From 690ebbb604231ca25bf133ac3cf381ff9629ee1f Mon Sep 17 00:00:00 2001 From: Samuel Dufel Date: Wed, 24 Jul 2024 08:33:34 -0700 Subject: [PATCH] Update go dependency to 1.22; update yaml dep to avoid CVE With the CVEs present in go < 1.22.1, it makes sense to update now --- .github/workflows/go.yml | 14 +++++++------- go.mod | 4 ++-- go.sum | 3 ++- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index f23c3f6..a6b93b9 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -10,7 +10,7 @@ jobs: deps: strategy: matrix: - version: ['1.18.0', '1.18.1'] + version: ['1.22.0'] runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 @@ -27,7 +27,7 @@ jobs: needs: ["deps"] strategy: matrix: - version: ['1.18.0', '1.18.1'] + version: ['1.22.0'] runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 @@ -37,7 +37,7 @@ jobs: go-version: ${{ matrix.version }} - name: Main branch coverage uses: actions/cache@v3 - if: matrix.version == '1.18.1' + if: matrix.version == '1.22.0' with: path: | main.lcov @@ -48,14 +48,14 @@ jobs: run: go test -v -coverprofile coverage.out -race ./... - name: Bench run: go test -v -run ^$ -bench . ./... - - uses: jandelgado/gcov2lcov-action@v1.0.5 - if: matrix.version == '1.18.1' + - uses: jandelgado/gcov2lcov-action@v1.0.9 + if: matrix.version == '1.22.0' - name: Store main branch lcov - if: github.ref == 'refs/heads/main' && matrix.version == '1.18.1' + if: github.ref == 'refs/heads/main' && matrix.version == '1.22.0' run: cp coverage.lcov main.lcov - name: Code Coverage Report uses: osmind-development-org/lcov-reporter-action@v0.3.2 - if: matrix.version == '1.18.1' && github.event_name == 'pull_request' + if: matrix.version == '1.22.0' && github.event_name == 'pull_request' with: lcov-file: ./coverage.lcov lcov-base: ./main.lcov diff --git a/go.mod b/go.mod index 85e57a3..c2df720 100644 --- a/go.mod +++ b/go.mod @@ -1,11 +1,11 @@ module github.com/Shopify/kitt -go 1.18 +go 1.22 require github.com/stretchr/testify v1.7.1 require ( github.com/davecgh/go-spew v1.1.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 2dca7c9..9f84006 100644 --- a/go.sum +++ b/go.sum @@ -7,5 +7,6 @@ github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMT github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=