Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump golang.org/x/sys from 0.0.0-20190312061237-fead79001313 to 0.1.0 #26

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Feb 25, 2023

Bumps golang.org/x/sys from 0.0.0-20190312061237-fead79001313 to 0.1.0.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.0.0-20190312061237-fead79001313 to 0.1.0.
- [Release notes](https://github.com/golang/sys/releases)
- [Commits](https://github.com/golang/sys/commits/v0.1.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 25, 2023
@ImagineBuildBot
Copy link

Scan submitted to Checkmarx

@ImagineBuildBot
Copy link

Logo
Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 508 vulnerabilities
High 58 High
Medium 450 Medium
Low 0 Low
Info 0 Info

Checkmarx Scan Summary

Severity Count
High 58
Medium 450
Low 0
Informational 0

Violation Summary

High 14 High
Medium 206 Medium

View more details on Checkmarx UI

Cx-SAST Details

Lines Severity Category File Link
148 Medium Use_of_Cryptographically_Weak_PRNG pkg/handler/eval.go Checkmarx
30 Medium Use_of_Cryptographically_Weak_PRNG vendor/google.golang.org/grpc/internal/grpcrand/grpcrand.go Checkmarx
64 Medium Use_of_Cryptographically_Weak_PRNG vendor/github.com/jpillora/backoff/backoff.go Checkmarx
91 Medium Use_of_Cryptographically_Weak_PRNG vendor/github.com/Shopify/sarama/partitioner.go Checkmarx
14 Medium Use_of_Cryptographically_Weak_PRNG vendor/github.com/newrelic/go-agent/internal/rand.go Checkmarx
325 Medium Use_of_Cryptographically_Weak_PRNG vendor/github.com/DataDog/datadog-go/statsd/statsd.go Checkmarx
29 Medium Use_of_Cryptographically_Weak_PRNG vendor/github.com/aws/aws-sdk-go/internal/sdkrand/locked_source.go Checkmarx
25 26 Medium Use_of_Cryptographically_Weak_PRNG vendor/gopkg.in/DataDog/dd-trace-go.v1/ddtrace/tracer/rand.go Checkmarx
145 Medium Use_of_Cryptographically_Weak_PRNG vendor/github.com/Shopify/sarama/client.go Checkmarx
569 Medium Use_of_Cryptographically_Weak_PRNG vendor/github.com/getsentry/raven-go/client.go Checkmarx
28 Medium Use_of_Cryptographically_Weak_PRNG pkg/handler/export.go Checkmarx
172 514 Medium Use_of_Cryptographically_Weak_PRNG vendor/github.com/rcrowley/go-metrics/sample.go Checkmarx
134 Medium Use_of_Cryptographically_Weak_PRNG vendor/github.com/googleapis/gax-go/v2/call_option.go Checkmarx
26 27 Medium Use_of_Cryptographically_Weak_PRNG vendor/cloud.google.com/go/internal/testutil/rand.go Checkmarx
545 Medium Use_of_Cryptographically_Weak_PRNG vendor/go.opencensus.io/trace/trace.go Checkmarx
452 Medium Use_of_Cryptographically_Weak_PRNG vendor/golang.org/x/net/http2/transport.go Checkmarx
478 Medium SSRF vendor/github.com/newrelic/go-agent/internal/attributes.go Checkmarx
202 222 233 258 366 370 374 377 389 534 544 555 558 961 964 Medium Race_Condition_Concurrent_Instances vendor/golang.org/x/net/trace/trace.go Checkmarx
58 61 86 159 162 336 424 427 Medium Race_Condition_Concurrent_Instances vendor/golang.org/x/net/trace/events.go Checkmarx
72 Medium Privacy_Violation vendor/github.com/davecgh/go-spew/spew/config.go Checkmarx
430 Medium Privacy_Violation vendor/golang.org/x/net/http2/server.go Checkmarx
33 Medium Path_Traversal vendor/github.com/lib/pq/url.go Checkmarx
64 Medium Path_Traversal vendor/github.com/rcrowley/go-metrics/opentsdb.go Checkmarx
60 Medium Path_Traversal vendor/github.com/rcrowley/go-metrics/graphite.go Checkmarx
193 Medium Path_Traversal vendor/golang.org/x/oauth2/google/sdk.go Checkmarx
35 39 Medium Path_Traversal vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config.go Checkmarx
55 91 112 Medium Path_Traversal vendor/cloud.google.com/go/internal/testutil/context.go Checkmarx
436 Medium Path_Traversal vendor/golang.org/x/net/http2/transport.go Checkmarx
80 144 Medium Path_Traversal vendor/golang.org/x/oauth2/google/default.go Checkmarx
166 171 Medium Path_Traversal vendor/github.com/lib/pq/conn.go Checkmarx
36 Medium Missing_HSTS_Header pkg/config/middleware_test.go Checkmarx
430 Medium Insecure_Credential_Storage_Mechanism vendor/golang.org/x/net/http2/server.go Checkmarx
17 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/newrelic/go-agent/internal/utilization/pcf.go Checkmarx
436 980 1368 1370 1396 1524 1534 2514 Medium Denial_Of_Service_Resource_Exhaustion vendor/golang.org/x/net/http2/transport.go Checkmarx
696 723 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/Shopify/sarama/broker.go Checkmarx
145 Medium Denial_Of_Service_Resource_Exhaustion vendor/google.golang.org/appengine/urlfetch/urlfetch.go Checkmarx
57 Medium Denial_Of_Service_Resource_Exhaustion vendor/google.golang.org/grpc/internal/transport/handler_server.go Checkmarx
111 602 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/aws/aws-sdk-go/aws/request/request.go Checkmarx
55 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/newrelic/go-agent/internal/sysinfo/docker.go Checkmarx
15 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/newrelic/go-agent/internal/cross_process_http.go Checkmarx
28 Medium Denial_Of_Service_Resource_Exhaustion pkg/handler/subject.go Checkmarx
144 Medium Denial_Of_Service_Resource_Exhaustion vendor/golang.org/x/oauth2/google/default.go Checkmarx
363 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/getsentry/raven-go/client.go Checkmarx
113 123 135 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/procfs/proc_stat.go Checkmarx
93 94 167 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/procfs/stat.go Checkmarx
69 74 285 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/client_golang/prometheus/http.go Checkmarx
220 Medium Denial_Of_Service_Resource_Exhaustion vendor/golang.org/x/sys/cpu/cpu.go Checkmarx
183 204 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/Shopify/sarama/message.go Checkmarx
32 78 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/go-openapi/swag/loading.go Checkmarx
306 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go Checkmarx
32 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/procfs/nfs/parse_nfsd.go Checkmarx
85 88 106 109 116 121 Medium Denial_Of_Service_Resource_Exhaustion vendor/google.golang.org/appengine/internal/identity_vm.go Checkmarx
127 Medium Denial_Of_Service_Resource_Exhaustion vendor/google.golang.org/api/transport/http/dial.go Checkmarx
58 Medium Denial_Of_Service_Resource_Exhaustion vendor/cloud.google.com/go/pubsub/pubsub.go Checkmarx
284 337 347 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/go-openapi/runtime/middleware/context.go Checkmarx
342 356 371 413 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/go-openapi/spec/expander.go Checkmarx
59 Medium Denial_Of_Service_Resource_Exhaustion vendor/google.golang.org/appengine/internal/metadata.go Checkmarx
277 Medium Denial_Of_Service_Resource_Exhaustion swagger_gen/restapi/server.go Checkmarx
207 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go Checkmarx
346 470 471 498 Medium Denial_Of_Service_Resource_Exhaustion pkg/config/middleware.go Checkmarx
88 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/go-openapi/runtime/middleware/denco/server.go Checkmarx
122 134 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go Checkmarx
46 Medium Denial_Of_Service_Resource_Exhaustion vendor/google.golang.org/api/transport/http/internal/propagation/http.go Checkmarx
154 Medium Denial_Of_Service_Resource_Exhaustion vendor/cloud.google.com/go/compute/metadata/metadata.go Checkmarx
409 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/aws/aws-sdk-go/aws/session/session.go Checkmarx
114 Medium Denial_Of_Service_Resource_Exhaustion vendor/golang.org/x/oauth2/transport.go Checkmarx
25 50 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/go-openapi/runtime/middleware/negotiate.go Checkmarx
267 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/rs/cors/cors.go Checkmarx
76 158 159 160 161 Medium Denial_Of_Service_Resource_Exhaustion vendor/go.opencensus.io/plugin/ochttp/trace.go Checkmarx
20 Medium Denial_Of_Service_Resource_Exhaustion vendor/golang.org/x/net/http2/gotrack.go Checkmarx
35 39 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config.go Checkmarx
117 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/go-openapi/jsonreference/reference.go Checkmarx
153 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/jessevdk/go-flags/parser.go Checkmarx
64 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/procfs/buddyinfo.go Checkmarx
87 Medium Denial_Of_Service_Resource_Exhaustion pkg/handler/data_recorder_kafka.go Checkmarx
51 54 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/procfs/diskstats.go Checkmarx
93 111 117 Medium Denial_Of_Service_Resource_Exhaustion pkg/handler/eval_cache_fetcher.go Checkmarx
79 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/procfs/proc_psi.go Checkmarx
98 Medium Denial_Of_Service_Resource_Exhaustion vendor/go.opencensus.io/resource/resource.go Checkmarx
141 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go Checkmarx
19 20 21 22 25 28 31 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/getsentry/raven-go/http.go Checkmarx
155 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/go-sql-driver/mysql/infile.go Checkmarx
64 Medium Denial_Of_Service_Resource_Exhaustion vendor/google.golang.org/grpc/internal/binarylog/binarylog.go Checkmarx
32 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/procfs/nfs/parse_nfs.go Checkmarx
73 Medium Denial_Of_Service_Resource_Exhaustion swagger_gen/restapi/operations/flag/find_flags_parameters.go Checkmarx
47 Medium Denial_Of_Service_Resource_Exhaustion pkg/handler/export.go Checkmarx
153 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/PuerkitoBio/purell/purell.go Checkmarx
17 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/aws/aws-sdk-go/aws/request/http_request.go Checkmarx
319 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go Checkmarx
49 51 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/go-openapi/swag/path.go Checkmarx
184 193 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/Shopify/sarama/record_batch.go Checkmarx
146 157 215 224 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/go-openapi/runtime/middleware/parameter.go Checkmarx
167 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/procfs/ipvs.go Checkmarx
18 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/lib/pq/user_posix.go Checkmarx
182 193 Medium Denial_Of_Service_Resource_Exhaustion vendor/golang.org/x/oauth2/google/sdk.go Checkmarx
147 666 Medium Denial_Of_Service_Resource_Exhaustion vendor/google.golang.org/grpc/rpc_util.go Checkmarx
15 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/newrelic/go-agent/internal/sysinfo/bootid.go Checkmarx
16 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/newrelic/go-agent/internal/cat/path_hash.go Checkmarx
48 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/procfs/mdstat.go Checkmarx
27 Medium Denial_Of_Service_Resource_Exhaustion vendor/golang.org/x/sys/cpu/hwcap_linux.go Checkmarx
292 Medium Denial_Of_Service_Resource_Exhaustion vendor/golang.org/x/net/trace/trace.go Checkmarx
134 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/lib/pq/ssl.go Checkmarx
166 171 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/lib/pq/conn.go Checkmarx
64 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/procfs/xfs/parse.go Checkmarx
124 129 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go Checkmarx
119 120 126 155 156 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/meatballhat/negroni-logrus/middleware.go Checkmarx
37 38 39 40 41 42 Medium Denial_Of_Service_Resource_Exhaustion vendor/go.opencensus.io/plugin/ochttp/client_stats.go Checkmarx
49 53 Medium Denial_Of_Service_Resource_Exhaustion vendor/go.opencensus.io/plugin/ochttp/propagation/b3/b3.go Checkmarx
38 Medium Denial_Of_Service_Resource_Exhaustion vendor/google.golang.org/api/internal/creds.go Checkmarx
202 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/getsentry/raven-go/stacktrace.go Checkmarx
108 Medium Denial_Of_Service_Resource_Exhaustion vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go Checkmarx
105 Medium Denial_Of_Service_Resource_Exhaustion vendor/golang.org/x/net/trace/events.go Checkmarx
240 262 267 298 High Reflected_XSS_All_Clients vendor/github.com/rs/cors/cors.go Checkmarx
74 75 High Reflected_XSS_All_Clients vendor/github.com/urfave/negroni/logger.go Checkmarx
347 High Reflected_XSS_All_Clients vendor/github.com/go-openapi/runtime/middleware/context.go Checkmarx
347 High CGI_XSS vendor/github.com/go-openapi/runtime/middleware/context.go Checkmarx
74 75 High CGI_XSS vendor/github.com/urfave/negroni/logger.go Checkmarx
240 262 267 298 High CGI_XSS vendor/github.com/rs/cors/cors.go Checkmarx

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant