From fab533e99f7aaa3af00097780e46b54ce352c05b Mon Sep 17 00:00:00 2001 From: Taras Drozdovskyi Date: Wed, 16 Aug 2023 09:19:45 +0300 Subject: [PATCH] Update 3rd-party components Signed-off-by: Taras Drozdovskyi --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/publish.yml | 2 +- .github/workflows/scorecards-analysis.yml | 2 +- go.mod | 10 +++++----- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c895cd3b..729650bb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -26,7 +26,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@f6e388ebf0efc915c6c5b165b019ee61a6746a38 + uses: github/codeql-action/init@0ba4244466797eb048eb91a6cd43d5c03ca8bd05 with: languages: ${{ matrix.language }} @@ -36,4 +36,4 @@ jobs: go-version: '1.19' - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@f6e388ebf0efc915c6c5b165b019ee61a6746a38 + uses: github/codeql-action/analyze@0ba4244466797eb048eb91a6cd43d5c03ca8bd05 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index df79cecf..12ab8594 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -31,7 +31,7 @@ jobs: type=semver,pattern={{version}} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@16c0bc4a6e6ada2cfd8afd41d22d95379cf7c32a + uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1 - name: Log in to Docker Hub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 20c05f51..6eea13b8 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -48,6 +48,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f6e388ebf0efc915c6c5b165b019ee61a6746a38 + uses: github/codeql-action/upload-sarif@0ba4244466797eb048eb91a6cd43d5c03ca8bd05 with: sarif_file: results.sarif diff --git a/go.mod b/go.mod index 9ba0c25a..8bdc8d10 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/docker/docker v20.10.24+incompatible github.com/docker/go-connections v0.4.0 github.com/docker/go-units v0.4.0 - github.com/eclipse/paho.mqtt.golang v1.4.2 + github.com/eclipse/paho.mqtt.golang v1.4.3 github.com/edgexfoundry/device-sdk-go v1.4.0 github.com/edgexfoundry/go-mod-core-contracts v0.1.115 github.com/fsnotify/fsnotify v1.6.0 @@ -59,7 +59,7 @@ require ( github.com/google/go-cmp v0.5.9 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/google/uuid v1.2.0 // indirect - github.com/gorilla/websocket v1.4.2 // indirect + github.com/gorilla/websocket v1.5.0 // indirect github.com/hashicorp/consul/api v1.1.0 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-cleanhttp v0.5.1 // indirect @@ -89,9 +89,9 @@ require ( github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/yusufpapurcu/wmi v1.2.2 // indirect golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd // indirect - golang.org/x/net v0.7.0 // indirect - golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect - golang.org/x/sys v0.5.0 // indirect + golang.org/x/net v0.8.0 // indirect + golang.org/x/sync v0.1.0 // indirect + golang.org/x/sys v0.6.0 // indirect golang.org/x/time v0.0.0-20220609170525-579cf78fd858 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect )