tests/dnstap/src/dnstap-test/go.sum · ec471a0453e2e5eb5bc2af26da0ebbf2fa6f5387 · Knot projects / Knot Resolver · GitLab

Self sign-up has been disabled due to increased spam activity. If you want to get access, please send an email to a project owner (preferred) or at gitlab(at)nic(dot)cz. We apologize for the inconvenience.

Jun 07, 2023

tests/dnstap: let Go handle its transitive dependencies · 53f02a85

Oto Šťáva authored Jun 07, 2023

Dependabot reported that we have some vulnerable dependencies. The
problem is that the ones it wants to bump to do not support older Go
versions, which we need to use due to some distros not having the most
recent Go packages available.

The `go.sum` file contains the outdated ones (because I tried with an
older Go), but as far as I can tell, from Go docs and other places, it
is actually not a lockfile, so newer Go should update the packages
regardless of what is in `go.sum`.

53f02a85

tests/dnstap: let Go handle its transitive dependencies

Oto Šťáva authored Jun 07, 2023

Dependabot reported that we have some vulnerable dependencies. The
problem is that the ones it wants to bump to do not support older Go
versions, which we need to use due to some distros not having the most
recent Go packages available.

The `go.sum` file contains the outdated ones (because I tried with an
older Go), but as far as I can tell, from Go docs and other places, it
is actually not a lockfile, so newer Go should update the packages
regardless of what is in `go.sum`.

Analyzing file…