang/crypto/commit/1eadac50a566dfaa1b603ca15e8ad3cbd1c77b20"><code>1eadac5</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/b2d7c26edb17864f117d8b0ee73c1843bcc6090f"><code>b2d7c26</code></a> ssh: add (*Client).DialContext method</li> <li>Additional commits viewable in <a href="https://github.com/golang/crypto/compare/v0.14.0...v0.17.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/crypto&package-manager=go_modules&previous-version=0.14.0&new-version=0.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
2023-12-22 18:19:32 +00:00
github.com/pmezard/go-difflib v1.0.0
github.com/prometheus/client_golang v1.13.0
github.com/quasilyte/go-ruleguard/dsl v0.3.22
github.com/rs/zerolog v1.20.0
github.com/russellhaering/goxmldsig v1.2.0
github.com/scjalliance/comshim v0.0.0-20230315213746-5e51f40bd3b9
github.com/sethvargo/go-password v0.2.0
2023-11-02 02:11:35 +00:00
github.com/shirou/gopsutil/v3 v3.23.3
github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966
github.com/spf13/cast v1.4.1
github.com/spf13/cobra v1.5.0
github.com/spf13/viper v1.10.0
github.com/stretchr/testify v1.8.4
2023-11-02 02:11:35 +00:00
github.com/theupdateframework/go-tuf v0.5.2
github.com/throttled/throttled/v2 v2.8.0
github.com/tj/assert v0.0.3
github.com/ulikunitz/xz v0.5.10
github.com/urfave/cli/v2 v2.23.5
Bump github.com/getsentry/sentry-go from 0.12.0 to 0.18.0 (#9793) Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.12.0 to 0.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-go/releases">github.com/getsentry/sentry-go's releases</a>.</em></p> <blockquote> <h2>0.18.0</h2> <p>The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.18.0. This release contains initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a> and various other bug fixes and improvements.</p> <p><strong>Note</strong>: This is the last release supporting Go 1.17.</p> <h3>Features</h3> <ul> <li> <p>Initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a>. You can now send all your OpenTelemetry spans to Sentry.</p> <p>Install the <code>otel</code> module</p> <pre lang="bash"><code>go get github.com/getsentry/sentry-go \ github.com/getsentry/sentry-go/otel </code></pre> <p>Configure the Sentry and OpenTelemetry SDKs</p> <pre lang="go"><code>import ( &quot;go.opentelemetry.io/otel&quot; sdktrace &quot;go.opentelemetry.io/otel/sdk/trace&quot; &quot;github.com/getsentry/sentry-go&quot; &quot;github.com/getsentry/sentry-go/otel&quot; // ... ) <p>// Initlaize the Sentry SDK sentry.Init(sentry.ClientOptions{ Dsn: &quot;<strong>DSN</strong>&quot;, EnableTracing: true, TracesSampleRate: 1.0, })</p> <p>// Set up the Sentry span processor tp := sdktrace.NewTracerProvider( sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()), // ... ) otel.SetTracerProvider(tp)</p> <p>// Set up the Sentry propagator otel.SetTextMapPropagator(sentryotel.NewSentryPropagator()) </code></pre></p> <p>You can read more about using OpenTelemetry with Sentry in our <a href="https://docs.sentry.io/platforms/go/performance/instrumentation/opentelemetry/">docs</a>.</p> </li> </ul> <h3>Bug Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md">github.com/getsentry/sentry-go's changelog</a>.</em></p> <blockquote> <h2>0.18.0</h2> <p>The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.18.0. This release contains initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a> and various other bug fixes and improvements.</p> <p><strong>Note</strong>: This is the last release supporting Go 1.17.</p> <h3>Features</h3> <ul> <li> <p>Initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a>. You can now send all your OpenTelemetry spans to Sentry.</p> <p>Install the <code>otel</code> module</p> <pre lang="bash"><code>go get github.com/getsentry/sentry-go \ github.com/getsentry/sentry-go/otel </code></pre> <p>Configure the Sentry and OpenTelemetry SDKs</p> <pre lang="go"><code>import ( &quot;go.opentelemetry.io/otel&quot; sdktrace &quot;go.opentelemetry.io/otel/sdk/trace&quot; &quot;github.com/getsentry/sentry-go&quot; &quot;github.com/getsentry/sentry-go/otel&quot; // ... ) <p>// Initlaize the Sentry SDK sentry.Init(sentry.ClientOptions{ Dsn: &quot;<strong>DSN</strong>&quot;, EnableTracing: true, TracesSampleRate: 1.0, })</p> <p>// Set up the Sentry span processor tp := sdktrace.NewTracerProvider( sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()), // ... ) otel.SetTracerProvider(tp)</p> <p>// Set up the Sentry propagator otel.SetTextMapPropagator(sentryotel.NewSentryPropagator()) </code></pre></p> <p>You can read more about using OpenTelemetry with Sentry in our <a href="https://docs.sentry.io/platforms/go/performance/instrumentation/opentelemetry/">docs</a>.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-go/commit/4b97c8e66159e9da864d79c502e4cbf59eb38031"><code>4b97c8e</code></a> release: 0.18.0</li> <li><a href="https://github.com/getsentry/sentry-go/commit/79724631e3ad22e2c3a167dfa13936e4e4a6d5d0"><code>7972463</code></a> fix(release): Bump root module version in submodules (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/576">#576</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/612c16704968c81c84c2479cd9d74b4373a0e62a"><code>612c167</code></a> fix(build): Tidy otel submodule (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/575">#575</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/3ec394335539ae0d0de0e87c012c5a845ce8849f"><code>3ec3943</code></a> doc: Prepare 0.18.0 (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/572">#572</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/bb6e2bdbf0d32bf4645ab8a29fed6f3183ddfee7"><code>bb6e2bd</code></a> fix(otel): Use vendored bagggage implementation in propagator (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/573">#573</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/3964ecefd0682870f9e1891cf85231db52be6c07"><code>3964ece</code></a> fix(baggage): Update baggage parsing and encoding in vendored otel package (#...</li> <li><a href="https://github.com/getsentry/sentry-go/commit/ef3a838eef937b2d67445dbe70a3fae83e4ec718"><code>ef3a838</code></a> test: Add Codecov configuration file (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/569">#569</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/de904d6e9788a7e2c165bd4ec4dec06ea43c38b5"><code>de904d6</code></a> fix(otel): Require otel 1.11.0 and higher (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/567">#567</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/d0a2aa3ebdba03d70bf5228c585cae1f2a800424"><code>d0a2aa3</code></a> fix: Create a frozen DSC when calling ToBaggage (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/566">#566</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/fb7618028bababd9197569610a87e59bdacb037e"><code>fb76180</code></a> release: Update .craft.yml to be ready for otel submodule release (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/565">#565</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-go/compare/v0.12.0...v0.18.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/getsentry/sentry-go&package-manager=go_modules&previous-version=0.12.0&new-version=0.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 02:24:03 +00:00
github.com/valyala/fasthttp v1.40.0
github.com/ziutek/mymysql v1.5.4
go.elastic.co/apm/module/apmgorilla/v2 v2.3.0
go.elastic.co/apm/module/apmsql/v2 v2.4.3
go.elastic.co/apm/v2 v2.4.3
2023-01-17 20:33:27 +00:00
go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352
Bump go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux from 0.40.0 to 0.44.0 (#14588) Bumps [go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux](https://github.com/open-telemetry/opentelemetry-go-contrib) from 0.40.0 to 0.44.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/open-telemetry/opentelemetry-go-contrib/releases">go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux's releases</a>.</em></p> <blockquote> <h2>Release v1.20.0/v0.45.0/v0.14.0</h2> <h3>Added</h3> <ul> <li>Set the description for the <code>rpc.server.duration</code> metric in <code>go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4302">#4302</a>)</li> <li>Add <code>NewServerHandler</code> and <code>NewClientHandler</code> that return a <code>grpc.StatsHandler</code> used for gRPC instrumentation in <code>go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/3002">#3002</a>)</li> <li>Add new Prometheus bridge module in <code>go.opentelemetry.io/contrib/bridges/prometheus</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4227">#4227</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Upgrade dependencies of OpenTelemetry Go to use the new <a href="https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.19.0"><code>v1.19.0</code>/<code>v0.42.0</code>/<code>v0.0.7</code> release</a>.</li> <li>Use <code>grpc.StatsHandler</code> for gRPC instrumentation in <code>go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc/example</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4325">#4325</a>)</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/puckpuck"><code>@​puckpuck</code></a> made their first contribution in <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/pull/4302">open-telemetry/opentelemetry-go-contrib#4302</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/open-telemetry/opentelemetry-go-contrib/compare/v1.19.0...v1.20.0">https://github.com/open-telemetry/opentelemetry-go-contrib/compare/v1.19.0...v1.20.0</a></p> <h2>Release v1.19.0/v0.44.0/v0.13.0</h2> <h3>Added</h3> <ul> <li>Add <code>gcp.gce.instance.name</code> and <code>gcp.gce.instance.hostname</code> resource attributes to <code>go.opentelemetry.io/contrib/detectors/gcp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4263">#4263</a>)</li> </ul> <h3>Changed</h3> <ul> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/ec2</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/ecs</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/eks</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/lambda</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>) <ul> <li>The <code>faas.execution</code> attribute is now <code>faas.invocation_id</code>.</li> <li>The <code>faas.id</code> attribute is now <code>aws.lambda.invoked_arn</code>.</li> </ul> </li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The <code>http.request.method</code> attribute will only allow known HTTP methods from the metrics generated by <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4277">#4277</a>)</li> </ul> <h3>Removed</h3> <ul> <li>The high cardinality attributes <code>net.sock.peer.addr</code>, <code>net.sock.peer.port</code>, <code>http.user_agent</code>, <code>enduser.id</code>, and <code>http.client_ip</code> were removed from the metrics generated by <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4277">#4277</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/astaxie/beego/otelbeego</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/go-kit/kit/otelkit</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/Shopify/sarama/otelsarama</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/gocql/gocql/otelgocql</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/utsushiiro"><code>@​utsushiiro</code></a> made their first contribution in <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/pull/4260">open-telemetry/opentelemetry-go-contrib#4260</a></li> <li><a href="https://github.com/RangelReale"><code>@​RangelReale</code></a> made their first contribution in <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/pull/4230">open-telemetry/opentelemetry-go-contrib#4230</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/open-telemetry/opentelemetry-go-contrib/compare/v1.18.0...v1.19.0">https://github.com/open-telemetry/opentelemetry-go-contrib/compare/v1.18.0...v1.19.0</a></p> <h2>Release v1.18.0/v0.43.0/v0.12.0</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md">go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux's changelog</a>.</em></p> <blockquote> <h2>[1.19.0/0.44.0/0.13.0] - 2023-09-12</h2> <h3>Added</h3> <ul> <li>Add <code>gcp.gce.instance.name</code> and <code>gcp.gce.instance.hostname</code> resource attributes to <code>go.opentelemetry.io/contrib/detectors/gcp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4263">#4263</a>)</li> </ul> <h3>Changed</h3> <ul> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/ec2</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/ecs</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/eks</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/detectors/aws/lambda</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>) <ul> <li>The <code>faas.execution</code> attribute is now <code>faas.invocation_id</code>.</li> <li>The <code>faas.id</code> attribute is now <code>aws.lambda.invoked_arn</code>.</li> </ul> </li> <li>The semantic conventions used by <code>go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-sdk-go-v2/otelaws</code> have been upgraded to v1.21.0. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4265">#4265</a>)</li> <li>The <code>http.request.method</code> attribute will only allow known HTTP methods from the metrics generated by <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4277">#4277</a>)</li> </ul> <h3>Removed</h3> <ul> <li>The high cardinality attributes <code>net.sock.peer.addr</code>, <code>net.sock.peer.port</code>, <code>http.user_agent</code>, <code>enduser.id</code>, and <code>http.client_ip</code> were removed from the metrics generated by <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4277">#4277</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/astaxie/beego/otelbeego</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/go-kit/kit/otelkit</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/Shopify/sarama/otelsarama</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/bradfitz/gomemcache/memcache/otelmemcache</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li>The deprecated <code>go.opentelemetry.io/contrib/instrumentation/github.com/gocql/gocql/otelgocql</code> module is removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> </ul> <h2>[1.18.0/0.43.0/0.12.0] - 2023-08-28</h2> <h3>Added</h3> <ul> <li>Add <code>NewMiddleware</code> function in <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/2964">#2964</a>)</li> <li>The <code>go.opentelemetry.io/contrib/exporters/autoexport</code> package to provide configuration of trace exporters with useful defaults and environment variable support. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/2753">#2753</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4100">#4100</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4130">#4130</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4132">#4132</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4134">#4134</a>)</li> <li><code>WithRouteTag</code> in <code>go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp</code> adds HTTP route attribute to metrics. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/615">#615</a>)</li> <li>Add <code>WithSpanOptions</code> option in <code>go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/3768">#3768</a>)</li> <li>Add testing support for Go 1.21. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4233">#4233</a>)</li> <li>Add <code>WithFilter</code> option to <code>go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4230">#4230</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Change interceptors in <code>go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc</code> to disable <code>SENT</code>/<code>RECEIVED</code> events. Use <code>WithMessageEvents()</code> to turn back on. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/3964">#3964</a>)</li> </ul> <h3>Changed</h3> <ul> <li><code>go.opentelemetry.io/contrib/detectors/gcp</code>: Detect <code>faas.instance</code> instead of <code>faas.id</code>, since <code>faas.id</code> is being removed. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4198">#4198</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>AWS XRay Remote Sampling to cap <code>quotaBalance</code> to 1x quota in <code>go.opentelemetry.io/contrib/samplers/aws/xray</code>. (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/3651">#3651</a>, <a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/3652">#3652</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/open-telemetry/opentelemetry-go-contrib/commit/fdfa6e3abf03caa6a1d3267913e01526d97eab8a"><code>fdfa6e3</code></a> Release v1.19.0/v0.44.0/v0.13.0 (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4299">#4299</a>)</li> <li><a href="https://github.com/open-telemetry/opentelemetry-go-contrib/commit/aea75409c71c7c8f5d052692101efb83c4bc70b3"><code>aea7540</code></a> build(deps): bump github.com/aws/aws-sdk-go in /detectors/aws/ec2 (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4297">#4297</a>)</li> <li><a href="https://github.com/open-telemetry/opentelemetry-go-contrib/commit/7e88614696505c07b3760dfb44900211d964bbb3"><code>7e88614</code></a> Remove otelbeego, otelkit, otelsarama, otelmemcache, otelgocql (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4295">#4295</a>)</li> <li><a href="https://github.com/open-telemetry/opentelemetry-go-contrib/commit/14f153ea4a171cf884f44e22fcd360805cfce1e5"><code>14f153e</code></a> build(deps): bump actions/checkout from 3 to 4 (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4291">#4291</a>)</li> <li><a href="https://github.com/open-telemetry/opentelemetry-go-contrib/commit/01c596d0e85e2bdc7cd1118c4d9ce96d8bc74209"><code>01c596d</code></a> dependabot updates Mon Sep 11 05:08:50 UTC 2023 (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4294">#4294</a>)</li> <li><a href="https://github.com/open-telemetry/opentelemetry-go-contrib/commit/50ca48f8017e04bcf9149a5435e7f8f96f9e83c9"><code>50ca48f</code></a> Remove high cardanility metrics from otelhttp (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4277">#4277</a>)</li> <li><a href="https://github.com/open-telemetry/opentelemetry-go-contrib/commit/b6fc62f4da6f50864e04b800d5ef3326efe76617"><code>b6fc62f</code></a> Update go versions used in workflow (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4278">#4278</a>)</li> <li><a href="https://github.com/open-telemetry/opentelemetry-go-contrib/commit/7a8f53c61142607be68515339785f3db1a9e8310"><code>7a8f53c</code></a> Add new gcp host attributes (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4263">#4263</a>)</li> <li><a href="https://github.com/open-telemetry/opentelemetry-go-contrib/commit/aab5f49a93341323e85fa1c07fd03b4e322e980d"><code>aab5f49</code></a> [mux] Add request filters like otelhttp (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4230">#4230</a>)</li> <li><a href="https://github.com/open-telemetry/opentelemetry-go-contrib/commit/3ad5a2c545431824f851c62be1c9253a59427c07"><code>3ad5a2c</code></a> Deprecate otelmemcache, otelgocql (<a href="https://redirect.github.com/open-telemetry/opentelemetry-go-contrib/issues/4164">#4164</a>)</li> <li>Additional commits viewable in <a href="https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.40.0...zpages/v0.44.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux&package-manager=go_modules&previous-version=0.40.0&new-version=0.44.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
2023-11-07 18:20:51 +00:00
go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux v0.44.0
2023-11-02 02:11:35 +00:00
go.opentelemetry.io/otel v1.19.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.19.0
go.opentelemetry.io/otel/sdk v1.19.0
Bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#15741) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"><code>9d2ee97</code></a> ssh: implement strict KEX protocol changes</li> <li><a href="https://github.com/golang/crypto/commit/4e5a26183ecb4f9a0f85c8f8dbe7982885435436"><code>4e5a261</code></a> ssh: close net.Conn on all NewServerConn errors</li> <li><a href="https://github.com/golang/crypto/commit/152cdb1503ebc13bc0fbb68f92ee189ebf9e3d00"><code>152cdb1</code></a> x509roots/fallback: update bundle</li> <li><a href="https://github.com/golang/crypto/commit/fdfe1f8531a1adcc300c8eba98cb372044826d62"><code>fdfe1f8</code></a> ssh: defer channel window adjustment</li> <li><a href="https://github.com/golang/crypto/commit/b8ffc16e10063067bac0e15c6d7f7995937503ce"><code>b8ffc16</code></a> blake2b: drop Go 1.6, Go 1.8 compatibility</li> <li><a href="https://github.com/golang/crypto/commit/7e6fbd82c804e1760feb603fe21caecb0af0a124"><code>7e6fbd8</code></a> ssh: wrap errors from client handshake</li> <li><a href="https://github.com/golang/crypto/commit/bda2f3f5cfce3f27039acccd823693f6d67c2a74"><code>bda2f3f</code></a> argon2: avoid clobbering BP</li> <li><a href="https://github.com/golang/crypto/commit/325b735346247f48971d2b37d24dd180a35f391f"><code>325b735</code></a> ssh/test: skip TestSSHCLIAuth on Windows</li> <li><a href="https://github.com/golang/crypto/commit/1eadac50a566dfaa1b603ca15e8ad3cbd1c77b20"><code>1eadac5</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/b2d7c26edb17864f117d8b0ee73c1843bcc6090f"><code>b2d7c26</code></a> ssh: add (*Client).DialContext method</li> <li>Additional commits viewable in <a href="https://github.com/golang/crypto/compare/v0.14.0...v0.17.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/crypto&package-manager=go_modules&previous-version=0.14.0&new-version=0.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
2023-12-22 18:19:32 +00:00
golang.org/x/crypto v0.17.0
golang.org/x/exp v0.0.0-20230105202349-8879d0199aa3
2023-11-02 02:11:35 +00:00
golang.org/x/image v0.10.0
golang.org/x/mod v0.12.0
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@​steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@​anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@​anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@​steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/5d08d3bd94c65a3b6c25c6fba6907d12b0dac4ca"><code>5d08d3b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/958">#958</a> from pjbgf/workval</li> <li><a href="https://github.com/go-git/go-git/commit/5bd1d8f4abcfbf1345a1e5a5ec9a96121f3746dc"><code>5bd1d8f</code></a> build: Ensure checkout is the first operation</li> <li><a href="https://github.com/go-git/go-git/commit/b2c19824771bbcbb21abb51abb319c1a610aa6b3"><code>b2c1982</code></a> git: worktree, Align validation with upstream rules</li> <li><a href="https://github.com/go-git/go-git/commit/cec7da63ca0412fce55a0bf0715b7ba44a41eaa2"><code>cec7da6</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/953">#953</a> from pjbgf/alternates</li> <li><a href="https://github.com/go-git/go-git/commit/8b47ceb1aa854f3c3bfa1c347157a04324fcd51e"><code>8b47ceb</code></a> storage: filesystem, Add option to set a specific FS for alternates</li> <li><a href="https://github.com/go-git/go-git/commit/4f614891047bae5d0f7a253f014175505b9821d7"><code>4f61489</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/941">#941</a> from djmoch/filestats-rename</li> <li><a href="https://github.com/go-git/go-git/commit/ae552ce0bf32cddb689727c4c9fa6bf4d3bd6499"><code>ae552ce</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/939">#939</a> from dhoizner/fix-pull-after-shallow</li> <li><a href="https://github.com/go-git/go-git/commit/cc1895b905ebadb09504d88444ff05932fa6e928"><code>cc1895b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/950">#950</a> from aymanbagabas/validate-ref</li> <li><a href="https://github.com/go-git/go-git/commit/de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd"><code>de1d5a5</code></a> git: validate reference names</li> <li><a href="https://github.com/go-git/go-git/commit/d87110b492c94d99ebdaea732b23a54b7efba94b"><code>d87110b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/948">#948</a> from go-git/dependabot/go_modules/cli/go-git/github.c...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-29 14:38:17 +00:00
golang.org/x/net v0.19.0
2023-11-02 02:11:35 +00:00
golang.org/x/oauth2 v0.12.0
golang.org/x/sync v0.3.0
Bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#15741) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"><code>9d2ee97</code></a> ssh: implement strict KEX protocol changes</li> <li><a href="https://github.com/golang/crypto/commit/4e5a26183ecb4f9a0f85c8f8dbe7982885435436"><code>4e5a261</code></a> ssh: close net.Conn on all NewServerConn errors</li> <li><a href="https://github.com/golang/crypto/commit/152cdb1503ebc13bc0fbb68f92ee189ebf9e3d00"><code>152cdb1</code></a> x509roots/fallback: update bundle</li> <li><a href="https://github.com/golang/crypto/commit/fdfe1f8531a1adcc300c8eba98cb372044826d62"><code>fdfe1f8</code></a> ssh: defer channel window adjustment</li> <li><a href="https://github.com/golang/crypto/commit/b8ffc16e10063067bac0e15c6d7f7995937503ce"><code>b8ffc16</code></a> blake2b: drop Go 1.6, Go 1.8 compatibility</li> <li><a href="https://github.com/golang/crypto/commit/7e6fbd82c804e1760feb603fe21caecb0af0a124"><code>7e6fbd8</code></a> ssh: wrap errors from client handshake</li> <li><a href="https://github.com/golang/crypto/commit/bda2f3f5cfce3f27039acccd823693f6d67c2a74"><code>bda2f3f</code></a> argon2: avoid clobbering BP</li> <li><a href="https://github.com/golang/crypto/commit/325b735346247f48971d2b37d24dd180a35f391f"><code>325b735</code></a> ssh/test: skip TestSSHCLIAuth on Windows</li> <li><a href="https://github.com/golang/crypto/commit/1eadac50a566dfaa1b603ca15e8ad3cbd1c77b20"><code>1eadac5</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/b2d7c26edb17864f117d8b0ee73c1843bcc6090f"><code>b2d7c26</code></a> ssh: add (*Client).DialContext method</li> <li>Additional commits viewable in <a href="https://github.com/golang/crypto/compare/v0.14.0...v0.17.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/crypto&package-manager=go_modules&previous-version=0.14.0&new-version=0.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
2023-12-22 18:19:32 +00:00
golang.org/x/sys v0.15.0
golang.org/x/text v0.14.0
golang.org/x/tools v0.13.0
2023-11-02 02:11:35 +00:00
google.golang.org/grpc v1.58.3
gopkg.in/guregu/null.v3 v3.5.0
Update `sockjs-go` package to `v3.0.2` (#11884) In #10957, a customer attempted to run a live query on ~60k devices. We saw that Fleet receives all results from the devices, but stops sending them to the browser. We believe this _might_ be a deadlock (we couldn't confirm this because of lack of access to the Fleet instance itself). We haven't fully confirmed this to be the reason of the hang/missing-results, but it's worth updating because it [fixes a possible deadlock in the package](https://github.com/igm/sockjs-go/releases/tag/v3.0.2). The remaining changes are the result of running `go mod tidy`. - ~[ ] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information.~ - ~[ ] Documented any API changes (docs/Using-Fleet/REST-API.md or docs/Contributing/API-for-contributors.md)~ - ~[ ] Documented any permissions changes~ - ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements)~ - ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for new osquery data ingestion features.~ - ~[ ] Added/updated tests~ - [X] Manual QA for all new/changed functionality - ~For Orbit and Fleet Desktop changes:~ - ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows and Linux.~ - ~[ ] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-05-25 11:12:24 +00:00
gopkg.in/ini.v1 v1.67.0
gopkg.in/natefinch/lumberjack.v2 v2.0.0
gopkg.in/yaml.v2 v2.4.0
howett.net/plist v1.0.0
2023-11-02 02:11:35 +00:00
software.sslmate.com/src/go-pkcs12 v0.0.0-20210415151418-c5206de65a78
)
require (
2023-11-02 02:11:35 +00:00
cloud.google.com/go v0.110.8 // indirect
cloud.google.com/go/compute v1.23.0 // indirect
cloud.google.com/go/compute/metadata v0.2.3 // indirect
2023-11-02 02:11:35 +00:00
cloud.google.com/go/iam v1.1.2 // indirect
cloud.google.com/go/kms v1.15.2 // indirect
cloud.google.com/go/storage v1.30.1 // indirect
code.gitea.io/sdk/gitea v0.15.0 // indirect
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@​steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@​anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@​anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@​steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/5d08d3bd94c65a3b6c25c6fba6907d12b0dac4ca"><code>5d08d3b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/958">#958</a> from pjbgf/workval</li> <li><a href="https://github.com/go-git/go-git/commit/5bd1d8f4abcfbf1345a1e5a5ec9a96121f3746dc"><code>5bd1d8f</code></a> build: Ensure checkout is the first operation</li> <li><a href="https://github.com/go-git/go-git/commit/b2c19824771bbcbb21abb51abb319c1a610aa6b3"><code>b2c1982</code></a> git: worktree, Align validation with upstream rules</li> <li><a href="https://github.com/go-git/go-git/commit/cec7da63ca0412fce55a0bf0715b7ba44a41eaa2"><code>cec7da6</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/953">#953</a> from pjbgf/alternates</li> <li><a href="https://github.com/go-git/go-git/commit/8b47ceb1aa854f3c3bfa1c347157a04324fcd51e"><code>8b47ceb</code></a> storage: filesystem, Add option to set a specific FS for alternates</li> <li><a href="https://github.com/go-git/go-git/commit/4f614891047bae5d0f7a253f014175505b9821d7"><code>4f61489</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/941">#941</a> from djmoch/filestats-rename</li> <li><a href="https://github.com/go-git/go-git/commit/ae552ce0bf32cddb689727c4c9fa6bf4d3bd6499"><code>ae552ce</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/939">#939</a> from dhoizner/fix-pull-after-shallow</li> <li><a href="https://github.com/go-git/go-git/commit/cc1895b905ebadb09504d88444ff05932fa6e928"><code>cc1895b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/950">#950</a> from aymanbagabas/validate-ref</li> <li><a href="https://github.com/go-git/go-git/commit/de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd"><code>de1d5a5</code></a> git: validate reference names</li> <li><a href="https://github.com/go-git/go-git/commit/d87110b492c94d99ebdaea732b23a54b7efba94b"><code>d87110b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/948">#948</a> from go-git/dependabot/go_modules/cli/go-git/github.c...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-29 14:38:17 +00:00
dario.cat/mergo v1.0.0 // indirect
github.com/AlekSi/pointer v1.2.0 // indirect
github.com/Azure/azure-pipeline-go v0.2.3 // indirect
github.com/Azure/azure-sdk-for-go v57.0.0+incompatible // indirect
github.com/Azure/azure-storage-blob-go v0.14.0 // indirect
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
github.com/Azure/go-autorest/autorest v0.11.24 // indirect
github.com/Azure/go-autorest/autorest/adal v0.9.18 // indirect
github.com/Azure/go-autorest/autorest/azure/auth v0.5.8 // indirect
github.com/Azure/go-autorest/autorest/azure/cli v0.4.3 // indirect
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect
github.com/Azure/go-autorest/logger v0.2.1 // indirect
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
github.com/DataDog/zstd v1.4.5 // indirect
github.com/DisgoOrg/disgohook v1.4.3 // indirect
github.com/DisgoOrg/log v1.1.0 // indirect
github.com/DisgoOrg/restclient v1.2.7 // indirect
github.com/Masterminds/goutils v1.1.1 // indirect
github.com/Masterminds/semver/v3 v3.1.1 // indirect
github.com/Masterminds/sprig v2.22.0+incompatible // indirect
github.com/Microsoft/go-winio v0.6.1 // indirect
github.com/OneOfOne/xxhash v1.2.8 // indirect
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@​steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@​anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@​anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@​steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/5d08d3bd94c65a3b6c25c6fba6907d12b0dac4ca"><code>5d08d3b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/958">#958</a> from pjbgf/workval</li> <li><a href="https://github.com/go-git/go-git/commit/5bd1d8f4abcfbf1345a1e5a5ec9a96121f3746dc"><code>5bd1d8f</code></a> build: Ensure checkout is the first operation</li> <li><a href="https://github.com/go-git/go-git/commit/b2c19824771bbcbb21abb51abb319c1a610aa6b3"><code>b2c1982</code></a> git: worktree, Align validation with upstream rules</li> <li><a href="https://github.com/go-git/go-git/commit/cec7da63ca0412fce55a0bf0715b7ba44a41eaa2"><code>cec7da6</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/953">#953</a> from pjbgf/alternates</li> <li><a href="https://github.com/go-git/go-git/commit/8b47ceb1aa854f3c3bfa1c347157a04324fcd51e"><code>8b47ceb</code></a> storage: filesystem, Add option to set a specific FS for alternates</li> <li><a href="https://github.com/go-git/go-git/commit/4f614891047bae5d0f7a253f014175505b9821d7"><code>4f61489</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/941">#941</a> from djmoch/filestats-rename</li> <li><a href="https://github.com/go-git/go-git/commit/ae552ce0bf32cddb689727c4c9fa6bf4d3bd6499"><code>ae552ce</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/939">#939</a> from dhoizner/fix-pull-after-shallow</li> <li><a href="https://github.com/go-git/go-git/commit/cc1895b905ebadb09504d88444ff05932fa6e928"><code>cc1895b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/950">#950</a> from aymanbagabas/validate-ref</li> <li><a href="https://github.com/go-git/go-git/commit/de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd"><code>de1d5a5</code></a> git: validate reference names</li> <li><a href="https://github.com/go-git/go-git/commit/d87110b492c94d99ebdaea732b23a54b7efba94b"><code>d87110b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/948">#948</a> from go-git/dependabot/go_modules/cli/go-git/github.c...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-29 14:38:17 +00:00
github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect
github.com/agnivade/levenshtein v1.1.1 // indirect
github.com/akavel/rsrc v0.10.2 // indirect
github.com/alecthomas/jsonschema v0.0.0-20211022214203-8b29eab41725 // indirect
github.com/andybalholm/brotli v1.0.4 // indirect
2023-01-25 20:53:24 +00:00
github.com/antchfx/xpath v1.2.2 // indirect
github.com/apache/thrift v0.18.1 // indirect
github.com/apex/log v1.9.0 // indirect
github.com/armon/go-radix v1.0.0 // indirect
github.com/atc0005/go-teams-notify/v2 v2.6.0 // indirect
github.com/aws/aws-sdk-go-v2 v1.9.1 // indirect
github.com/aws/aws-sdk-go-v2/config v1.7.0 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.4.0 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.5.0 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.2.2 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.3.0 // indirect
github.com/aws/aws-sdk-go-v2/service/kms v1.5.0 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.4.0 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.7.0 // indirect
github.com/aws/smithy-go v1.8.0 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/blakesmith/ar v0.0.0-20190502131153-809d4375e1fb // indirect
github.com/c-bata/go-prompt v0.2.3 // indirect
github.com/caarlos0/ctrlc v1.0.0 // indirect
github.com/caarlos0/env/v6 v6.7.0 // indirect
github.com/caarlos0/go-shellwords v1.0.12 // indirect
github.com/cavaliercoder/go-cpio v0.0.0-20180626203310-925f9528c45e // indirect
github.com/cespare/xxhash v1.1.0 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
Bump github.com/cloudflare/circl from 1.3.3 to 1.3.7 (#15950) Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) from 1.3.3 to 1.3.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cloudflare/circl/releases">github.com/cloudflare/circl's releases</a>.</em></p> <blockquote> <h2>CIRCL v1.3.7</h2> <h3>What's Changed</h3> <ul> <li>build(deps): bump golang.org/x/crypto from 0.3.1-0.20221117191849-2c476679df9a to 0.17.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/467">cloudflare/circl#467</a></li> <li>kyber: remove division by q in ciphertext compression by <a href="https://github.com/bwesterb"><code>@​bwesterb</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/468">cloudflare/circl#468</a></li> <li>Releasing CIRCL v1.3.7 by <a href="https://github.com/armfazh"><code>@​armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/469">cloudflare/circl#469</a></li> </ul> <h3>New Contributors</h3> <ul> <li><a href="https://github.com/dependabot"><code>@​dependabot</code></a> made their first contribution in <a href="https://redirect.github.com/cloudflare/circl/pull/467">cloudflare/circl#467</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/cloudflare/circl/compare/v1.3.6...v1.3.7">https://github.com/cloudflare/circl/compare/v1.3.6...v1.3.7</a></p> <h2>CIRCL v1.3.6</h2> <h3>What's Changed</h3> <ul> <li>internal: add TurboShake{128,256} by <a href="https://github.com/bwesterb"><code>@​bwesterb</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/430">cloudflare/circl#430</a></li> <li>Kangaroo12 draft -10 by <a href="https://github.com/bwesterb"><code>@​bwesterb</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/431">cloudflare/circl#431</a></li> <li>Add K12 as XOF by <a href="https://github.com/bwesterb"><code>@​bwesterb</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/437">cloudflare/circl#437</a></li> <li>xof/k12: Fix a typo in the package documentation by <a href="https://github.com/cjpatton"><code>@​cjpatton</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/438">cloudflare/circl#438</a></li> <li>Set CIRCL version for generated assembler code. by <a href="https://github.com/armfazh"><code>@​armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/440">cloudflare/circl#440</a></li> <li>Add tkn20 benchmarks by <a href="https://github.com/tanyav2"><code>@​tanyav2</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/442">cloudflare/circl#442</a></li> <li>Add partially blind RSA implementation by <a href="https://github.com/chris-wood"><code>@​chris-wood</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/445">cloudflare/circl#445</a></li> <li>Update doc.go by <a href="https://github.com/nadimkobeissi"><code>@​nadimkobeissi</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/447">cloudflare/circl#447</a></li> <li>tss/rsa: key generation for threshold RSA (safe primes) by <a href="https://github.com/armfazh"><code>@​armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/450">cloudflare/circl#450</a></li> <li>Bumping Go version for CI jobs. by <a href="https://github.com/armfazh"><code>@​armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/457">cloudflare/circl#457</a></li> <li>Spelling by <a href="https://github.com/jsoref"><code>@​jsoref</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/456">cloudflare/circl#456</a></li> <li>blindrsa: updating blindrsa to be compliant with RFC9474 by <a href="https://github.com/armfazh"><code>@​armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/464">cloudflare/circl#464</a></li> <li>Releasing CIRCL v1.3.6 by <a href="https://github.com/armfazh"><code>@​armfazh</code></a> in <a href="https://redirect.github.com/cloudflare/circl/pull/465">cloudflare/circl#465</a></li> </ul> <h3>New Contributors</h3> <ul> <li><a href="https://github.com/nadimkobeissi"><code>@​nadimkobeissi</code></a> made their first contribution in <a href="https://redirect.github.com/cloudflare/circl/pull/447">cloudflare/circl#447</a></li> <li><a href="https://github.com/jsoref"><code>@​jsoref</code></a> made their first contribution in <a href="https://redirect.github.com/cloudflare/circl/pull/456">cloudflare/circl#456</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/cloudflare/circl/compare/v1.3.3...v1.3.6">https://github.com/cloudflare/circl/compare/v1.3.3...v1.3.6</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cloudflare/circl/commit/c48866b3068dfa83721c021dec03c777ba91abab"><code>c48866b</code></a> Releasing CIRCL v1.3.7</li> <li><a href="https://github.com/cloudflare/circl/commit/75ef91e8a2f438e6ce2b6e620d236add8be1887d"><code>75ef91e</code></a> kyber: remove division by q in ciphertext compression</li> <li><a href="https://github.com/cloudflare/circl/commit/899732a43256a5d6fb779917f597b32939ca4ba4"><code>899732a</code></a> build(deps): bump golang.org/x/crypto</li> <li><a href="https://github.com/cloudflare/circl/commit/99f0f715ca5fbec868f5a0db1df2be6dcd28dbaa"><code>99f0f71</code></a> Releasing CIRCL v1.3.6</li> <li><a href="https://github.com/cloudflare/circl/commit/e728d0d84e7e7cd9027050a62aa14adb8dec147c"><code>e728d0d</code></a> Apply thibmeu code review suggestions</li> <li><a href="https://github.com/cloudflare/circl/commit/ceb2d90c4922ec2e26be09a20f217ee57c8ba1c4"><code>ceb2d90</code></a> Updating blindrsa to be compliant with RFC9474.</li> <li><a href="https://github.com/cloudflare/circl/commit/44133f703215856ee0b8f243778f24b001ff6c95"><code>44133f7</code></a> spelling: tripped</li> <li><a href="https://github.com/cloudflare/circl/commit/c2076d67b2c717b1b1c6f3aa3b324bf93079b6fb"><code>c2076d6</code></a> spelling: transposes</li> <li><a href="https://github.com/cloudflare/circl/commit/dad216659ee1c9969957557a713537ceb589fce5"><code>dad2166</code></a> spelling: title</li> <li><a href="https://github.com/cloudflare/circl/commit/171c41832e7ec817b9b2873732db6da46bdb1139"><code>171c418</code></a> spelling: threshold</li> <li>Additional commits viewable in <a href="https://github.com/cloudflare/circl/compare/v1.3.3...v1.3.7">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/cloudflare/circl&package-manager=go_modules&previous-version=1.3.3&new-version=1.3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-10 14:46:55 +00:00
github.com/cloudflare/circl v1.3.7 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@​steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@​anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@​anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@​steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/5d08d3bd94c65a3b6c25c6fba6907d12b0dac4ca"><code>5d08d3b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/958">#958</a> from pjbgf/workval</li> <li><a href="https://github.com/go-git/go-git/commit/5bd1d8f4abcfbf1345a1e5a5ec9a96121f3746dc"><code>5bd1d8f</code></a> build: Ensure checkout is the first operation</li> <li><a href="https://github.com/go-git/go-git/commit/b2c19824771bbcbb21abb51abb319c1a610aa6b3"><code>b2c1982</code></a> git: worktree, Align validation with upstream rules</li> <li><a href="https://github.com/go-git/go-git/commit/cec7da63ca0412fce55a0bf0715b7ba44a41eaa2"><code>cec7da6</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/953">#953</a> from pjbgf/alternates</li> <li><a href="https://github.com/go-git/go-git/commit/8b47ceb1aa854f3c3bfa1c347157a04324fcd51e"><code>8b47ceb</code></a> storage: filesystem, Add option to set a specific FS for alternates</li> <li><a href="https://github.com/go-git/go-git/commit/4f614891047bae5d0f7a253f014175505b9821d7"><code>4f61489</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/941">#941</a> from djmoch/filestats-rename</li> <li><a href="https://github.com/go-git/go-git/commit/ae552ce0bf32cddb689727c4c9fa6bf4d3bd6499"><code>ae552ce</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/939">#939</a> from dhoizner/fix-pull-after-shallow</li> <li><a href="https://github.com/go-git/go-git/commit/cc1895b905ebadb09504d88444ff05932fa6e928"><code>cc1895b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/950">#950</a> from aymanbagabas/validate-ref</li> <li><a href="https://github.com/go-git/go-git/commit/de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd"><code>de1d5a5</code></a> git: validate reference names</li> <li><a href="https://github.com/go-git/go-git/commit/d87110b492c94d99ebdaea732b23a54b7efba94b"><code>d87110b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/948">#948</a> from go-git/dependabot/go_modules/cli/go-git/github.c...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-29 14:38:17 +00:00
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
github.com/dghubble/go-twitter v0.0.0-20210609183100-2fdbf421508e // indirect
github.com/dghubble/oauth1 v0.7.0 // indirect
github.com/dghubble/sling v1.3.0 // indirect
github.com/dgraph-io/ristretto v0.1.0 // indirect
github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 // indirect
github.com/dimchansky/utfbom v1.1.1 // indirect
2023-11-02 02:11:35 +00:00
github.com/docker/distribution v2.8.2+incompatible // indirect
github.com/docker/go-connections v0.4.0 // indirect
2023-11-02 02:11:35 +00:00
github.com/dustin/go-humanize v1.0.1 // indirect
github.com/elastic/go-sysinfo v1.7.1 // indirect
github.com/elastic/go-windows v1.0.1 // indirect
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@​steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@​anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@​anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@​steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/5d08d3bd94c65a3b6c25c6fba6907d12b0dac4ca"><code>5d08d3b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/958">#958</a> from pjbgf/workval</li> <li><a href="https://github.com/go-git/go-git/commit/5bd1d8f4abcfbf1345a1e5a5ec9a96121f3746dc"><code>5bd1d8f</code></a> build: Ensure checkout is the first operation</li> <li><a href="https://github.com/go-git/go-git/commit/b2c19824771bbcbb21abb51abb319c1a610aa6b3"><code>b2c1982</code></a> git: worktree, Align validation with upstream rules</li> <li><a href="https://github.com/go-git/go-git/commit/cec7da63ca0412fce55a0bf0715b7ba44a41eaa2"><code>cec7da6</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/953">#953</a> from pjbgf/alternates</li> <li><a href="https://github.com/go-git/go-git/commit/8b47ceb1aa854f3c3bfa1c347157a04324fcd51e"><code>8b47ceb</code></a> storage: filesystem, Add option to set a specific FS for alternates</li> <li><a href="https://github.com/go-git/go-git/commit/4f614891047bae5d0f7a253f014175505b9821d7"><code>4f61489</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/941">#941</a> from djmoch/filestats-rename</li> <li><a href="https://github.com/go-git/go-git/commit/ae552ce0bf32cddb689727c4c9fa6bf4d3bd6499"><code>ae552ce</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/939">#939</a> from dhoizner/fix-pull-after-shallow</li> <li><a href="https://github.com/go-git/go-git/commit/cc1895b905ebadb09504d88444ff05932fa6e928"><code>cc1895b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/950">#950</a> from aymanbagabas/validate-ref</li> <li><a href="https://github.com/go-git/go-git/commit/de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd"><code>de1d5a5</code></a> git: validate reference names</li> <li><a href="https://github.com/go-git/go-git/commit/d87110b492c94d99ebdaea732b23a54b7efba94b"><code>d87110b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/948">#948</a> from go-git/dependabot/go_modules/cli/go-git/github.c...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-29 14:38:17 +00:00
github.com/emirpasic/gods v1.18.1 // indirect
github.com/facebookincubator/flog v0.0.0-20190930132826-d2511d0ce33c // indirect
github.com/fatih/structs v1.1.0 // indirect
github.com/felixge/httpsnoop v1.0.3 // indirect
2023-11-02 02:11:35 +00:00
github.com/fsnotify/fsnotify v1.6.0 // indirect
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@​steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@​anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@​anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@​steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/5d08d3bd94c65a3b6c25c6fba6907d12b0dac4ca"><code>5d08d3b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/958">#958</a> from pjbgf/workval</li> <li><a href="https://github.com/go-git/go-git/commit/5bd1d8f4abcfbf1345a1e5a5ec9a96121f3746dc"><code>5bd1d8f</code></a> build: Ensure checkout is the first operation</li> <li><a href="https://github.com/go-git/go-git/commit/b2c19824771bbcbb21abb51abb319c1a610aa6b3"><code>b2c1982</code></a> git: worktree, Align validation with upstream rules</li> <li><a href="https://github.com/go-git/go-git/commit/cec7da63ca0412fce55a0bf0715b7ba44a41eaa2"><code>cec7da6</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/953">#953</a> from pjbgf/alternates</li> <li><a href="https://github.com/go-git/go-git/commit/8b47ceb1aa854f3c3bfa1c347157a04324fcd51e"><code>8b47ceb</code></a> storage: filesystem, Add option to set a specific FS for alternates</li> <li><a href="https://github.com/go-git/go-git/commit/4f614891047bae5d0f7a253f014175505b9821d7"><code>4f61489</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/941">#941</a> from djmoch/filestats-rename</li> <li><a href="https://github.com/go-git/go-git/commit/ae552ce0bf32cddb689727c4c9fa6bf4d3bd6499"><code>ae552ce</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/939">#939</a> from dhoizner/fix-pull-after-shallow</li> <li><a href="https://github.com/go-git/go-git/commit/cc1895b905ebadb09504d88444ff05932fa6e928"><code>cc1895b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/950">#950</a> from aymanbagabas/validate-ref</li> <li><a href="https://github.com/go-git/go-git/commit/de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd"><code>de1d5a5</code></a> git: validate reference names</li> <li><a href="https://github.com/go-git/go-git/commit/d87110b492c94d99ebdaea732b23a54b7efba94b"><code>d87110b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/948">#948</a> from go-git/dependabot/go_modules/cli/go-git/github.c...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-29 14:38:17 +00:00
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
github.com/go-git/go-billy/v5 v5.5.0 // indirect
github.com/go-git/go-git/v5 v5.11.0 // indirect
github.com/go-logfmt/logfmt v0.5.1 // indirect
github.com/go-logr/logr v1.2.4 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-telegram-bot-api/telegram-bot-api v4.6.4+incompatible // indirect
github.com/gobwas/glob v0.2.3 // indirect
github.com/godbus/dbus/v5 v5.1.0 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
2023-11-02 02:11:35 +00:00
github.com/golang/glog v1.1.0 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/golang/snappy v0.0.4 // indirect
Add Apple MDM functionality (#7940) * WIP * Adding DEP functionality to Fleet * Better organize additional MDM code * Add cmdr.py and amend API paths * Fix lint * Add demo file * Fix demo.md * go mod tidy * Add munki setup to Fleet * Add diagram to demo.md * Add fixes * Update TODOs and demo.md * Fix cmdr.py and add TODO * Add endpoints to demo.md * Add more Munki PoC/demo stuff * WIP * Remove proposals from PoC * Replace prepare commands with fleetctl commands * Update demo.md with current state * Remove config field * Amend demo * Remove Munki setup from MVP-Dogfood * Update demo.md * Add apple mdm commands (#7769) * fleetctl enqueue mdm command * fix deps * Fix build Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com> * Add command to upload installers * go mod tidy * fix subcommands help There is a bug in urfave/cli where help text is not generated properly when subcommands are nested too deep. * Add support for installing apps * Add a way to list enrolled devices * Add dep listing * Rearrange endpoints * Move DEP routine to schedule * Define paths globally * Add a way to list enrollments and installers * Parse device-ids as comma-separated string * Remove unused types * Add simple commands and nest under enqueue-command * Fix simple commands * Add help to enqueue-command * merge apple_mdm database * Fix commands * update nanomdm * Split nanomdm and nanodep schemas * Set 512 MB in memory for upload * Remove empty file * Amend profile * Add sample commands * Add delete installers and fix bug in DEP profile assigning * Add dogfood.md deployment guide * Update schema.sql * Dump schema with MySQL 5 * Set default value for authenticate_at * add tokens to enrollment profiles When a device downloads an MDM enrollment profile, verify the token passed as a query parameter. This ensures untrusted devices don't enroll with our MDM server. - Rename enrollments to enrollment profiles. Enrollments is used by nano to refer to devices that are enrolled with MDM - Rename endpoint /api/<version>/fleet/mdm/apple/enrollments to ../enrollmentprofiles - Generate a token for authentication when creating an enrollment profile - Return unauthorized if token is invalid when downloading an enrollment profile from /api/mdm/apple/enroll?token= * remove mdm apple server url * update docs * make dump-test-schema * Update nanomdm with missing prefix table * Add docs and simplify changes * Add changes file * Add method docs * Fix compile and revert prepare.go changes * Revert migration status check change * Amend comments * Add more docs * Clarify storage of installers * Remove TODO * Remove unused * update dogfood.md * remove cmdr.py * Add authorization tests * Add TODO comment * use kitlog for nano logging * Add yaml tags * Remove unused flag * Remove changes file * Only run DEP routine if MDM is enabled * Add docs to all new exported types * Add docs * more nano logging changes * Fix unintentional removal * more nano logging changes * Fix compile test * Use string for configs and fix config test * Add docs and amend changes * revert changes to basicAuthHandler * remove exported BasicAuthHandler * rename rego authz type * Add more information to dep list * add db tag * update deps * Fix schema * Remove unimplemented Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com> Co-authored-by: Michal Nicpon <michal@fleetdm.com>
2022-10-05 22:53:54 +00:00
github.com/gomodule/oauth1 v0.2.0 // indirect
github.com/google/go-github/v39 v39.2.0 // indirect
github.com/google/go-querystring v1.1.0 // indirect
github.com/google/rpmpack v0.0.0-20210518075352-dc539ef4f2ea // indirect
2023-11-02 02:11:35 +00:00
github.com/google/s2a-go v0.1.4 // indirect
github.com/google/wire v0.5.0 // indirect
2023-11-02 02:11:35 +00:00
github.com/googleapis/enterprise-certificate-proxy v0.2.4 // indirect
github.com/googleapis/gax-go/v2 v2.12.0 // indirect
github.com/goreleaser/chglog v0.1.2 // indirect
github.com/goreleaser/fileglob v1.2.0 // indirect
Updating CPE generator to use new NVD API. (#15018) Loom explaining changes (hit 5 min limit): https://www.loom.com/share/e59b63bf638e4d9cad7984ef589b878d?sid=111fff75-115a-4a44-ae4f-6f25fede0d51 #14887 - [x] Need to merge fleetdm/nvd PR https://github.com/fleetdm/nvd/pull/25 before this one. # Checklist for submitter - [x] Added/updated tests - [x] Manual QA for all new/changed functionality - Manually tested (with corresponding fleetdm/fleet changes) in my personal fork: https://github.com/getvictor/nvd/releases # QA Plan (must be done before merging this PR, and after merging the nvd PR) - [ ] Fork https://github.com/fleetdm/nvd and point `generate.yml` to this branch. [example](https://github.com/getvictor/nvd/blob/9d8e54930bc174b00cc2daa70f55cabf0f9dba6e/.github/workflows/generate.yml#L26) - [ ] Add NVD_API_KEY to nvd secrets, and run the the nvd generate GitHub action. Get key: https://nvd.nist.gov/developers/request-an-api-key - [ ] Compare the generated `cpe-###.sqlite.gz` to the previous one. One way is to open it up with sqlite3 and `select * from cpe_2 order by cpe23;` and dump results to a CSV file. Known differences are: - New file has ~2,500 more records - Backslashes are handled differently for `Backpack\CRUD` and `Philips In.Sight B120\37` products -- not a new issue since we do not support those products right now - `cpe:2.3:a:moodle:moodle:4.2.0:*:*:*:*:*:*:*` -- this appears OK. Also, it is a PHP plugin, and we don't support these currently. - [ ] Record the existing vulnerabilities of current hosts. - [ ] Stop any running fleet server. Delete `/tmp/vulndbs/cpe.sqlite`. Can also delete other files there, or not delete this file -- it should be overwritten by the new file. Also delete all rows in software_cpe and software_cve DB tables. (Or can just spin up a fresh fleet server with fresh DB, and re-enroll hosts (after setting the new env variable below)) - [ ] Find the path to the generated `cpe-###.sqlite.gz` file - [ ] Set `FLEET_VULNERABILITIES_CPE_DATABASE_URL` environment variable to the above path, and start fleet server. - [ ] After server's vulnerabilities cron job runs, the new vulnerabilities should match the previous vulnerabilities
2023-11-20 22:10:00 +00:00
github.com/gorilla/schema v1.2.0 // indirect
Add Apple MDM functionality (#7940) * WIP * Adding DEP functionality to Fleet * Better organize additional MDM code * Add cmdr.py and amend API paths * Fix lint * Add demo file * Fix demo.md * go mod tidy * Add munki setup to Fleet * Add diagram to demo.md * Add fixes * Update TODOs and demo.md * Fix cmdr.py and add TODO * Add endpoints to demo.md * Add more Munki PoC/demo stuff * WIP * Remove proposals from PoC * Replace prepare commands with fleetctl commands * Update demo.md with current state * Remove config field * Amend demo * Remove Munki setup from MVP-Dogfood * Update demo.md * Add apple mdm commands (#7769) * fleetctl enqueue mdm command * fix deps * Fix build Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com> * Add command to upload installers * go mod tidy * fix subcommands help There is a bug in urfave/cli where help text is not generated properly when subcommands are nested too deep. * Add support for installing apps * Add a way to list enrolled devices * Add dep listing * Rearrange endpoints * Move DEP routine to schedule * Define paths globally * Add a way to list enrollments and installers * Parse device-ids as comma-separated string * Remove unused types * Add simple commands and nest under enqueue-command * Fix simple commands * Add help to enqueue-command * merge apple_mdm database * Fix commands * update nanomdm * Split nanomdm and nanodep schemas * Set 512 MB in memory for upload * Remove empty file * Amend profile * Add sample commands * Add delete installers and fix bug in DEP profile assigning * Add dogfood.md deployment guide * Update schema.sql * Dump schema with MySQL 5 * Set default value for authenticate_at * add tokens to enrollment profiles When a device downloads an MDM enrollment profile, verify the token passed as a query parameter. This ensures untrusted devices don't enroll with our MDM server. - Rename enrollments to enrollment profiles. Enrollments is used by nano to refer to devices that are enrolled with MDM - Rename endpoint /api/<version>/fleet/mdm/apple/enrollments to ../enrollmentprofiles - Generate a token for authentication when creating an enrollment profile - Return unauthorized if token is invalid when downloading an enrollment profile from /api/mdm/apple/enroll?token= * remove mdm apple server url * update docs * make dump-test-schema * Update nanomdm with missing prefix table * Add docs and simplify changes * Add changes file * Add method docs * Fix compile and revert prepare.go changes * Revert migration status check change * Amend comments * Add more docs * Clarify storage of installers * Remove TODO * Remove unused * update dogfood.md * remove cmdr.py * Add authorization tests * Add TODO comment * use kitlog for nano logging * Add yaml tags * Remove unused flag * Remove changes file * Only run DEP routine if MDM is enabled * Add docs to all new exported types * Add docs * more nano logging changes * Fix unintentional removal * more nano logging changes * Fix compile test * Use string for configs and fix config test * Add docs and amend changes * revert changes to basicAuthHandler * remove exported BasicAuthHandler * rename rego authz type * Add more information to dep list * add db tag * update deps * Fix schema * Remove unimplemented Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com> Co-authored-by: Michal Nicpon <michal@fleetdm.com>
2022-10-05 22:53:54 +00:00
github.com/groob/finalizer v0.0.0-20170707115354-4c2ed49aabda // indirect
2023-11-02 02:11:35 +00:00
github.com/grpc-ecosystem/grpc-gateway/v2 v2.18.0 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-hclog v1.0.0 // indirect
github.com/hashicorp/go-retryablehttp v0.6.8 // indirect
github.com/hashicorp/go-version v1.2.1 // indirect
github.com/hashicorp/golang-lru v0.5.4 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/huandu/xstrings v1.3.2 // indirect
github.com/iancoleman/orderedmap v0.2.0 // indirect
github.com/imdario/mergo v0.3.12 // indirect
github.com/inconshreveable/mousetrap v1.0.0 // indirect
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
github.com/joeshaw/multierror v0.0.0-20140124173710-69b34d4ec901 // indirect
github.com/jonboulle/clockwork v0.2.2 // indirect
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@​steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@​anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@​anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@​steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/5d08d3bd94c65a3b6c25c6fba6907d12b0dac4ca"><code>5d08d3b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/958">#958</a> from pjbgf/workval</li> <li><a href="https://github.com/go-git/go-git/commit/5bd1d8f4abcfbf1345a1e5a5ec9a96121f3746dc"><code>5bd1d8f</code></a> build: Ensure checkout is the first operation</li> <li><a href="https://github.com/go-git/go-git/commit/b2c19824771bbcbb21abb51abb319c1a610aa6b3"><code>b2c1982</code></a> git: worktree, Align validation with upstream rules</li> <li><a href="https://github.com/go-git/go-git/commit/cec7da63ca0412fce55a0bf0715b7ba44a41eaa2"><code>cec7da6</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/953">#953</a> from pjbgf/alternates</li> <li><a href="https://github.com/go-git/go-git/commit/8b47ceb1aa854f3c3bfa1c347157a04324fcd51e"><code>8b47ceb</code></a> storage: filesystem, Add option to set a specific FS for alternates</li> <li><a href="https://github.com/go-git/go-git/commit/4f614891047bae5d0f7a253f014175505b9821d7"><code>4f61489</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/941">#941</a> from djmoch/filestats-rename</li> <li><a href="https://github.com/go-git/go-git/commit/ae552ce0bf32cddb689727c4c9fa6bf4d3bd6499"><code>ae552ce</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/939">#939</a> from dhoizner/fix-pull-after-shallow</li> <li><a href="https://github.com/go-git/go-git/commit/cc1895b905ebadb09504d88444ff05932fa6e928"><code>cc1895b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/950">#950</a> from aymanbagabas/validate-ref</li> <li><a href="https://github.com/go-git/go-git/commit/de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd"><code>de1d5a5</code></a> git: validate reference names</li> <li><a href="https://github.com/go-git/go-git/commit/d87110b492c94d99ebdaea732b23a54b7efba94b"><code>d87110b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/948">#948</a> from go-git/dependabot/go_modules/cli/go-git/github.c...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-29 14:38:17 +00:00
github.com/kevinburke/ssh_config v1.2.0 // indirect
github.com/klauspost/compress v1.16.5 // indirect
github.com/kolide/kit v0.0.0-20221107170827-fb85e3d59eab // indirect
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
github.com/magiconair/properties v1.8.5 // indirect
Bump github.com/getsentry/sentry-go from 0.12.0 to 0.18.0 (#9793) Bumps [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) from 0.12.0 to 0.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-go/releases">github.com/getsentry/sentry-go's releases</a>.</em></p> <blockquote> <h2>0.18.0</h2> <p>The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.18.0. This release contains initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a> and various other bug fixes and improvements.</p> <p><strong>Note</strong>: This is the last release supporting Go 1.17.</p> <h3>Features</h3> <ul> <li> <p>Initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a>. You can now send all your OpenTelemetry spans to Sentry.</p> <p>Install the <code>otel</code> module</p> <pre lang="bash"><code>go get github.com/getsentry/sentry-go \ github.com/getsentry/sentry-go/otel </code></pre> <p>Configure the Sentry and OpenTelemetry SDKs</p> <pre lang="go"><code>import ( &quot;go.opentelemetry.io/otel&quot; sdktrace &quot;go.opentelemetry.io/otel/sdk/trace&quot; &quot;github.com/getsentry/sentry-go&quot; &quot;github.com/getsentry/sentry-go/otel&quot; // ... ) <p>// Initlaize the Sentry SDK sentry.Init(sentry.ClientOptions{ Dsn: &quot;<strong>DSN</strong>&quot;, EnableTracing: true, TracesSampleRate: 1.0, })</p> <p>// Set up the Sentry span processor tp := sdktrace.NewTracerProvider( sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()), // ... ) otel.SetTracerProvider(tp)</p> <p>// Set up the Sentry propagator otel.SetTextMapPropagator(sentryotel.NewSentryPropagator()) </code></pre></p> <p>You can read more about using OpenTelemetry with Sentry in our <a href="https://docs.sentry.io/platforms/go/performance/instrumentation/opentelemetry/">docs</a>.</p> </li> </ul> <h3>Bug Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md">github.com/getsentry/sentry-go's changelog</a>.</em></p> <blockquote> <h2>0.18.0</h2> <p>The Sentry SDK team is happy to announce the immediate availability of Sentry Go SDK v0.18.0. This release contains initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a> and various other bug fixes and improvements.</p> <p><strong>Note</strong>: This is the last release supporting Go 1.17.</p> <h3>Features</h3> <ul> <li> <p>Initial support for <a href="https://opentelemetry.io/">OpenTelemetry</a>. You can now send all your OpenTelemetry spans to Sentry.</p> <p>Install the <code>otel</code> module</p> <pre lang="bash"><code>go get github.com/getsentry/sentry-go \ github.com/getsentry/sentry-go/otel </code></pre> <p>Configure the Sentry and OpenTelemetry SDKs</p> <pre lang="go"><code>import ( &quot;go.opentelemetry.io/otel&quot; sdktrace &quot;go.opentelemetry.io/otel/sdk/trace&quot; &quot;github.com/getsentry/sentry-go&quot; &quot;github.com/getsentry/sentry-go/otel&quot; // ... ) <p>// Initlaize the Sentry SDK sentry.Init(sentry.ClientOptions{ Dsn: &quot;<strong>DSN</strong>&quot;, EnableTracing: true, TracesSampleRate: 1.0, })</p> <p>// Set up the Sentry span processor tp := sdktrace.NewTracerProvider( sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()), // ... ) otel.SetTracerProvider(tp)</p> <p>// Set up the Sentry propagator otel.SetTextMapPropagator(sentryotel.NewSentryPropagator()) </code></pre></p> <p>You can read more about using OpenTelemetry with Sentry in our <a href="https://docs.sentry.io/platforms/go/performance/instrumentation/opentelemetry/">docs</a>.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-go/commit/4b97c8e66159e9da864d79c502e4cbf59eb38031"><code>4b97c8e</code></a> release: 0.18.0</li> <li><a href="https://github.com/getsentry/sentry-go/commit/79724631e3ad22e2c3a167dfa13936e4e4a6d5d0"><code>7972463</code></a> fix(release): Bump root module version in submodules (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/576">#576</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/612c16704968c81c84c2479cd9d74b4373a0e62a"><code>612c167</code></a> fix(build): Tidy otel submodule (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/575">#575</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/3ec394335539ae0d0de0e87c012c5a845ce8849f"><code>3ec3943</code></a> doc: Prepare 0.18.0 (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/572">#572</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/bb6e2bdbf0d32bf4645ab8a29fed6f3183ddfee7"><code>bb6e2bd</code></a> fix(otel): Use vendored bagggage implementation in propagator (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/573">#573</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/3964ecefd0682870f9e1891cf85231db52be6c07"><code>3964ece</code></a> fix(baggage): Update baggage parsing and encoding in vendored otel package (#...</li> <li><a href="https://github.com/getsentry/sentry-go/commit/ef3a838eef937b2d67445dbe70a3fae83e4ec718"><code>ef3a838</code></a> test: Add Codecov configuration file (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/569">#569</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/de904d6e9788a7e2c165bd4ec4dec06ea43c38b5"><code>de904d6</code></a> fix(otel): Require otel 1.11.0 and higher (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/567">#567</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/d0a2aa3ebdba03d70bf5228c585cae1f2a800424"><code>d0a2aa3</code></a> fix: Create a frozen DSC when calling ToBaggage (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/566">#566</a>)</li> <li><a href="https://github.com/getsentry/sentry-go/commit/fb7618028bababd9197569610a87e59bdacb037e"><code>fb76180</code></a> release: Update .craft.yml to be ready for otel submodule release (<a href="https://github-redirect.dependabot.com/getsentry/sentry-go/issues/565">#565</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-go/compare/v0.12.0...v0.18.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/getsentry/sentry-go&package-manager=go_modules&previous-version=0.12.0&new-version=0.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-28 02:24:03 +00:00
github.com/mattn/go-colorable v0.1.13 // indirect
github.com/mattn/go-ieproxy v0.0.1 // indirect
github.com/mattn/go-isatty v0.0.17 // indirect
github.com/mattn/go-runewidth v0.0.9 // indirect
github.com/mattn/go-tty v0.0.3 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
github.com/mitchellh/copystructure v1.2.0 // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/mitchellh/mapstructure v1.4.3 // indirect
github.com/mitchellh/reflectwalk v1.0.2 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.0.3-0.20211202183452-c5a74bcca799 // indirect
github.com/oschwald/maxminddb-golang v1.10.0 // indirect
github.com/pelletier/go-toml v1.9.4 // indirect
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@​steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@​anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@​anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@​steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/5d08d3bd94c65a3b6c25c6fba6907d12b0dac4ca"><code>5d08d3b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/958">#958</a> from pjbgf/workval</li> <li><a href="https://github.com/go-git/go-git/commit/5bd1d8f4abcfbf1345a1e5a5ec9a96121f3746dc"><code>5bd1d8f</code></a> build: Ensure checkout is the first operation</li> <li><a href="https://github.com/go-git/go-git/commit/b2c19824771bbcbb21abb51abb319c1a610aa6b3"><code>b2c1982</code></a> git: worktree, Align validation with upstream rules</li> <li><a href="https://github.com/go-git/go-git/commit/cec7da63ca0412fce55a0bf0715b7ba44a41eaa2"><code>cec7da6</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/953">#953</a> from pjbgf/alternates</li> <li><a href="https://github.com/go-git/go-git/commit/8b47ceb1aa854f3c3bfa1c347157a04324fcd51e"><code>8b47ceb</code></a> storage: filesystem, Add option to set a specific FS for alternates</li> <li><a href="https://github.com/go-git/go-git/commit/4f614891047bae5d0f7a253f014175505b9821d7"><code>4f61489</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/941">#941</a> from djmoch/filestats-rename</li> <li><a href="https://github.com/go-git/go-git/commit/ae552ce0bf32cddb689727c4c9fa6bf4d3bd6499"><code>ae552ce</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/939">#939</a> from dhoizner/fix-pull-after-shallow</li> <li><a href="https://github.com/go-git/go-git/commit/cc1895b905ebadb09504d88444ff05932fa6e928"><code>cc1895b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/950">#950</a> from aymanbagabas/validate-ref</li> <li><a href="https://github.com/go-git/go-git/commit/de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd"><code>de1d5a5</code></a> git: validate reference names</li> <li><a href="https://github.com/go-git/go-git/commit/d87110b492c94d99ebdaea732b23a54b7efba94b"><code>d87110b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/948">#948</a> from go-git/dependabot/go_modules/cli/go-git/github.c...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-29 14:38:17 +00:00
github.com/pjbgf/sha1cd v0.3.0 // indirect
github.com/pkg/term v0.0.0-20190109203006-aa71e9d9e942 // indirect
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
github.com/prometheus/client_model v0.2.0 // indirect
github.com/prometheus/common v0.37.0 // indirect
github.com/prometheus/procfs v0.8.0 // indirect
github.com/rcrowley/go-metrics v0.0.0-20200313005456-10cdbea86bc0 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect
2023-11-02 02:11:35 +00:00
github.com/secure-systems-lab/go-securesystemslib v0.5.0 // indirect
github.com/sergi/go-diff v1.2.0 // indirect
2023-11-02 02:11:35 +00:00
github.com/shoenig/go-m1cpu v0.1.6 // indirect
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@​steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@​anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@​anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@​steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/5d08d3bd94c65a3b6c25c6fba6907d12b0dac4ca"><code>5d08d3b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/958">#958</a> from pjbgf/workval</li> <li><a href="https://github.com/go-git/go-git/commit/5bd1d8f4abcfbf1345a1e5a5ec9a96121f3746dc"><code>5bd1d8f</code></a> build: Ensure checkout is the first operation</li> <li><a href="https://github.com/go-git/go-git/commit/b2c19824771bbcbb21abb51abb319c1a610aa6b3"><code>b2c1982</code></a> git: worktree, Align validation with upstream rules</li> <li><a href="https://github.com/go-git/go-git/commit/cec7da63ca0412fce55a0bf0715b7ba44a41eaa2"><code>cec7da6</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/953">#953</a> from pjbgf/alternates</li> <li><a href="https://github.com/go-git/go-git/commit/8b47ceb1aa854f3c3bfa1c347157a04324fcd51e"><code>8b47ceb</code></a> storage: filesystem, Add option to set a specific FS for alternates</li> <li><a href="https://github.com/go-git/go-git/commit/4f614891047bae5d0f7a253f014175505b9821d7"><code>4f61489</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/941">#941</a> from djmoch/filestats-rename</li> <li><a href="https://github.com/go-git/go-git/commit/ae552ce0bf32cddb689727c4c9fa6bf4d3bd6499"><code>ae552ce</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/939">#939</a> from dhoizner/fix-pull-after-shallow</li> <li><a href="https://github.com/go-git/go-git/commit/cc1895b905ebadb09504d88444ff05932fa6e928"><code>cc1895b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/950">#950</a> from aymanbagabas/validate-ref</li> <li><a href="https://github.com/go-git/go-git/commit/de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd"><code>de1d5a5</code></a> git: validate reference names</li> <li><a href="https://github.com/go-git/go-git/commit/d87110b492c94d99ebdaea732b23a54b7efba94b"><code>d87110b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/948">#948</a> from go-git/dependabot/go_modules/cli/go-git/github.c...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-29 14:38:17 +00:00
github.com/skeema/knownhosts v1.2.1 // indirect
github.com/slack-go/slack v0.9.4 // indirect
github.com/spf13/afero v1.6.0 // indirect
github.com/spf13/jwalterweatherman v1.1.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
enforce an uniform collation for all tables (#10515) related to #10441, inspired by the prior work done in https://github.com/kolide/fleet/pull/1360, this PR: 1. Adds a migration to use `utf8mb4_general_ci` as the default collation for the database and all the tables. From [MySQL's documentation][1]: > To change the table default character set and all character columns > (CHAR, VARCHAR, TEXT) to a new character set, use a statement like > this: > > ``` > ALTER TABLE tbl_name CONVERT TO CHARACTER SET charset_name; > ``` > The statement also changes the collation of all character columns. If > you specify no COLLATE clause to indicate which collation to use, the > statement uses default collation for the character set. 2. Changes the connection settings to use `utf8mb4_general_ci` as the default collation, from the [driver docs][2]: > Sets the collation used for client-server interaction on connection. In contrast to charset, collation does not issue additional queries. If the specified collation is unavailable on the target server, the connection will fail. [1]: https://dev.mysql.com/doc/refman/5.7/en/alter-table.html [2]: https://github.com/go-sql-driver/mysql **TODO:** discuss how we can enforce this, is setting the database default collation enough? should we add some kind of custom lint rule to all migrations? # Checklist for submitter If some of the following don't apply, delete the relevant line. - [x] Changes file added for user-visible changes in `changes/` or `orbit/changes/`. See [Changes files](https://fleetdm.com/docs/contributing/committing-changes#changes-files) for more information. - [x] Added/updated tests - [x] Manual QA for all new/changed functionality
2023-03-16 18:49:24 +00:00
github.com/stretchr/objx v0.5.0 // indirect
github.com/subosito/gotenv v1.2.0 // indirect
github.com/tchap/go-patricia/v2 v2.3.1 // indirect
github.com/technoweenie/multipartstreamer v1.0.1 // indirect
2023-11-02 02:11:35 +00:00
github.com/tklauser/go-sysconf v0.3.11 // indirect
github.com/tklauser/numcpus v0.6.0 // indirect
github.com/trivago/tgo v1.0.7 // indirect
github.com/valyala/bytebufferpool v1.0.0 // indirect
github.com/vartanbeno/go-reddit/v2 v2.0.0 // indirect
github.com/xanzy/go-gitlab v0.50.3 // indirect
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0 (#15841) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/go-git/go-git/releases">github.com/go-git/go-git/v5's releases</a>.</em></p> <blockquote> <h2>v5.11.0</h2> <h2>What's Changed</h2> <ul> <li>git: validate reference names (<a href="https://redirect.github.com/go-git/go-git/issues/929">#929</a>) by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/950">go-git/go-git#950</a></li> <li>git: stop iterating at oldest shallow when pulling. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/305">#305</a> by <a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li>plumbing: object, enable renames in getFileStatsFromFilePatches by <a href="https://github.com/djmoch"><code>@​djmoch</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> <li>storage: filesystem, Add option to set a specific FS for alternates by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/953">go-git/go-git#953</a></li> <li>Align worktree validation with upstream and remove build warnings by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/958">go-git/go-git#958</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dhoizner"><code>@​dhoizner</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/939">go-git/go-git#939</a></li> <li><a href="https://github.com/djmoch"><code>@​djmoch</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/941">go-git/go-git#941</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0">https://github.com/go-git/go-git/compare/v5.10.1...v5.11.0</a></p> <h2>v5.10.1</h2> <h2>What's Changed</h2> <ul> <li>Worktree, ignore ModeSocket files by <a href="https://github.com/steiler"><code>@​steiler</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> <li>git: add tracer package by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/916">go-git/go-git#916</a></li> <li>remote: Flip clause for fast-forward only check by <a href="https://github.com/adityasaky"><code>@​adityasaky</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/875">go-git/go-git#875</a></li> <li>plumbing: transport/ssh, Fix nil pointer dereference caused when an unreachable proxy server is set. Fixes <a href="https://redirect.github.com/go-git/go-git/issues/900">#900</a> by <a href="https://github.com/anandf"><code>@​anandf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li>plumbing: uppload-server-info, implement upload-server-info by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/896">go-git/go-git#896</a></li> <li>plumbing: optimise memory consumption for filesystem storage by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/799">go-git/go-git#799</a></li> <li>plumbing: format/packfile, Refactor patch delta by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/908">go-git/go-git#908</a></li> <li>plumbing: fix empty uploadpack request error by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/932">go-git/go-git#932</a></li> <li>plumbing: transport/git, Improve tests error message by <a href="https://github.com/pjbgf"><code>@​pjbgf</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/752">go-git/go-git#752</a></li> <li>plumbing: format/pktline, Respect pktline error-line errors by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/936">go-git/go-git#936</a></li> <li>utils: remove ioutil.Pipe and use std library io.Pipe by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/922">go-git/go-git#922</a></li> <li>utils: move trace to utils by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/931">go-git/go-git#931</a></li> <li>cli: separate go module for cli by <a href="https://github.com/aymanbagabas"><code>@​aymanbagabas</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/914">go-git/go-git#914</a></li> <li>build: bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/887">go-git/go-git#887</a></li> <li>build: bump actions/setup-go from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/891">go-git/go-git#891</a></li> <li>build: bump github.com/skeema/knownhosts from 1.2.0 to 1.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/888">go-git/go-git#888</a></li> <li>build: bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/890">go-git/go-git#890</a></li> <li>build: bump golang.org/x/sys from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/907">go-git/go-git#907</a></li> <li>build: bump golang.org/x/text from 0.13.0 to 0.14.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/906">go-git/go-git#906</a></li> <li>build: bump golang.org/x/crypto from 0.14.0 to 0.15.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/917">go-git/go-git#917</a></li> <li>build: bump golang.org/x/net from 0.17.0 to 0.18.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/918">go-git/go-git#918</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/anandf"><code>@​anandf</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/901">go-git/go-git#901</a></li> <li><a href="https://github.com/steiler"><code>@​steiler</code></a> made their first contribution in <a href="https://redirect.github.com/go-git/go-git/pull/930">go-git/go-git#930</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1">https://github.com/go-git/go-git/compare/v5.10.0...v5.10.1</a></p> <h2>v5.10.0</h2> <h2>What's Changed</h2> <ul> <li>PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by <a href="https://github.com/ThinkChaos"><code>@​ThinkChaos</code></a> in <a href="https://redirect.github.com/go-git/go-git/pull/782">go-git/go-git#782</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/go-git/go-git/commit/5d08d3bd94c65a3b6c25c6fba6907d12b0dac4ca"><code>5d08d3b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/958">#958</a> from pjbgf/workval</li> <li><a href="https://github.com/go-git/go-git/commit/5bd1d8f4abcfbf1345a1e5a5ec9a96121f3746dc"><code>5bd1d8f</code></a> build: Ensure checkout is the first operation</li> <li><a href="https://github.com/go-git/go-git/commit/b2c19824771bbcbb21abb51abb319c1a610aa6b3"><code>b2c1982</code></a> git: worktree, Align validation with upstream rules</li> <li><a href="https://github.com/go-git/go-git/commit/cec7da63ca0412fce55a0bf0715b7ba44a41eaa2"><code>cec7da6</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/953">#953</a> from pjbgf/alternates</li> <li><a href="https://github.com/go-git/go-git/commit/8b47ceb1aa854f3c3bfa1c347157a04324fcd51e"><code>8b47ceb</code></a> storage: filesystem, Add option to set a specific FS for alternates</li> <li><a href="https://github.com/go-git/go-git/commit/4f614891047bae5d0f7a253f014175505b9821d7"><code>4f61489</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/941">#941</a> from djmoch/filestats-rename</li> <li><a href="https://github.com/go-git/go-git/commit/ae552ce0bf32cddb689727c4c9fa6bf4d3bd6499"><code>ae552ce</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/939">#939</a> from dhoizner/fix-pull-after-shallow</li> <li><a href="https://github.com/go-git/go-git/commit/cc1895b905ebadb09504d88444ff05932fa6e928"><code>cc1895b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/950">#950</a> from aymanbagabas/validate-ref</li> <li><a href="https://github.com/go-git/go-git/commit/de1d5a5978b9599ca3dacd58bbf699e4bb4cf6bd"><code>de1d5a5</code></a> git: validate reference names</li> <li><a href="https://github.com/go-git/go-git/commit/d87110b492c94d99ebdaea732b23a54b7efba94b"><code>d87110b</code></a> Merge pull request <a href="https://redirect.github.com/go-git/go-git/issues/948">#948</a> from go-git/dependabot/go_modules/cli/go-git/github.c...</li> <li>Additional commits viewable in <a href="https://github.com/go-git/go-git/compare/v5.4.2...v5.11.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-git/go-git/v5&package-manager=go_modules&previous-version=5.4.2&new-version=5.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-29 14:38:17 +00:00
github.com/xanzy/ssh-agent v0.3.3 // indirect
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
github.com/yashtewari/glob-intersection v0.1.0 // indirect
github.com/yusufpapurcu/wmi v1.2.2 // indirect
go.elastic.co/apm/module/apmhttp/v2 v2.3.0 // indirect
go.elastic.co/fastjson v1.1.0 // indirect
go.opencensus.io v0.24.0 // indirect
2023-11-02 02:11:35 +00:00
go.opentelemetry.io/otel/metric v1.19.0 // indirect
go.opentelemetry.io/otel/trace v1.19.0 // indirect
go.opentelemetry.io/proto/otlp v1.0.0 // indirect
gocloud.dev v0.24.0 // indirect
Bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#15741) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"><code>9d2ee97</code></a> ssh: implement strict KEX protocol changes</li> <li><a href="https://github.com/golang/crypto/commit/4e5a26183ecb4f9a0f85c8f8dbe7982885435436"><code>4e5a261</code></a> ssh: close net.Conn on all NewServerConn errors</li> <li><a href="https://github.com/golang/crypto/commit/152cdb1503ebc13bc0fbb68f92ee189ebf9e3d00"><code>152cdb1</code></a> x509roots/fallback: update bundle</li> <li><a href="https://github.com/golang/crypto/commit/fdfe1f8531a1adcc300c8eba98cb372044826d62"><code>fdfe1f8</code></a> ssh: defer channel window adjustment</li> <li><a href="https://github.com/golang/crypto/commit/b8ffc16e10063067bac0e15c6d7f7995937503ce"><code>b8ffc16</code></a> blake2b: drop Go 1.6, Go 1.8 compatibility</li> <li><a href="https://github.com/golang/crypto/commit/7e6fbd82c804e1760feb603fe21caecb0af0a124"><code>7e6fbd8</code></a> ssh: wrap errors from client handshake</li> <li><a href="https://github.com/golang/crypto/commit/bda2f3f5cfce3f27039acccd823693f6d67c2a74"><code>bda2f3f</code></a> argon2: avoid clobbering BP</li> <li><a href="https://github.com/golang/crypto/commit/325b735346247f48971d2b37d24dd180a35f391f"><code>325b735</code></a> ssh/test: skip TestSSHCLIAuth on Windows</li> <li><a href="https://github.com/golang/crypto/commit/1eadac50a566dfaa1b603ca15e8ad3cbd1c77b20"><code>1eadac5</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/b2d7c26edb17864f117d8b0ee73c1843bcc6090f"><code>b2d7c26</code></a> ssh: add (*Client).DialContext method</li> <li>Additional commits viewable in <a href="https://github.com/golang/crypto/compare/v0.14.0...v0.17.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/crypto&package-manager=go_modules&previous-version=0.14.0&new-version=0.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fleetdm/fleet/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lucas Manuel Rodriguez <lucas@fleetdm.com>
2023-12-22 18:19:32 +00:00
golang.org/x/term v0.15.0 // indirect
golang.org/x/time v0.3.0 // indirect
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
2023-11-02 02:11:35 +00:00
google.golang.org/api v0.128.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
2023-11-02 02:11:35 +00:00
google.golang.org/genproto v0.0.0-20231002182017-d307bd883b97 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20231012201019-e917dd12ba7a // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20231012201019-e917dd12ba7a // indirect
google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
gopkg.in/mail.v2 v2.3.1 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
gotest.tools/v3 v3.0.3 // indirect
)
replace github.com/micromdm/nanodep => github.com/fleetdm/nanodep v0.1.1-0.20221221202251-71b67ab1da24
Add Apple MDM functionality (#7940) * WIP * Adding DEP functionality to Fleet * Better organize additional MDM code * Add cmdr.py and amend API paths * Fix lint * Add demo file * Fix demo.md * go mod tidy * Add munki setup to Fleet * Add diagram to demo.md * Add fixes * Update TODOs and demo.md * Fix cmdr.py and add TODO * Add endpoints to demo.md * Add more Munki PoC/demo stuff * WIP * Remove proposals from PoC * Replace prepare commands with fleetctl commands * Update demo.md with current state * Remove config field * Amend demo * Remove Munki setup from MVP-Dogfood * Update demo.md * Add apple mdm commands (#7769) * fleetctl enqueue mdm command * fix deps * Fix build Co-authored-by: Lucas Rodriguez <lucas@fleetdm.com> * Add command to upload installers * go mod tidy * fix subcommands help There is a bug in urfave/cli where help text is not generated properly when subcommands are nested too deep. * Add support for installing apps * Add a way to list enrolled devices * Add dep listing * Rearrange endpoints * Move DEP routine to schedule * Define paths globally * Add a way to list enrollments and installers * Parse device-ids as comma-separated string * Remove unused types * Add simple commands and nest under enqueue-command * Fix simple commands * Add help to enqueue-command * merge apple_mdm database * Fix commands * update nanomdm * Split nanomdm and nanodep schemas * Set 512 MB in memory for upload * Remove empty file * Amend profile * Add sample commands * Add delete installers and fix bug in DEP profile assigning * Add dogfood.md deployment guide * Update schema.sql * Dump schema with MySQL 5 * Set default value for authenticate_at * add tokens to enrollment profiles When a device downloads an MDM enrollment profile, verify the token passed as a query parameter. This ensures untrusted devices don't enroll with our MDM server. - Rename enrollments to enrollment profiles. Enrollments is used by nano to refer to devices that are enrolled with MDM - Rename endpoint /api/<version>/fleet/mdm/apple/enrollments to ../enrollmentprofiles - Generate a token for authentication when creating an enrollment profile - Return unauthorized if token is invalid when downloading an enrollment profile from /api/mdm/apple/enroll?token= * remove mdm apple server url * update docs * make dump-test-schema * Update nanomdm with missing prefix table * Add docs and simplify changes * Add changes file * Add method docs * Fix compile and revert prepare.go changes * Revert migration status check change * Amend comments * Add more docs * Clarify storage of installers * Remove TODO * Remove unused * update dogfood.md * remove cmdr.py * Add authorization tests * Add TODO comment * use kitlog for nano logging * Add yaml tags * Remove unused flag * Remove changes file * Only run DEP routine if MDM is enabled * Add docs to all new exported types * Add docs * more nano logging changes * Fix unintentional removal * more nano logging changes * Fix compile test * Use string for configs and fix config test * Add docs and amend changes * revert changes to basicAuthHandler * remove exported BasicAuthHandler * rename rego authz type * Add more information to dep list * add db tag * update deps * Fix schema * Remove unimplemented Co-authored-by: Michal Nicpon <39177923+michalnicp@users.noreply.github.com> Co-authored-by: Michal Nicpon <michal@fleetdm.com>
2022-10-05 22:53:54 +00:00
replace github.com/micromdm/scep/v2 => github.com/fleetdm/scep/v2 v2.1.1-0.20240111143358-4df608a81afd