go
/
vulndb
зеркало из https://github.com/golang/vulndb.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
vulndb/go.sum

787 строки
76 KiB
Plaintext
Исходник Обычный вид История

go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc=
cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0=
cloud.google.com/go v0.50.0/go.mod h1:r9sluTvynVuxRIOHXQEHMFffphuXHOMZMycpNR5e6To=
cloud.google.com/go v0.52.0/go.mod h1:pXajvRH/6o3+F9jDHZWQ5PbGhn+o8w9qiu/CffaVdO4=
cloud.google.com/go v0.53.0/go.mod h1:fp/UouUEsRkN6ryDKNW/Upv/JBKnv6WDthjR6+vze6M=
cloud.google.com/go v0.54.0/go.mod h1:1rq2OEkV3YMf6n/9ZvGWI3GWw0VoqH/1x2nd8Is/bPc=
cloud.google.com/go v0.56.0/go.mod h1:jr7tqZxxKOVYizybht9+26Z/gUq7tiRzu+ACVAMbKVk=
cloud.google.com/go v0.57.0/go.mod h1:oXiQ6Rzq3RAkkY7N6t3TcE6jE+CIBBbA36lwQ1JyzZs=
cloud.google.com/go v0.62.0/go.mod h1:jmCYTdRCQuc1PHIIJ/maLInMho30T/Y0M4hTdTShOYc=
cloud.google.com/go v0.65.0/go.mod h1:O5N8zS7uWy9vkA9vayVHs65eM1ubvY4h553ofrNHObY=
cloud.google.com/go v0.72.0/go.mod h1:M+5Vjvlc2wnp6tjzE102Dw08nGShTscUx2nZMufOKPI=
cloud.google.com/go v0.74.0/go.mod h1:VV1xSbzvo+9QJOxLDaJfTjx5e+MePCpCWwvftOeQmWk=
cloud.google.com/go v0.78.0/go.mod h1:QjdrLG0uq+YwhjoVOLsS1t7TW8fs36kLs4XO5R5ECHg=
cloud.google.com/go v0.79.0/go.mod h1:3bzgcEeQlzbuEAYu4mrWhKqWjmpprinYgKJLgKHnbb8=
cloud.google.com/go v0.81.0/go.mod h1:mk/AM35KwGk/Nm2YSeZbxXdrNK3KZOYHmLkOqC2V6E0=
cloud.google.com/go v0.83.0/go.mod h1:Z7MJUsANfY0pYPdw0lbnivPx4/vhy/e2FEkSkF7vAVY=
cloud.google.com/go v0.84.0/go.mod h1:RazrYuxIK6Kb7YrzzhPoLmCVzl7Sup4NrbKPg8KHSUM=
cloud.google.com/go v0.87.0/go.mod h1:TpDYlFy7vuLzZMMZ+B6iRiELaY7z/gJPaqbMx6mlWcY=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
cloud.google.com/go v0.88.0/go.mod h1:dnKwfYbP9hQhefiUvpbcAyoGSHUrOxR20JVElLiUvEY=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
cloud.google.com/go v0.90.0/go.mod h1:kRX0mNRHe0e2rC6oNakvwQqzyDmg57xJ+SZU1eT2aDQ=
cloud.google.com/go v0.92.2/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI=
cloud.google.com/go v0.93.3/go.mod h1:8utlLll2EF5XMAV15woO4lSbWQlk8rer9aLOfLh7+YI=
cloud.google.com/go v0.94.1/go.mod h1:qAlAugsXlC+JWO+Bke5vCtc9ONxjQT3drlTTnAplMW4=
cloud.google.com/go v0.97.0/go.mod h1:GF7l59pYBVlXQIBLx3a761cZ41F9bBH3JUlihCt2Udc=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
cloud.google.com/go v0.99.0/go.mod h1:w0Xx2nLzqWJPuozYQX+hFfCSI8WioryfRDzkoI/Y2ZA=
cloud.google.com/go v0.100.2 h1:t9Iw5QH5v4XtlEQaCtUY7x6sCABps8sW0acw7e2WQ6Y=
cloud.google.com/go v0.100.2/go.mod h1:4Xra9TjzAeYHrl5+oeLlzbM2k3mjVhZh4UqTZ//w99A=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o=
cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE=
cloud.google.com/go/bigquery v1.4.0/go.mod h1:S8dzgnTigyfTmLBfrtrhyYhwRxG72rYxvftPBK2Dvzc=
cloud.google.com/go/bigquery v1.5.0/go.mod h1:snEHRnqQbz117VIFhE8bmtwIDY80NLUZUMb4Nv6dBIg=
cloud.google.com/go/bigquery v1.7.0/go.mod h1://okPTzCYNXSlb24MZs83e2Do+h+VXtc4gLoIoXIAPc=
cloud.google.com/go/bigquery v1.8.0/go.mod h1:J5hqkt3O0uAFnINi6JXValWIb1v0goeZM77hZzJN/fQ=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
cloud.google.com/go/compute v0.1.0/go.mod h1:GAesmwr110a34z04OlxYkATPBEfVhkymfTBXtfbBFow=
cloud.google.com/go/compute v1.2.0/go.mod h1:xlogom/6gr8RJGBe7nT2eGsQYAFUbbv8dbC29qE3Xmw=
{cmd,internal}/worker: scan modules Complete support for scanning modules. - Add scan-modules command to cmd/worker. - Remember modules we scanned in the Store. - Track the last-modified vuln DB time to avoid unnecessary re-scanning. Change-Id: Id2b6d3b2d91c6617d31f4fe6997babba2db220bd Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/393695 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-03-17 22:22:37 +03:00
cloud.google.com/go/compute v1.3.0 h1:mPL/MzDDYHsh5tHRS9mhmhWlcgClCrCa6ApQCU6wnHI=
cloud.google.com/go/compute v1.3.0/go.mod h1:cCZiE1NHEtai4wiufUhW8I8S1JKkAnhnQJWM7YD99wM=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE=
cloud.google.com/go/datastore v1.1.0/go.mod h1:umbIZjpQpHh4hmRpGhH4tLFup+FVzqBi1b3c64qFpCk=
cloud.google.com/go/errorreporting v0.1.0 h1:z40EhrjRspplwbpO+9DSnC4kgDokBi94T/gYwtdKL5Q=
cloud.google.com/go/errorreporting v0.1.0/go.mod h1:cZSiBMvrnl0X13pD9DwKf9sQ8Eqy3EzHqkyKBZxiIrM=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
cloud.google.com/go/firestore v1.6.1 h1:8rBq3zRjnHx8UtBvaOWqBB1xq9jH6/wltfQLlTMh2Fw=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
cloud.google.com/go/firestore v1.6.1/go.mod h1:asNXNOzBdyVQmEU+ggO8UPodTkEVFW5Qx+rwHnAz+EY=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
cloud.google.com/go/monitoring v1.2.0 h1:fEvQITrhVcPM6vuDQcgPMbU5kZFeQFwZmE7v6+S8BPo=
cloud.google.com/go/monitoring v1.2.0/go.mod h1:tE8I08OzjWmXLhCopnPaUDpfGOEJOonfWXGR9E9SsFo=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I=
cloud.google.com/go/pubsub v1.1.0/go.mod h1:EwwdRX2sKPjnvnqCa270oGRyludottCI76h+R3AArQw=
cloud.google.com/go/pubsub v1.2.0/go.mod h1:jhfEVHT8odbXTkndysNHCcx0awwzvfOlguIAii9o8iA=
cloud.google.com/go/pubsub v1.3.1/go.mod h1:i+ucay31+CNRpDW4Lu78I4xXG+O1r/MAHgjpRVR+TSU=
cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw=
cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0ZeosJ0Rtdos=
cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
cloud.google.com/go/trace v1.0.0 h1:laKx2y7IWMjguCe5zZx6n7qLtREk4kyE69SXVC0VSN8=
cloud.google.com/go/trace v1.0.0/go.mod h1:4iErSByzxkyHWzzlAj63/Gmjz0NH1ASqhJguHpGcr6A=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
checks.bash: replace all.bash all.bash is replaced with the checks.bash setup from x/vuln, so that tests run on TryBots. Change-Id: I49f2265343e9e962b8587eb9a733a52651466737 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373156 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-18 02:11:51 +03:00
github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
github.com/GoogleCloudPlatform/opentelemetry-operations-go v1.0.0 h1:P0hYueIjEq6369G9yWrWwkPXBoZjkfDGgyKIvD3pAow=
github.com/GoogleCloudPlatform/opentelemetry-operations-go v1.0.0/go.mod h1:geb44fAt9lV9fz0j6acdmxMOj+sVDFDXAGpzVtvPUh4=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.26.0 h1:W5wZekY1XeYeGTEakhI1pAZBIIlk71aFYWV/penzLJw=
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric v0.26.0/go.mod h1:KKljpKOZZUG9ljcNQJgKV88u8CXbXibh6OqM9rMVlIA=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/trace v1.0.0 h1:38fNtfhHY6bs22b/D6+hDzO6JR0rDzpGPD36dY2uPL4=
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/trace v1.0.0/go.mod h1:jE23wM1jvwSKgdGcoOkj5j9n1VWtncW36pL2bK1JU+0=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/Microsoft/go-winio v0.4.16 h1:FtSW/jqD+l4ba5iPBj9CODVtgfYAD8w2wS923g/cFDk=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7 h1:YoJbenK9C67SkzkDfmQuVln04ygHj3vjZfd9FL+GmQQ=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A=
github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
checks.bash: replace all.bash all.bash is replaced with the checks.bash setup from x/vuln, so that tests run on TryBots. Change-Id: I49f2265343e9e962b8587eb9a733a52651466737 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373156 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-18 02:11:51 +03:00
github.com/client9/misspell v0.3.4 h1:ta993UF76GwbvJcIo3Y68y/M3WxlpEHPWIGDkJYwzJI=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
github.com/cncf/udpa/go v0.0.0-20200629203442-efcf912fb354/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/emirpasic/gods v1.12.0 h1:QAUIPSaCu4G+POclxeqb3F+WPpdKqFGlw36+yOzGlrg=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
github.com/envoyproxy/go-control-plane v0.9.7/go.mod h1:cwu0lG7PUMfa9snN8LXBig5ynNVH9qI8YYLbd1fK2po=
github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
github.com/felixge/httpsnoop v1.0.2 h1:+nS9g82KMXccJ/wp0zyRW9ZBHFETmMGtkk+2CTTrW4o=
github.com/felixge/httpsnoop v1.0.2/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E=
github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/go-git/go-git-fixtures/v4 v4.2.1 h1:n9gGL1Ct/yIw+nfsfr8s4+sbhT+Ncu2SubfXjIWgci8=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/go-git/go-git/v5 v5.4.2 h1:BXyZu9t0VkbiHtqrsvdq39UDhGJTl1h55VW6CSC4aY4=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/go-git/go-git/v5 v5.4.2/go.mod h1:gQ1kArt6d+n+BGd+/B/I74HwRTLhth2+zti4ihgckDc=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
github.com/go-logr/logr v1.2.1/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
github.com/go-logr/logr v1.2.2 h1:ahHml/yUpnlb96Rp8HCvtYVPY8ZYpxq3g7UYchIYwbs=
go.mod: update to latest golang.org/x/exp Change-Id: I7c70b154ca48ff87ee122ceb07d318651ac62bb3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380439 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-25 20:35:32 +03:00
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
github.com/go-logr/stdr v1.2.0/go.mod h1:YkVgnZu1ZjjL7xTxrfm/LLZBfkhTqSR1ydtm6jTKKwI=
go.mod: update golang.org/x/exp Update the exp repo to the latest version. This will give us the new event metrics code, which we will then use for worker metrics. Also, add the -compat=1.17 flag to go mod tidy; otherwise it complains about maintaining 1.16 compatibility, which we don't care about. Change-Id: I5abb1aecb8b9d6b424223ea00680ea98bd29e4da Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386696 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-02-18 19:33:30 +03:00
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8=
github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk=
github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM=
github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw=
github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
go.mod: update golang.org/x/exp Update the exp repo to the latest version. This will give us the new event metrics code, which we will then use for worker metrics. Also, add the -compat=1.17 flag to go mod tidy; otherwise it complains about maintaining 1.16 compatibility, which we don't care about. Change-Id: I5abb1aecb8b9d6b424223ea00680ea98bd29e4da Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386696 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-02-18 19:33:30 +03:00
github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
cmd/vulnreport: check for presence of symbols in fix The "vulnreport fix" command now verifies that all symbols are present in the vulnerable package. The "vulnreport fix" command now only adds symbols to the derived_symbols field if they aren't already present in the symbols field. Change-Id: I1a1f1e44e92e66a4c3b141dbff9b8e8fea265870 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/412536 Run-TryBot: Damien Neil <dneil@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julieqiu@google.com>
2022-06-16 01:48:07 +03:00
github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
all: upgrade to github.com/google/go-github/v41 The v1 version hasn't been updated since 2018. Upgrade to the latest version which is v41. Change-Id: I1e9ae4a525aba4350e2cb674167d55ba9746e022 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/376374 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2022-01-07 19:17:54 +03:00
github.com/google/go-github/v41 v41.0.0 h1:HseJrM2JFf2vfiZJ8anY2hqBjdfY1Vlj/K27ueww4gg=
github.com/google/go-github/v41 v41.0.0/go.mod h1:XgmCA5H323A9rtgExdTcnDkcqp6S30AVACCBDOonIxg=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
github.com/google/martian/v3 v3.2.1/go.mod h1:oBOf6HBosgwRXnUGWUB05QECsc6uvmMiJ3+6W4l/CUk=
github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
github.com/google/pprof v0.0.0-20201023163331-3e6fc7fc9c4c/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/pprof v0.0.0-20201203190320-1bf35d6f28c2/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
github.com/google/pprof v0.0.0-20210715191844-86eeefc3e471/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/google/safehtml v0.0.2 h1:ZOt2VXg4x24bW0m2jtzAOkhoXV0iM8vNKc0paByCZqM=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/google/safehtml v0.0.2/go.mod h1:L4KWwDsUJdECRAEpZoBn3O64bQaywRscowZjJAzjHnU=
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
github.com/googleapis/gax-go/v2 v2.1.0/go.mod h1:Q3nei7sK6ybPYH7twZdmQpAd1MKb7pfu6SK+H1/DsU0=
github.com/googleapis/gax-go/v2 v2.1.1 h1:dp3bWCh+PPO1zjRRiCSczJav13sBvG4UhNyVTa1KqdU=
github.com/googleapis/gax-go/v2 v2.1.1/go.mod h1:hddJymUZASv3XPyGkUpKj8pPO47Rmb0eJc8R6ouapiM=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
github.com/googleinterns/cloud-operations-api-mock v0.0.0-20200709193332-a1e58c29bdd3 h1:eHv/jVY/JNop1xg2J9cBb4EzyMpWZoNCP1BslSAIkOI=
github.com/googleinterns/cloud-operations-api-mock v0.0.0-20200709193332-a1e58c29bdd3/go.mod h1:h/KNeRx7oYU4SpA4SoY7W2/NxDKEEVuwA6j9A27L4OI=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw=
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/jba/templatecheck v0.6.0 h1:SwM8C4hlK/YNLsdcXStfnHWE2HKkuTVwy5FKQHt5ro8=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/jba/templatecheck v0.6.0/go.mod h1:/1k7EajoSErFI9GLHAsiIJEaNLt3ALKNw2TV7z2SYv4=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo=
github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
checks.bash: replace all.bash all.bash is replaced with the checks.bash setup from x/vuln, so that tests run on TryBots. Change-Id: I49f2265343e9e962b8587eb9a733a52651466737 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373156 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-18 02:11:51 +03:00
github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e h1:aoZm08cpOy4WuID//EZDgcC4zIxODThtZNPirFr42+A=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
internal/observe: package for tracing and metrics Factor out the tracing and metrics code from the server and put it in its own package. This is a first step towards sharing it with other projects. Change-Id: I36a04933accc11300f360a410c00a10c8a132dda Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/435470 Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Tatiana Bradley <tatiana@golang.org> Reviewed-by: Julie Qiu <julieqiu@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-09-30 03:59:12 +03:00
github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/sergi/go-diff v1.1.0 h1:we8PVUC3FE2uYfodKH/nBHMSetSfHDR6scGdBi+erh0=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
internal/ghsa: a package for getting GitHub security advisories Change-Id: Ie8448aa59d09534fc3cde570590b5f9a609ae93e Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/383894 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Damien Neil <dneil@google.com> Trust: Damien Neil <dneil@google.com>
2022-02-08 01:51:23 +03:00
github.com/shurcooL/githubv4 v0.0.0-20220115235240-a14260e6f8a2 h1:82EIpiGB79OIPgSGa63Oj4Ipf+YAX1c6A9qjmEYoRXc=
github.com/shurcooL/githubv4 v0.0.0-20220115235240-a14260e6f8a2/go.mod h1:hAF0iLZy4td2EX+/8Tw+4nodhlMrwN3HupfaXj3zkGo=
github.com/shurcooL/graphql v0.0.0-20200928012149-18c5c3165e3a h1:KikTa6HtAK8cS1qjvUvvq4QO21QnwC+EfvB+OAuZ/ZU=
github.com/shurcooL/graphql v0.0.0-20200928012149-18c5c3165e3a/go.mod h1:AuYgA5Kyo4c7HfUmvRGs/6rGlMMV/6B1bVnB9JxJEEg=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk=
go.opencensus.io v0.23.0 h1:gqCw0LfLxScz8irSi8exQc7fyQ0fKQU/qnC/X8+V/1M=
go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.24.0 h1:qW6j1kJU24yo2xIu16Py4m4AXn1dd+s2uKllGnTFAm0=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.24.0/go.mod h1:7W3JSDYTtH3qKKHrS1fMiwLtK7iZFLPq1+7htfspX/E=
go.opentelemetry.io/otel v1.0.0-RC3/go.mod h1:Ka5j3ua8tZs4Rkq4Ex3hwgBgOchyPVq5S6P2lz//nKQ=
go.opentelemetry.io/otel v1.0.0/go.mod h1:AjRVh9A5/5DE7S+mZtTR6t8vpKKryam+0lREnfmS4cg=
go.opentelemetry.io/otel v1.0.1/go.mod h1:OPEOD4jIT2SlZPMmwT6FqZz2C0ZNdQqiWcoK6M0SNFU=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
go.opentelemetry.io/otel v1.3.0/go.mod h1:PWIKzi6JCp7sM0k9yZ43VX+T345uNbAkDKwHVjb2PTs=
go.mod: update golang.org/x/exp Update the exp repo to the latest version. This will give us the new event metrics code, which we will then use for worker metrics. Also, add the -compat=1.17 flag to go mod tidy; otherwise it complains about maintaining 1.16 compatibility, which we don't care about. Change-Id: I5abb1aecb8b9d6b424223ea00680ea98bd29e4da Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386696 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-02-18 19:33:30 +03:00
go.opentelemetry.io/otel v1.4.0 h1:7ESuKPq6zpjRaY5nvVDGiuwK7VAJ8MwkKnmNJ9whNZ4=
go.opentelemetry.io/otel v1.4.0/go.mod h1:jeAqMFKy2uLIxCtKxoFj0FAL5zAPKQagc3+GtBWakzk=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
go.opentelemetry.io/otel/internal/metric v0.23.0/go.mod h1:z+RPiDJe30YnCrOhFGivwBS+DU1JU/PiLKkk4re2DNY=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
go.opentelemetry.io/otel/internal/metric v0.26.0/go.mod h1:CbBP6AxKynRs3QCbhklyLUtpfzbqCLiafV9oY2Zj1Jk=
go.mod: update golang.org/x/exp Update the exp repo to the latest version. This will give us the new event metrics code, which we will then use for worker metrics. Also, add the -compat=1.17 flag to go mod tidy; otherwise it complains about maintaining 1.16 compatibility, which we don't care about. Change-Id: I5abb1aecb8b9d6b424223ea00680ea98bd29e4da Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386696 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-02-18 19:33:30 +03:00
go.opentelemetry.io/otel/internal/metric v0.27.0 h1:9dAVGAfFiiEq5NVB9FUJ5et+btbDQAUIJehJ+ikyryk=
go.opentelemetry.io/otel/internal/metric v0.27.0/go.mod h1:n1CVxRqKqYZtqyTh9U/onvKapPGv7y/rpyOTI+LFNzw=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
go.opentelemetry.io/otel/metric v0.23.0/go.mod h1:G/Nn9InyNnIv7J6YVkQfpc0JCfKBNJaERBGw08nqmVQ=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
go.opentelemetry.io/otel/metric v0.26.0/go.mod h1:c6YL0fhRo4YVoNs6GoByzUgBp36hBL523rECoZA5UWg=
go.mod: update golang.org/x/exp Update the exp repo to the latest version. This will give us the new event metrics code, which we will then use for worker metrics. Also, add the -compat=1.17 flag to go mod tidy; otherwise it complains about maintaining 1.16 compatibility, which we don't care about. Change-Id: I5abb1aecb8b9d6b424223ea00680ea98bd29e4da Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386696 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-02-18 19:33:30 +03:00
go.opentelemetry.io/otel/metric v0.27.0 h1:HhJPsGhJoKRSegPQILFbODU56NS/L1UE4fS1sC5kIwQ=
go.opentelemetry.io/otel/metric v0.27.0/go.mod h1:raXDJ7uP2/Jc0nVZWQjJtzoyssOYWu/+pjZqRzfvZ7g=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
go.opentelemetry.io/otel/sdk v1.0.1/go.mod h1:HrdXne+BiwsOHYYkBE5ysIcv2bvdZstxzmCQhxTcZkI=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
go.opentelemetry.io/otel/sdk v1.3.0/go.mod h1:rIo4suHNhQwBIPg9axF8V9CA72Wz2mKF1teNrup8yzs=
go.mod: update golang.org/x/exp Update the exp repo to the latest version. This will give us the new event metrics code, which we will then use for worker metrics. Also, add the -compat=1.17 flag to go mod tidy; otherwise it complains about maintaining 1.16 compatibility, which we don't care about. Change-Id: I5abb1aecb8b9d6b424223ea00680ea98bd29e4da Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386696 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-02-18 19:33:30 +03:00
go.opentelemetry.io/otel/sdk v1.4.0 h1:LJE4SW3jd4lQTESnlpQZcBhQ3oci0U2MLR5uhicfTHQ=
go.opentelemetry.io/otel/sdk v1.4.0/go.mod h1:71GJPNJh4Qju6zJuYl1CrYtXbrgfau/M9UAggqiy1UE=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
go.opentelemetry.io/otel/sdk/export/metric v0.26.0 h1:eNseg5yyZqaAAY+Att3owR3Bl0Is5rCZywqO1OrGx18=
go.opentelemetry.io/otel/sdk/export/metric v0.26.0/go.mod h1:UpqzSnUOjFeSIVQLPp3pYIXfB/MiMFyXXzYT/bercxQ=
go.opentelemetry.io/otel/sdk/metric v0.26.0 h1:7IKp3gc/ObieCtshBeYYVFp3ZP7xIH1OzODi1Wao90Y=
go.opentelemetry.io/otel/sdk/metric v0.26.0/go.mod h1:2VIeK0kS1YvRLFg3J58ptZTXYpiWlkq2n5RQt6w7He8=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
go.opentelemetry.io/otel/trace v1.0.0-RC3/go.mod h1:VUt2TUYd8S2/ZRX09ZDFZQwn2RqfMB5MzO17jBojGxo=
go.opentelemetry.io/otel/trace v1.0.0/go.mod h1:PXTWqayeFUlJV1YDNhsJYB184+IvAH814St6o6ajzIs=
go.opentelemetry.io/otel/trace v1.0.1/go.mod h1:5g4i4fKLaX2BQpSBsxw8YYcgKpMMSW3x7ZTuYBr3sUk=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
go.opentelemetry.io/otel/trace v1.3.0/go.mod h1:c/VDhno8888bvQYmbYLqe41/Ldmr/KKunbvWM4/fEjk=
go.mod: update golang.org/x/exp Update the exp repo to the latest version. This will give us the new event metrics code, which we will then use for worker metrics. Also, add the -compat=1.17 flag to go mod tidy; otherwise it complains about maintaining 1.16 compatibility, which we don't care about. Change-Id: I5abb1aecb8b9d6b424223ea00680ea98bd29e4da Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386696 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-02-18 19:33:30 +03:00
go.opentelemetry.io/otel/trace v1.4.0 h1:4OOUrPZdVFQkbzl/JSdvGCWIdw5ONXXxzHlaLlWppmo=
go.opentelemetry.io/otel/trace v1.4.0/go.mod h1:uc3eRsqDfWs9R7b92xbQbU42/eTNz4N+gLP8qJCi4aE=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
all: initial commit
2021-03-16 22:02:37 +03:00
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
all: initial commit
2021-03-16 22:02:37 +03:00
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
all: upgrade to github.com/google/go-github/v41 The v1 version hasn't been updated since 2018. Upgrade to the latest version which is v41. Change-Id: I1e9ae4a525aba4350e2cb674167d55ba9746e022 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/376374 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2022-01-07 19:17:54 +03:00
golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
all: update version of x/vuln used in x/vulndb Change-Id: Id6d01d71a6c1cc412ee073986ae80def1122bd20 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/452439 Reviewed-by: Tatiana Bradley <tatiana@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Run-TryBot: Maceo Thompson <maceothompson@google.com>
2022-11-21 21:44:46 +03:00
golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU=
golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek=
golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
golang.org/x/exp v0.0.0-20191129062945-2f5052295587/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4=
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
all: update for OSV schema changes The OSV affected.package.name field is now the module path, not the package import path. The affected.package.ecosystem_speficic.imports field now contains a list of Go packages and symbols within those packages. Restructure the report YAML to match the OSV structure: A report contains a list of modules, a module contains a list of packages, a package contains a list of symbols. Move GOOS/GOARCH to the package, rather than being report-global. This change updates the canonical YAML format and changes the OSV generation to the new form, but does not reformat data/reports. The report loader rewrites the old report YAML into the new style. Followup CLs will convert the reports and remove the rewriter. Change-Id: I71af994846721fdd43a8ee5c41574387ff781332 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/424895 Reviewed-by: Julie Qiu <julieqiu@google.com> Run-TryBot: Damien Neil <dneil@google.com>
2022-08-19 00:24:36 +03:00
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA=
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA=
go.mod,go.sum: upgrade golang.org/x/vuln This should fix the problem we're having with trybots. Change-Id: Ia0c4206122f2699878d2077b1969daf34d111336 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/388855 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-03-02 00:09:56 +03:00
golang.org/x/exp/event v0.0.0-20220218215828-6cf2b201936e h1:K2AuHMC+jaRTzAcivRwKOzjTZ1925Yx4xHMg07YoBQc=
golang.org/x/exp/event v0.0.0-20220218215828-6cf2b201936e/go.mod h1:AVlZHjhWbW/3yOcmKMtJiObwBPJajBlUpQXRijFNrNc=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/lint v0.0.0-20190409202823-959b441ac422/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/lint v0.0.0-20190909230951-414d861bb4ac/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
all: initial commit
2021-03-16 22:02:37 +03:00
golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
all: update to the latest version of tools This resolves some ssa/generics issues in computation of exported symbols. These issues were discovered when creating a report for GO-2023-1737.yaml. Change-Id: Id75aa0be44844829374c034cc8c8ec1f0beb65e8 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/494316 Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
2023-05-11 01:42:42 +03:00
golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk=
golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
all: initial commit
2021-03-16 22:02:37 +03:00
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
all: initial commit
2021-03-16 22:02:37 +03:00
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
golang.org/x/net v0.0.0-20200602114024-627f9648deb9/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201031054903-ff519b6c9102/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
golang.org/x/net v0.0.0-20210503060351-7fd8e65b6420/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
golang.org/x/net v0.0.0-20210716203947-853a461950ff/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
all: update to the latest version of tools This resolves some ssa/generics issues in computation of exported symbols. These issues were discovered when creating a report for GO-2023-1737.yaml. Change-Id: Id75aa0be44844829374c034cc8c8ec1f0beb65e8 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/494316 Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
2023-05-11 01:42:42 +03:00
golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210313182246-cd4f82c27b84/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210805134026-6f1e6394065a/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
golang.org/x/oauth2 v0.0.0-20211005180243-6b3c2da341f1/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8 h1:RerP+noqYHUQ8CMRcPlC2nvTa4dcBIjegkuWdcUDuqg=
golang.org/x/oauth2 v0.0.0-20211104180415-d3ed0bb246c8/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
all: initial commit
2021-03-16 22:02:37 +03:00
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
all: update to the latest version of tools This resolves some ssa/generics issues in computation of exported symbols. These issues were discovered when creating a report for GO-2023-1737.yaml. Change-Id: Id75aa0be44844829374c034cc8c8ec1f0beb65e8 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/494316 Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
2023-05-11 01:42:42 +03:00
golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI=
golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
all: initial commit
2021-03-16 22:02:37 +03:00
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
all: initial commit
2021-03-16 22:02:37 +03:00
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200113162924-86b910548bc1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200212091648-12a6c2dcc1e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200331124033-c3d80250170d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210104204734-6f8348627aad/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210305230114-8fe3ee5dd75b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
go.mod: update to latest golang.org/x/exp Change-Id: I7c70b154ca48ff87ee122ceb07d318651ac62bb3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380439 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-25 20:35:32 +03:00
golang.org/x/sys v0.0.0-20210423185535-09eb48e85fd7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210806184541-e5e7981a1069/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210823070655-63515b42dcdf/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210908233432-aa78b53d3365/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20211210111614-af8b64212486/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
cmd/vulnreport: populate report with exported symbols The fix subcommand will re-populate the symbols fields of the report with all of the vulnerable exported symbols. Change-Id: I5b0e097b367e74c52ea123022e268b91e54aec17 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/379776 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
2022-01-19 22:51:25 +03:00
golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
{cmd,internal}/worker: scan modules Complete support for scanning modules. - Add scan-modules command to cmd/worker. - Remember modules we scanned in the Store. - Track the last-modified vuln DB time to avoid unnecessary re-scanning. Change-Id: Id2b6d3b2d91c6617d31f4fe6997babba2db220bd Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/393695 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-03-17 22:22:37 +03:00
golang.org/x/sys v0.0.0-20220128215802-99c3d69c2c27/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
golang.org/x/sys v0.0.0-20220204135822-1c1b9b1eba6a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220207234003-57398862261d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
{cmd,internal}/worker: scan modules Complete support for scanning modules. - Add scan-modules command to cmd/worker. - Remember modules we scanned in the Store. - Track the last-modified vuln DB time to avoid unnecessary re-scanning. Change-Id: Id2b6d3b2d91c6617d31f4fe6997babba2db220bd Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/393695 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-03-17 22:22:37 +03:00
golang.org/x/sys v0.0.0-20220209214540-3681064d5158/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
all: update to the latest version of tools This resolves some ssa/generics issues in computation of exported symbols. These issues were discovered when creating a report for GO-2023-1737.yaml. Change-Id: Id75aa0be44844829374c034cc8c8ec1f0beb65e8 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/494316 Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
2023-05-11 01:42:42 +03:00
golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
all: update to the latest version of tools This resolves some ssa/generics issues in computation of exported symbols. These issues were discovered when creating a report for GO-2023-1737.yaml. Change-Id: Id75aa0be44844829374c034cc8c8ec1f0beb65e8 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/494316 Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
2023-05-11 01:42:42 +03:00
golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
all: initial commit
2021-03-16 22:02:37 +03:00
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
all: update to the latest version of tools This resolves some ssa/generics issues in computation of exported symbols. These issues were discovered when creating a report for GO-2023-1737.yaml. Change-Id: Id75aa0be44844829374c034cc8c8ec1f0beb65e8 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/494316 Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
2023-05-11 01:42:42 +03:00
golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
golang.org/x/time v0.0.0-20191024005414-555d28b269f0 h1:/5xXl8Y5W96D+TtHSlonuFqGHIWVuyCkGJLwGh9JJFs=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
all: initial commit
2021-03-16 22:02:37 +03:00
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191130070609-6e064ea0cf2d/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191216173652-a0e659d51361/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200117161641-43d50277825c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200122220014-bf1340f18c4a/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200227222343-706bc42d1f0d/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
golang.org/x/tools v0.0.0-20200312045724-11d5b4c81c7d/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
golang.org/x/tools v0.0.0-20200331025713-a30bf2db82d4/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
golang.org/x/tools v0.0.0-20200501065659-ab2804fb9c9d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200512131952-2bc93b1c0c88/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200515010526-7d3b6ebf133d/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
golang.org/x/tools v0.0.0-20200701151220-7cb253f4c4f8/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82ur9kSqwfTHTeVxaDqrfMjpcNT6bE=
golang.org/x/tools v0.0.0-20201110124207-079ba7bd75cd/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20201201161351-ac6f37ff4c2a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20201208233053-a543418bbed2/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20210105154028-b0ab187a4818/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
all: update to the latest version of tools This resolves some ssa/generics issues in computation of exported symbols. These issues were discovered when creating a report for GO-2023-1737.yaml. Change-Id: Id75aa0be44844829374c034cc8c8ec1f0beb65e8 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/494316 Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
2023-05-11 01:42:42 +03:00
golang.org/x/tools v0.9.1 h1:8WMNJAz3zrtPmnYC7ISf5dEn3MT0gY7jBJfw27yrrLo=
golang.org/x/tools v0.9.1/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc=
all: initial commit
2021-03-16 22:02:37 +03:00
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI=
google.golang.org/api v0.17.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
google.golang.org/api v0.18.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
google.golang.org/api v0.19.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
google.golang.org/api v0.20.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
google.golang.org/api v0.22.0/go.mod h1:BwFmGc8tA3vsd7r/7kR8DY7iEEGSU04BFxCo5jP/sfE=
google.golang.org/api v0.24.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
google.golang.org/api v0.28.0/go.mod h1:lIXQywCXRcnZPGlsd8NbLnOjtAoL6em04bJ9+z0MncE=
google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSrHWM=
google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
google.golang.org/api v0.35.0/go.mod h1:/XrVsuzM0rZmrsbjJutiuftIzeuTQcEeaYcSk/mQ1dg=
google.golang.org/api v0.36.0/go.mod h1:+z5ficQTmoYpPn8LCUNVpK5I7hwkpjbcgqA7I34qYtE=
google.golang.org/api v0.40.0/go.mod h1:fYKFpnQN0DsDSKRVRcQSDQNtqWPfM9i+zNPxepjRCQ8=
google.golang.org/api v0.41.0/go.mod h1:RkxM5lITDfTzmyKFPt+wGrCJbVfniCr2ool8kTBzRTU=
google.golang.org/api v0.43.0/go.mod h1:nQsDGjRXMo4lvh5hP0TKqF244gqhGcr/YSIykhUk/94=
google.golang.org/api v0.47.0/go.mod h1:Wbvgpq1HddcWVtzsVLyfLp8lDg6AA241LmgIL59tHXo=
google.golang.org/api v0.48.0/go.mod h1:71Pr1vy+TAZRPkPs/xlCf5SsU8WjuAWv1Pfjbtukyy4=
google.golang.org/api v0.50.0/go.mod h1:4bNT5pAuq5ji4SRZm+5QIkjny9JAyVD/3gaSihNefaw=
google.golang.org/api v0.51.0/go.mod h1:t4HdrdoNgyN5cbEfm7Lum0lcLDLiise1F8qDKX00sOU=
google.golang.org/api v0.54.0/go.mod h1:7C4bFFOvVDGXjfDTAsgGwDgAxRDeQ4X8NvUedIt6z3k=
google.golang.org/api v0.55.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE=
google.golang.org/api v0.56.0/go.mod h1:38yMfeP1kfjsl8isn0tliTjIb1rJXcQi4UXlbqivdVE=
google.golang.org/api v0.57.0/go.mod h1:dVPlbZyBo2/OjBpmvNdpn2GRm6rPy75jyU7bmhdrMgI=
google.golang.org/api v0.59.0/go.mod h1:sT2boj7M9YJxZzgeZqXogmhfmRWDtPzT31xkieUbuZU=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
google.golang.org/api v0.61.0/go.mod h1:xQRti5UdCmoCEqFxcz93fTl338AVqDgyaDRuOZ3hg9I=
google.golang.org/api v0.63.0/go.mod h1:gs4ij2ffTRXwuzzgJl/56BdwJaA194ijkfn++9tDuPo=
google.golang.org/api v0.66.0/go.mod h1:I1dmXYpX7HGwz/ejRxwQp2qj5bFAz93HiCU1C1oYd9M=
{cmd,internal}/worker: scan modules Complete support for scanning modules. - Add scan-modules command to cmd/worker. - Remember modules we scanned in the Store. - Track the last-modified vuln DB time to avoid unnecessary re-scanning. Change-Id: Id2b6d3b2d91c6617d31f4fe6997babba2db220bd Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/393695 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-03-17 22:22:37 +03:00
google.golang.org/api v0.67.0/go.mod h1:ShHKP8E60yPsKNw/w8w+VYaj9H6buA5UqDp8dhbQZ6g=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
google.golang.org/api v0.68.0/go.mod h1:sOM8pTpwgflXRhz+oC8H2Dr+UcbMqkPPWNJo88Q7TH8=
{cmd,internal}/worker: scan modules Complete support for scanning modules. - Add scan-modules command to cmd/worker. - Remember modules we scanned in the Store. - Track the last-modified vuln DB time to avoid unnecessary re-scanning. Change-Id: Id2b6d3b2d91c6617d31f4fe6997babba2db220bd Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/393695 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-03-17 22:22:37 +03:00
google.golang.org/api v0.70.0 h1:67zQnAE0T2rB0A3CwLSas0K+SbVzSxP+zTLkQLexeiw=
google.golang.org/api v0.70.0/go.mod h1:Bs4ZM2HGifEvXwd50TtW70ovgJffJYw2oRCOFU/SkfA=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8=
google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20191216164720-4f79533eabd1/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20200115191322-ca5a22157cba/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20200122232147-0452cf42e150/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc=
google.golang.org/genproto v0.0.0-20200204135345-fa8e72b47b90/go.mod h1:GmwEX6Z4W5gMy59cAlVYjN9JhxgbQH6Gn+gFDQe2lzA=
google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200228133532-8c2c7df3a383/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200312145019-da6875a35672/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200331122359-1ee6d9798940/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200430143042-b979b6f78d84/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200511104702-f5ebc3bea380/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
google.golang.org/genproto v0.0.0-20200515170657-fc4c6c6a6587/go.mod h1:YsZOwe1myG/8QRHRsmBRE1LrgQY60beZKjly0O1fX9U=
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
google.golang.org/genproto v0.0.0-20200605102947-12044bf5ea91/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
google.golang.org/genproto v0.0.0-20200729003335-053ba62fc06f/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201109203340-2640f1f9cdfb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201201144952-b05cb90ed32e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201210142538-e3217bee35cc/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20201214200347-8c77b98c765d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210222152913-aa3ee6e6a81c/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210303154014-9728d6b83eeb/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210310155132-4ce2db91004e/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210319143718-93e7006c17a6/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20210402141018-6c239bbf2bb1/go.mod h1:9lPAdzaEmUacj36I+k7YKbEc5CXzPIeORRgDAUOu28A=
google.golang.org/genproto v0.0.0-20210513213006-bf773b8c8384/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A=
google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
google.golang.org/genproto v0.0.0-20210608205507-b6d2f5bf0d7d/go.mod h1:UODoCrxHCcBojKKwX1terBiRUaqAsFqJiF615XL43r0=
google.golang.org/genproto v0.0.0-20210624195500-8bfb893ecb84/go.mod h1:SzzZ/N+nwJDaO1kznhnlzqS8ocJICar6hYhVyhi++24=
google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k=
google.golang.org/genproto v0.0.0-20210716133855-ce7ef5c701ea/go.mod h1:AxrInvYm1dci+enl5hChSFPOmmUF1+uAa/UsgNRWd7k=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
google.golang.org/genproto v0.0.0-20210721163202-f1cecdd8b78a/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48=
google.golang.org/genproto v0.0.0-20210722135532-667f2b7c528f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
google.golang.org/genproto v0.0.0-20210728212813-7823e685a01f/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48=
google.golang.org/genproto v0.0.0-20210805201207-89edb61ffb67/go.mod h1:ob2IJxKrgPT52GcgX759i1sleT07tiKowYBGbczaW48=
google.golang.org/genproto v0.0.0-20210813162853-db860fec028c/go.mod h1:cFeNkxwySK631ADgubI+/XFU/xp8FD5KIVV4rj8UC5w=
google.golang.org/genproto v0.0.0-20210821163610-241b8fcbd6c8/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
google.golang.org/genproto v0.0.0-20210828152312-66f60bf46e71/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
google.golang.org/genproto v0.0.0-20210831024726-fe130286e0e2/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
internal/worker: rename and document multiEventHandler Change-Id: I3fcd4206a9427b9f32c64397b34ae42bb076c08a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/380954 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-01-26 18:02:54 +03:00
google.golang.org/genproto v0.0.0-20210921142501-181ce0d877f6/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
google.golang.org/genproto v0.0.0-20210924002016-3dee208752a0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
google.golang.org/genproto v0.0.0-20211008145708-270636b82663/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
google.golang.org/genproto v0.0.0-20211028162531-8db9c33dc351/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
google.golang.org/genproto v0.0.0-20211206160659-862468c7d6e0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
google.golang.org/genproto v0.0.0-20211208223120-3a66f561d7aa/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
google.golang.org/genproto v0.0.0-20211221195035-429b39de9b1c/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
google.golang.org/genproto v0.0.0-20220114231437-d2e6a121cae0/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
{cmd,internal}/worker: scan modules Complete support for scanning modules. - Add scan-modules command to cmd/worker. - Remember modules we scanned in the Store. - Track the last-modified vuln DB time to avoid unnecessary re-scanning. Change-Id: Id2b6d3b2d91c6617d31f4fe6997babba2db220bd Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/393695 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-03-17 22:22:37 +03:00
google.golang.org/genproto v0.0.0-20220126215142-9970aeb2e350/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
google.golang.org/genproto v0.0.0-20220201184016-50beb8ab5c44/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
google.golang.org/genproto v0.0.0-20220204002441-d6cc3cc0770e/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
{cmd,internal}/worker: scan modules Complete support for scanning modules. - Add scan-modules command to cmd/worker. - Remember modules we scanned in the Store. - Track the last-modified vuln DB time to avoid unnecessary re-scanning. Change-Id: Id2b6d3b2d91c6617d31f4fe6997babba2db220bd Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/393695 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-03-17 22:22:37 +03:00
google.golang.org/genproto v0.0.0-20220207164111-0872dc986b00/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
google.golang.org/genproto v0.0.0-20220207185906-7721543eae58/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
{cmd,internal}/worker: scan modules Complete support for scanning modules. - Add scan-modules command to cmd/worker. - Remember modules we scanned in the Store. - Track the last-modified vuln DB time to avoid unnecessary re-scanning. Change-Id: Id2b6d3b2d91c6617d31f4fe6997babba2db220bd Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/393695 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Damien Neil <dneil@google.com>
2022-03-17 22:22:37 +03:00
google.golang.org/genproto v0.0.0-20220218161850-94dd64e39d7c/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf h1:SVYXkUz2yZS9FWb2Gm8ivSlbNQzL2Z/NpPKE3RG2jWk=
google.golang.org/genproto v0.0.0-20220222213610-43724f9ea8cf/go.mod h1:kGP+zUP2Ddo0ayMi4YuN7C3WZyJvGLZRh8Z5wnAqvEI=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
google.golang.org/grpc v1.28.0/go.mod h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60=
google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
google.golang.org/grpc v1.30.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
google.golang.org/grpc v1.34.0/go.mod h1:WotjhfgOW/POjDeRt8vscBtXq+2VjORFy659qA51WJ8=
google.golang.org/grpc v1.35.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
google.golang.org/grpc v1.37.1/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
google.golang.org/grpc v1.38.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
google.golang.org/grpc v1.39.0/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE=
google.golang.org/grpc v1.39.1/go.mod h1:PImNr+rS9TWYb2O4/emRugxiyHZ5JyHW5F+RPnDzfrE=
google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
internal/worker: add OpenTelemetry metrics Connect to Google Cloud Monitoring using OpenTelemetry and the golang.org/x/exp/event package. Export one metric, to start. Change-Id: I5468a706423d6a6bf40d36c305d94b0dfc920e3c Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/386834 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: kokoro <noreply+kokoro@google.com>
2022-02-18 23:44:02 +03:00
google.golang.org/grpc v1.40.1/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
google.golang.org/grpc v1.44.0 h1:weqSxi/TMs1SqFRMHCtBgXRs8k3X39QIDEZ0pRcttUg=
google.golang.org/grpc v1.44.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
google.golang.org/protobuf v1.27.1 h1:SnqbnDw1V7RiZcXPx5MEeqPv2s79L9i7BJUlG/+RurQ=
google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
all: switch from toml to yaml Change-Id: I9fb36a246d0d532e44a28903998b9750cf794a85 Reviewed-on: https://team-review.git.corp.google.com/c/golang/vulndb/+/1055925 Reviewed-by: Roland Shoemaker <bracewell@google.com>
2021-04-14 22:59:24 +03:00
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
cmd,internal: add tools and worker code golang.org/x/vuln/srv is moved to this repository. Originally, the motivation for creating x/vuln was to split the YAML reports and Go code into two separate repositories. However, this resulted in a few issues: 1. The structure of the YAML reports is tightly coupled with the structs in internal/report, and changing one without the other would result in errors when linting the reports. 2. The vlint package itself needed to be exported, even though the only consumer was the test in x/vulndb. 3. The deploy/build.yaml script depends on cmd/gendb@latest, so updating that command could easily break the script (for example, submitting CL 373004 without changing the reference in deploy/build.yaml). Additionally, the original location of this code was x/vuln, which contained two types of packages. (1) Packages meant for consumption by other clients (for example, x/vuln/client), and (2) Internal packages that were only meant for use to spin up the worker. The internal packages resulted in many dependencies since they pulled in GCP, which we don't want clients of the vulncheck library to have to pull in. This problem was originally solved by creating a nested module inside x/vuln, but nicer separation that would also solve the issues above is the following: * x/vuln: contains Go code meant to be imported by others * x/vulndb: contains internal code only used to maintain the vulndb For golang/go#50247 Change-Id: I74a7b7f9b8fc5b0ad48a45fc3156f93c08aa9955 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/373495 Trust: Julie Qiu <julie@golang.org> Reviewed-by: Jonathan Amsterdam <jba@google.com>
2021-12-21 00:26:47 +03:00
gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
go.mod,go.sum: upgrade golang.org/x/vuln This should fix the problem we're having with trybots. Change-Id: Ia0c4206122f2699878d2077b1969daf34d111336 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/388855 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-03-02 00:09:56 +03:00
gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
internal/cvelist: add cloneRepo cloneRepo is added, which clones github.com/CVEProject/cvelist for triage use. Change-Id: Iaba6d04f886dd82ee7c49fcb5a5fe46d324ecf66 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/356391 Trust: Julie Qiu <julie@golang.org> Run-TryBot: Julie Qiu <julie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org>
2021-10-16 02:38:35 +03:00
gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
go.mod: update gopkg.in/yaml.v3 Upgrade to non-vulerable version. Also update tests because the behavior of yaml has slightly changed with how whitespace is handled. Change-Id: Ie6088046da9cd79ee6ad6e5aefb03fdc65cd707b Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/499655 Auto-Submit: Julie Qiu <julieqiu@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julieqiu@google.com> Reviewed-by: Tatiana Bradley <tatianabradley@google.com> Run-TryBot: Julie Qiu <julieqiu@google.com>
2023-05-31 19:46:54 +03:00
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
go.mod,go.sum: upgrade golang.org/x/vuln This should fix the problem we're having with trybots. Change-Id: Ia0c4206122f2699878d2077b1969daf34d111336 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/388855 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-03-02 00:09:56 +03:00
honnef.co/go/tools v0.2.2 h1:MNh1AVMyVX23VUHE2O27jm6lNj3vjO5DexS4A1xvnzk=
honnef.co/go/tools v0.2.2/go.mod h1:lPVVZ2BS5TfnjLyizF7o7hv7j9/L+8cZY2hLyjP9cGY=
internal/observe: package for tracing and metrics Factor out the tracing and metrics code from the server and put it in its own package. This is a first step towards sharing it with other projects. Change-Id: I36a04933accc11300f360a410c00a10c8a132dda Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/435470 Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Tatiana Bradley <tatiana@golang.org> Reviewed-by: Julie Qiu <julieqiu@google.com> Reviewed-by: Julie Qiu <julie@golang.org>
2022-09-30 03:59:12 +03:00
mvdan.cc/unparam v0.0.0-20220926085101-66de63301820 h1:fggBTMFbBz7CMny3mWZphe0B/6D8ILBunvvB1cNNHi8=
mvdan.cc/unparam v0.0.0-20220926085101-66de63301820/go.mod h1:7fKhD/gH+APJ9Y27S2PYO7+oVWtb3XPrw9W5ayxVq2A=
go.mod: update to latest golang.org/x/vuln Change-Id: I1431d799a7eb3da97457fe9609b93a3777d35fa3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/372175 Trust: Jonathan Amsterdam <jba@google.com> Run-TryBot: Jonathan Amsterdam <jba@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Julie Qiu <julie@golang.org>
2021-12-15 11:54:34 +03:00
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=