From 33c69f2ccef2bf620f8ab8a89509c331c33d5e0f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 26 Apr 2023 14:04:38 +0100
Subject: [PATCH] Bump github.com/labstack/echo/v4 from 4.9.1 to 4.10.2 (#85)

Bumps [github.com/labstack/echo/v4](https://github.com/labstack/echo)
from 4.9.1 to 4.10.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/labstack/echo/releases">github.com/labstack/echo/v4's
releases</a>.</em></p>
<blockquote>
<h2>v4.10.2</h2>
<p><strong>Security</strong></p>
<ul>
<li><code>filepath.Clean</code> behaviour has changed in Go 1.20 - adapt
to it <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2406">#2406</a></li>
<li>Add
<code>middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials</code>
to make UNSAFE usages of wildcard origin + allow cretentials less likely
<a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2405">#2405</a></li>
</ul>
<p><strong>Enhancements</strong></p>
<ul>
<li>Add more HTTP error values <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2277">#2277</a></li>
</ul>
<h2>v4.10.1</h2>
<p><strong>Security</strong></p>
<ul>
<li>Upgrade deps due to the latest golang.org/x/net vulnerability <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2402">#2402</a></li>
</ul>
<p><strong>Enhancements</strong></p>
<ul>
<li>Add new JWT repository to the README <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2377">#2377</a></li>
<li>Return an empty string for ctx.path if there is no registered path
<a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2385">#2385</a></li>
<li>Add context timeout middleware <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2380">#2380</a></li>
<li>Update link to jaegertracing <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2394">#2394</a></li>
</ul>
<h2>v4.10.0</h2>
<p><strong>Security</strong></p>
<ul>
<li>
<p>We are deprecating JWT middleware in this repository. Please use <a
href="https://github.com/labstack/echo-jwt">https://github.com/labstack/echo-jwt</a>
instead.</p>
<p>JWT middleware is moved to separate repository to allow us to
bump/upgrade version of JWT implementation
(<code>github.com/golang-jwt/jwt</code>) we are using which we can not
do in Echo core because this would break backwards compatibility
guarantees we try to maintain.</p>
</li>
<li>
<p>This minor version bumps minimum Go version to 1.17 (from 1.16) due
<code>golang.org/x/</code> packages we depend on. There are several
vulnerabilities fixed in these libraries.</p>
<p>Echo still tries to support last 4 Go versions but there are
occasions we can not guarantee this promise.</p>
</li>
</ul>
<p><strong>Enhancements</strong></p>
<ul>
<li>Bump x/text to 0.3.8 <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2305">#2305</a></li>
<li>Bump dependencies and add notes about Go releases we support <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2336">#2336</a></li>
<li>Add helper interface for ProxyBalancer interface <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2316">#2316</a></li>
<li>Expose <code>middleware.CreateExtractors</code> function so we can
use it from echo-contrib repository <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2338">#2338</a></li>
<li>Refactor func(Context) error to HandlerFunc <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2315">#2315</a></li>
<li>Improve function comments <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2329">#2329</a></li>
<li>Add new method HTTPError.WithInternal <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2340">#2340</a></li>
<li>Replace io/ioutil package usages <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2342">#2342</a></li>
<li>Add staticcheck to CI flow <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2343">#2343</a></li>
<li>Replace relative path determination from proprietary to std <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2345">#2345</a></li>
<li>Remove square brackets from ipv6 addresses in XFF (X-Forwarded-For
header) <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2182">#2182</a></li>
<li>Add testcases for some BodyLimit middleware configuration options <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2350">#2350</a></li>
<li>Additional configuration options for RequestLogger and Logger
middleware <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2341">#2341</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/labstack/echo/blob/master/CHANGELOG.md">github.com/labstack/echo/v4's
changelog</a>.</em></p>
<blockquote>
<h2>v4.10.2 - 2023-02-22</h2>
<p><strong>Security</strong></p>
<ul>
<li><code>filepath.Clean</code> behaviour has changed in Go 1.20 - adapt
to it <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2406">#2406</a></li>
<li>Add
<code>middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials</code>
to make UNSAFE usages of wildcard origin + allow cretentials less likely
<a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2405">#2405</a></li>
</ul>
<p><strong>Enhancements</strong></p>
<ul>
<li>Add more HTTP error values <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2277">#2277</a></li>
</ul>
<h2>v4.10.1 - 2023-02-19</h2>
<p><strong>Security</strong></p>
<ul>
<li>Upgrade deps due to the latest golang.org/x/net vulnerability <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2402">#2402</a></li>
</ul>
<p><strong>Enhancements</strong></p>
<ul>
<li>Add new JWT repository to the README <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2377">#2377</a></li>
<li>Return an empty string for ctx.path if there is no registered path
<a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2385">#2385</a></li>
<li>Add context timeout middleware <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2380">#2380</a></li>
<li>Update link to jaegertracing <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2394">#2394</a></li>
</ul>
<h2>v4.10.0 - 2022-12-27</h2>
<p><strong>Security</strong></p>
<ul>
<li>
<p>We are deprecating JWT middleware in this repository. Please use <a
href="https://github.com/labstack/echo-jwt">https://github.com/labstack/echo-jwt</a>
instead.</p>
<p>JWT middleware is moved to separate repository to allow us to
bump/upgrade version of JWT implementation
(<code>github.com/golang-jwt/jwt</code>) we are using
which we can not do in Echo core because this would break backwards
compatibility guarantees we try to maintain.</p>
</li>
<li>
<p>This minor version bumps minimum Go version to 1.17 (from 1.16) due
<code>golang.org/x/</code> packages we depend on. There are
several vulnerabilities fixed in these libraries.</p>
<p>Echo still tries to support last 4 Go versions but there are
occasions we can not guarantee this promise.</p>
</li>
</ul>
<p><strong>Enhancements</strong></p>
<ul>
<li>Bump x/text to 0.3.8 <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2305">#2305</a></li>
<li>Bump dependencies and add notes about Go releases we support <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2336">#2336</a></li>
<li>Add helper interface for ProxyBalancer interface <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2316">#2316</a></li>
<li>Expose <code>middleware.CreateExtractors</code> function so we can
use it from echo-contrib repository <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2338">#2338</a></li>
<li>Refactor func(Context) error to HandlerFunc <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2315">#2315</a></li>
<li>Improve function comments <a
href="https://github-redirect.dependabot.com/labstack/echo/pull/2329">#2329</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/labstack/echo/commit/47844c9b7f83e5bf4efbe1f449bf2a155f465da8"><code>47844c9</code></a>
Changelog for v4.10.2</li>
<li><a
href="https://github.com/labstack/echo/commit/f909660bb9fa0fed50a897a5169422e3bd92106b"><code>f909660</code></a>
Add middleware.CORSConfig.UnsafeWildcardOriginWithAllowCredentials to
make UN...</li>
<li><a
href="https://github.com/labstack/echo/commit/ef4aea97ef344bf0f61ba3b50844987b7dac8169"><code>ef4aea9</code></a>
use different variable name so returned function would not accidentally
be ab...</li>
<li><a
href="https://github.com/labstack/echo/commit/7c7531002d4fb5fd2fc573a5e32f6482cd54f153"><code>7c75310</code></a>
Clean on go1.20 (<a
href="https://github-redirect.dependabot.com/labstack/echo/issues/2406">#2406</a>)</li>
<li><a
href="https://github.com/labstack/echo/commit/04ba8e2f9d3f39d7c05f3f0340d27ccec6535e7f"><code>04ba8e2</code></a>
Add more http error values (<a
href="https://github-redirect.dependabot.com/labstack/echo/issues/2277">#2277</a>)</li>
<li><a
href="https://github.com/labstack/echo/commit/b888a30fe394deeeb14e18226be51b5928115dd3"><code>b888a30</code></a>
Changelog for v4.10.1</li>
<li><a
href="https://github.com/labstack/echo/commit/2c25767e45bdcb881645ebb7f962c4f3c2adc20c"><code>2c25767</code></a>
remediate flaky timeout tests</li>
<li><a
href="https://github.com/labstack/echo/commit/a3998ac96ad155e132e08bdae67f26a379f99385"><code>a3998ac</code></a>
Upgrade deps due to the latest golang.org/x/net vulnerability</li>
<li><a
href="https://github.com/labstack/echo/commit/45da0f888b8d642125b860af1c996a71f3f50bec"><code>45da0f8</code></a>
remove .travis.yml</li>
<li><a
href="https://github.com/labstack/echo/commit/6b09f3ffeb5085bf23a3e0749155752f574c331b"><code>6b09f3f</code></a>
Update link to jaegertracing</li>
<li>Additional commits viewable in <a
href="https://github.com/labstack/echo/compare/v4.9.1...v4.10.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/labstack/echo/v4&package-manager=go_modules&previous-version=4.9.1&new-version=4.10.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 4110e812a..e115c5fea 100644
--- a/go.mod
+++ b/go.mod
@@ -19,7 +19,7 @@ require (
 	github.com/ghodss/yaml v1.0.0
 	github.com/google/go-cmp v0.5.9
 	github.com/google/uuid v1.3.0
-	github.com/labstack/echo/v4 v4.9.1
+	github.com/labstack/echo/v4 v4.10.2
 	github.com/openclarity/kubeclarity/cli v0.0.0-00010101000000-000000000000
 	github.com/openclarity/kubeclarity/shared v0.0.0
 	github.com/openclarity/vmclarity/api v0.0.0
diff --git a/go.sum b/go.sum
index cdc242118..833890a4c 100644
--- a/go.sum
+++ b/go.sum
@@ -1339,8 +1339,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k=
 github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
-github.com/labstack/echo/v4 v4.9.1 h1:GliPYSpzGKlyOhqIbG8nmHBo3i1saKWFOgh41AN3b+Y=
-github.com/labstack/echo/v4 v4.9.1/go.mod h1:Pop5HLc+xoc4qhTZ1ip6C0RtP7Z+4VzRLWZZFKqbbjo=
+github.com/labstack/echo/v4 v4.10.2 h1:n1jAhnq/elIFTHr1EYpiYtyKgx4RW9ccVgkqByZaN2M=
+github.com/labstack/echo/v4 v4.10.2/go.mod h1:OEyqf2//K1DFdE57vw2DRgWY0M7s65IVQO2FzvI4J5k=
 github.com/labstack/gommon v0.4.0 h1:y7cvthEAEbU0yHOf4axH8ZG2NH8knB9iNSoTO8dyIk8=
 github.com/labstack/gommon v0.4.0/go.mod h1:uW6kP17uPlLJsD3ijUYn3/M5bAxtlZhMI6m3MFxTMTM=
 github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 h1:SOEGU9fKiNWd/HOJuq6+3iTQz8KNCLtVX6idSoTLdUw=