Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[RHOAIENG-10904] Updated istio versions based on go version 1.21 #396

Merged
merged 1 commit into from
Aug 16, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 21 additions & 13 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,10 @@ require (
gomodules.xyz/jsonpatch/v2 v2.4.0
google.golang.org/api v0.151.0
google.golang.org/protobuf v1.33.0
istio.io/api v1.19.4
istio.io/api v1.21.5
istio.io/client-go v1.19.4
k8s.io/api v0.28.4
k8s.io/apimachinery v0.28.4
k8s.io/api v0.29.0
k8s.io/apimachinery v0.29.0
Comment on lines +31 to +32
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are also bumped. Was there a reason?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe these were the same case -- automatically upgrading after running go mod tidy; after upgrading the istio libs

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

left a comment in the upstream PR.

k8s.io/client-go v0.28.4
k8s.io/code-generator v0.28.4
k8s.io/klog v1.0.0
Expand All @@ -42,7 +42,7 @@ require (
)

require (
cloud.google.com/go v0.110.10 // indirect
cloud.google.com/go v0.111.0 // indirect
cloud.google.com/go/compute v1.23.3 // indirect
cloud.google.com/go/compute/metadata v0.2.3 // indirect
cloud.google.com/go/iam v1.1.5 // indirect
Expand All @@ -58,7 +58,8 @@ require (
github.com/evanphx/json-patch/v5 v5.7.0 // indirect
github.com/go-kit/log v0.2.1 // indirect
github.com/go-logfmt/logfmt v0.6.0 // indirect
github.com/go-logr/zapr v1.3.0 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-logr/zapr v1.2.4 // indirect
github.com/go-openapi/jsonpointer v0.20.0 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/swag v0.22.4 // indirect
Expand Down Expand Up @@ -98,6 +99,9 @@ require (
github.com/tidwall/match v1.1.1 // indirect
github.com/tidwall/pretty v1.2.1 // indirect
go.opencensus.io v0.24.0 // indirect
go.opentelemetry.io/otel v1.19.0 // indirect
go.opentelemetry.io/otel/metric v1.19.0 // indirect
go.opentelemetry.io/otel/trace v1.19.0 // indirect
go.uber.org/atomic v1.11.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/crypto v0.21.0 // indirect
Expand All @@ -113,10 +117,10 @@ require (
golang.org/x/tools v0.15.0 // indirect
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
google.golang.org/appengine v1.6.8 // indirect
google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect
google.golang.org/grpc v1.59.0 // indirect
google.golang.org/genproto v0.0.0-20240116215550-a9fa1716bcac // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20240116215550-a9fa1716bcac // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240116215550-a9fa1716bcac // indirect
google.golang.org/grpc v1.60.1 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
Expand All @@ -129,7 +133,11 @@ require (
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
)

// Fixes CVE-2022-21698 and CVE-2023-45142
// this dependency comes from k8s.io/[email protected] and k8s.io/[email protected]
// before removing it make sure that the next version of the related k8s dependencies contains the fix
replace go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp => go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0
replace (
// Fixes CVE-2022-21698 and CVE-2023-45142
// this dependency comes from k8s.io/[email protected] and k8s.io/[email protected]
// before removing it make sure that the next version of the related k8s dependencies contains the fix
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp => go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.44.0
k8s.io/api => k8s.io/api v0.28.4
k8s.io/apimachinery => k8s.io/apimachinery v0.28.4
)
Loading
Loading