Skip to content

Commit

Permalink
NOISSUE - Fix security warnings for dependencies (absmach#1452)
Browse files Browse the repository at this point in the history 
* Fix security warnings for dependencies

Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* Omit `.mod` and `.sum` files in dependencies

This feature is introduced here: https://tip.golang.org/doc/go1.17#vendor.

Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>
  • Loading branch information
@dborovcanin @mteodor
dborovcanin authored and mteodor committed Sep 15, 2021
1 parent 6920d24 commit 4997385
Show file tree
Hide file tree
Showing 169 changed files with 1,163 additions and 3,006 deletions.
2 changes: 1 addition & 1 deletion auth/jwt/tokenizer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ package jwt
import (
"time"

"github.com/dgrijalva/jwt-go"
"github.com/golang-jwt/jwt/v4"
"github.com/mainflux/mainflux/auth"
"github.com/mainflux/mainflux/pkg/errors"
)
Expand Down
137 changes: 110 additions & 27 deletions go.mod
View file
Original file line number Diff line number Diff line change
@@ -1,49 +1,132 @@
module github.com/mainflux/mainflux

go 1.14
go 1.17

require (
github.com/cenkalti/backoff/v4 v4.1.0
github.com/dgrijalva/jwt-go v3.2.0+incompatible
github.com/docker/docker v20.10.6+incompatible
github.com/eclipse/paho.mqtt.golang v1.3.4
github.com/fatih/color v1.10.0
github.com/go-kit/kit v0.10.0
github.com/go-redis/redis/v8 v8.8.2
github.com/cenkalti/backoff/v4 v4.1.1
github.com/docker/docker v20.10.8+incompatible
github.com/eclipse/paho.mqtt.golang v1.3.5
github.com/fatih/color v1.12.0
github.com/go-kit/kit v0.11.0
github.com/go-redis/redis/v8 v8.11.3
github.com/go-zoo/bone v1.3.0
github.com/gocql/gocql v0.0.0-20210504150947-558dfae50b5d
github.com/gocql/gocql v0.0.0-20210817081954-bc256bbb90de
github.com/gofrs/uuid v4.0.0+incompatible
github.com/gogo/protobuf v1.3.2
github.com/golang-jwt/jwt/v4 v4.0.0
github.com/golang/protobuf v1.5.2
github.com/gopcua/opcua v0.1.6
github.com/hashicorp/vault/api v1.1.0
github.com/hashicorp/vault/api v1.1.1
github.com/hokaccha/go-prettyjson v0.0.0-20210113012101-fb4e108d2519
github.com/influxdata/influxdb v1.8.5
github.com/jmoiron/sqlx v1.3.3
github.com/kr/text v0.2.0 // indirect
github.com/lib/pq v1.10.1
github.com/influxdata/influxdb v1.9.3
github.com/jmoiron/sqlx v1.3.4
github.com/lib/pq v1.10.2
github.com/mainflux/mproxy v0.2.2
github.com/mainflux/senml v1.5.0
github.com/mitchellh/mapstructure v1.4.1
github.com/nats-io/nats.go v1.11.0
github.com/oklog/ulid/v2 v2.0.2
github.com/opentracing/opentracing-go v1.2.0
github.com/ory/dockertest/v3 v3.6.5
github.com/ory/dockertest/v3 v3.7.0
github.com/ory/keto/proto/ory/keto/acl/v1alpha1 v0.0.0-20210616104402-80e043246cf9
github.com/pelletier/go-toml v1.9.1
github.com/pelletier/go-toml v1.9.3
github.com/plgd-dev/go-coap/v2 v2.4.0
github.com/prometheus/client_golang v1.10.0
github.com/rubenv/sql-migrate v0.0.0-20210408115534-a32ed26c37ea
github.com/spf13/cobra v1.1.3
github.com/spf13/viper v1.7.1
github.com/prometheus/client_golang v1.11.0
github.com/rubenv/sql-migrate v0.0.0-20210614095031-55d5740dbbcc
github.com/spf13/cobra v1.2.1
github.com/spf13/viper v1.8.1
github.com/stretchr/testify v1.7.0
github.com/subosito/gotenv v1.2.0
github.com/uber/jaeger-client-go v2.28.0+incompatible
go.mongodb.org/mongo-driver v1.4.0-beta2.0.20210512200446-5f449ba049cc
golang.org/x/crypto v0.0.0-20210314154223-e6e6c4f2bb5b
golang.org/x/net v0.0.0-20210510120150-4163338589ed
github.com/uber/jaeger-client-go v2.29.1+incompatible
go.mongodb.org/mongo-driver v1.7.1
golang.org/x/crypto v0.0.0-20210817164053-32db794688a5
golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d
gonum.org/v1/gonum v0.9.3
google.golang.org/grpc v1.40.0
)

require (
github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5 // indirect
github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/cenkalti/backoff/v3 v3.0.0 // indirect
github.com/cespare/xxhash/v2 v2.1.1 // indirect
github.com/containerd/continuity v0.0.0-20200709052629-daa8e1ccc0bc // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
github.com/docker/cli v20.10.7+incompatible // indirect
github.com/docker/go-connections v0.4.0 // indirect
github.com/docker/go-units v0.4.0 // indirect
github.com/dsnet/golib/memfile v0.0.0-20200723050859-c110804dfa93 // indirect
github.com/fsnotify/fsnotify v1.4.9 // indirect
github.com/fxamacker/cbor/v2 v2.2.0 // indirect
github.com/go-logfmt/logfmt v0.5.0 // indirect
github.com/go-stack/stack v1.8.0 // indirect
github.com/golang/snappy v0.0.3 // indirect
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
github.com/gorilla/websocket v1.4.2 // indirect
github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed // indirect
github.com/hashicorp/errwrap v1.0.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.1 // indirect
github.com/hashicorp/go-multierror v1.1.0 // indirect
github.com/hashicorp/go-retryablehttp v0.6.6 // indirect
github.com/hashicorp/go-rootcerts v1.0.2 // indirect
github.com/hashicorp/go-sockaddr v1.0.2 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/hashicorp/vault/sdk v0.2.1 // indirect
github.com/imdario/mergo v0.3.12 // indirect
github.com/inconshreveable/mousetrap v1.0.0 // indirect
github.com/klauspost/compress v1.11.12 // indirect
github.com/magiconair/properties v1.8.5 // indirect
github.com/mattn/go-colorable v0.1.8 // indirect
github.com/mattn/go-isatty v0.0.12 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/moby/term v0.0.0-20201216013528-df9cb8a40635 // indirect
github.com/nats-io/nkeys v0.3.0 // indirect
github.com/nats-io/nuid v1.0.1 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.0.1 // indirect
github.com/opencontainers/runc v1.0.0-rc9 // indirect
github.com/patrickmn/go-cache v2.1.0+incompatible // indirect
github.com/pierrec/lz4 v2.5.2+incompatible // indirect
github.com/pion/dtls/v2 v2.0.1-0.20200503085337-8e86b3a7d585 // indirect
github.com/pion/logging v0.2.2 // indirect
github.com/pion/transport v0.10.0 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/plgd-dev/kit v0.0.0-20200819113605-d5fcf3e94f63 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/client_model v0.2.0 // indirect
github.com/prometheus/common v0.26.0 // indirect
github.com/prometheus/procfs v0.6.0 // indirect
github.com/ryanuber/go-glob v1.0.0 // indirect
github.com/sirupsen/logrus v1.8.1 // indirect
github.com/spf13/afero v1.6.0 // indirect
github.com/spf13/cast v1.3.1 // indirect
github.com/spf13/jwalterweatherman v1.1.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/uber/jaeger-lib v2.4.1+incompatible // indirect
github.com/x448/float16 v0.8.4 // indirect
github.com/xdg-go/pbkdf2 v1.0.0 // indirect
github.com/xdg-go/scram v1.0.2 // indirect
github.com/xdg-go/stringprep v1.0.2 // indirect
github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f // indirect
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
github.com/xeipuuv/gojsonschema v1.2.0 // indirect
github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect
go.uber.org/atomic v1.7.0 // indirect
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 // indirect
golang.org/x/text v0.3.6 // indirect
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect
golang.org/x/tools v0.1.0 // indirect
gonum.org/v1/gonum v0.9.1
google.golang.org/grpc v1.37.0
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c // indirect
google.golang.org/protobuf v1.27.1 // indirect
gopkg.in/gorp.v1 v1.7.2 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/ini.v1 v1.62.0 // indirect
gopkg.in/square/go-jose.v2 v2.5.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
)
9 changes: 4 additions & 5 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,6 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/denisenkom/go-mssqldb v0.0.0-20191001013358-cfbb681360f0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
github.com/denisenkom/go-mssqldb v0.9.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
github.com/dgrijalva/jwt-go/v4 v4.0.0-preview1/go.mod h1:+hnT3ywWDTAFrW5aE+u2Sa/wT555ZqwoCS+pk3p6ry4=
github.com/dgryski/go-bitstream v0.0.0-20180413035011-3522498ce2c8/go.mod h1:VMaSuZ+SZcx/wljOQKvp5srsbCiKDEb6K2wC4+PiBmQ=
Expand Down Expand Up @@ -273,6 +272,8 @@ github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zV
github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
github.com/golang-jwt/jwt/v4 v4.0.0 h1:RAqyYixv1p7uEnocuy8P1nru5wprCh/MH2BIlW5z5/o=
github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
github.com/golang/geo v0.0.0-20190916061304-5b978397cfec/go.mod h1:QZ0nwyI2jOfgRAoBvP+ab5aRr7c9x7lhGEJrKvBwjWI=
Expand Down Expand Up @@ -736,7 +737,6 @@ github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFR
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
github.com/rogpeppe/go-internal v1.3.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
github.com/rogpeppe/go-internal v1.4.0/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
github.com/rogpeppe/go-internal v1.5.2 h1:qLvObTrvO/XRCqmkKxUlOBc48bI3efyDuAZe25QiF0w=
github.com/rogpeppe/go-internal v1.5.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
github.com/rubenv/sql-migrate v0.0.0-20181106121204-ba2c6a7295c5/go.mod h1:WS0rl9eEliYI8DPnr3TOwz4439pay+qNgzJoVya/DmY=
github.com/rubenv/sql-migrate v0.0.0-20200429072036-ae26b214fa43/go.mod h1:DCgfY80j8GYL7MLEfvcpSFvjD0L5yZq/aZUJmhZklyg=
Expand Down Expand Up @@ -859,8 +859,8 @@ go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=
go.mongodb.org/mongo-driver v1.1.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
go.mongodb.org/mongo-driver v1.3.3/go.mod h1:MSWZXKOynuguX+JSvwP8i+58jYCXxbia8HS3gZBapIE=
go.mongodb.org/mongo-driver v1.4.0-beta2.0.20210512200446-5f449ba049cc h1:TmKS7/rsHcyq/S/Cf5dsCfNZLhmscDyZ4e6CxgMIWYU=
go.mongodb.org/mongo-driver v1.4.0-beta2.0.20210512200446-5f449ba049cc/go.mod h1:Q4oFMbo1+MSNqICAdYMlC/zSTrwCogR4R8NzkI+yfU8=
go.mongodb.org/mongo-driver v1.7.1 h1:jwqTeEM3x6L9xDXrCxN0Hbg7vdGfPBOTIkr0+/LYZDA=
go.mongodb.org/mongo-driver v1.7.1/go.mod h1:Q4oFMbo1+MSNqICAdYMlC/zSTrwCogR4R8NzkI+yfU8=
go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
Expand Down Expand Up @@ -948,7 +948,6 @@ golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKG
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
Expand Down
2 changes: 1 addition & 1 deletion scripts/ci.sh
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# This script contains commands to be executed by the CI tool.
NPROC=$(nproc)
GO_VERSION=1.14.4
GO_VERSION=1.17
PROTOC_VERSION=3.12.3
PROTOC_GEN_VERSION=v1.4.2
PROTOC_GOFAST_VERSION=v1.3.1
Expand Down
9 changes: 0 additions & 9 deletions vendor/github.com/Microsoft/go-winio/go.mod
View file

This file was deleted.

16 changes: 0 additions & 16 deletions vendor/github.com/Microsoft/go-winio/go.sum
View file

This file was deleted.

3 changes: 0 additions & 3 deletions vendor/github.com/cenkalti/backoff/v4/go.mod
View file

This file was deleted.

3 changes: 0 additions & 3 deletions vendor/github.com/cespare/xxhash/v2/go.mod
View file

This file was deleted.

Empty file removed vendor/github.com/cespare/xxhash/v2/go.sum
View file
Empty file.
13 changes: 0 additions & 13 deletions vendor/github.com/dgrijalva/jwt-go/.travis.yml
View file

This file was deleted.

97 changes: 0 additions & 97 deletions vendor/github.com/dgrijalva/jwt-go/MIGRATION_GUIDE.md
View file

This file was deleted.

3 changes: 0 additions & 3 deletions vendor/github.com/dsnet/golib/memfile/go.mod
View file

This file was deleted.

8 changes: 0 additions & 8 deletions vendor/github.com/eclipse/paho.mqtt.golang/go.mod
View file

This file was deleted.

8 changes: 0 additions & 8 deletions vendor/github.com/eclipse/paho.mqtt.golang/go.sum
View file

This file was deleted.

8 changes: 0 additions & 8 deletions vendor/github.com/fatih/color/go.mod
View file

This file was deleted.

Loading

0 comments on commit 4997385

Please sign in to comment.