tests/dnstap: let Go handle its transitive dependencies (!1404) · Merge requests · Knot projects / Knot Resolver

Merged Oto Šťáva requested to merge dependabot-fixes into master 1 year ago

Jun 07, 2023

tests/dnstap: let Go handle its transitive dependencies · 53f02a85

Oto Šťáva authored 1 year ago

Dependabot reported that we have some vulnerable dependencies. The
problem is that the ones it wants to bump to do not support older Go
versions, which we need to use due to some distros not having the most
recent Go packages available.

The `go.sum` file contains the outdated ones (because I tried with an
older Go), but as far as I can tell, from Go docs and other places, it
is actually not a lockfile, so newer Go should update the packages
regardless of what is in `go.sum`.

53f02a85

Admin message

tests/dnstap: let Go handle its transitive dependencies

Merge request reports

Activity