Skip to content

Commit

Permalink
build(deps): bump golang.org/x/vuln from 1.1.0 to 1.1.1 in /tools (#1440
Browse files Browse the repository at this point in the history 
)

Bumps [golang.org/x/vuln](https://github.com/golang/vuln) from 1.1.0 to
1.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/golang/vuln/releases">golang.org/x/vuln's
releases</a>.</em></p>
<blockquote>
<h2>v1.1.1</h2>
<p>This release brings some minor improvements to govulncheck textual
output and performance optimizations for <code>package</code> and
<code>module</code> scan modes.</p>
<p>The major change brought by this release is the support for <a
href="https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=sarif">SARIF</a>
output format.</p>
<h2>Integration</h2>
<p>Govulncheck now supports <a
href="https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=sarif">Static
Analysis Results Interchange Format</a> (SARIF) output format via
<code>-format sarif</code> flag option. Please see <a
href="https://pkg.go.dev/golang.org/x/vuln@v1.1.1/internal/sarif">here</a>
for more details on the actual encoding.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/vuln/commit/486fd2384a39a632a0e5b003e1840d49d1db7e86"><code>486fd23</code></a>
all: remove unit tests for staticcheck, unparam, and spellcheck</li>
<li><a
href="https://github.com/golang/vuln/commit/6b0fd5601b4a69285e464ec05957800bf63e4d0e"><code>6b0fd56</code></a>
internal/sarif,cmd/govulncheck: publicize sarif</li>
<li><a
href="https://github.com/golang/vuln/commit/7b455eea68df4fad0d78f08d7811f818426afc30"><code>7b455ee</code></a>
internal/vulncheck: load source code for scan symbol mode only</li>
<li><a
href="https://github.com/golang/vuln/commit/7ed0faae83da959585ab1226aedda8b2e1eff849"><code>7ed0faa</code></a>
all: update golang.org/x/tools</li>
<li><a
href="https://github.com/golang/vuln/commit/122c809ebf2367fd3394cfcc7d9459ce708052c9"><code>122c809</code></a>
internal/vulncheck: emit progress message instead of warning</li>
<li><a
href="https://github.com/golang/vuln/commit/d837ff86426137299700241b0997c011091800ff"><code>d837ff8</code></a>
internal/scan: improve textual output for binary traces</li>
<li><a
href="https://github.com/golang/vuln/commit/4a8a6ffa0362e038bb7b9d56cc2fe09d0e4fd5ff"><code>4a8a6ff</code></a>
internal/buildinfo: avoid panic on nil symbol for elf</li>
<li><a
href="https://github.com/golang/vuln/commit/052eac784b099e7cc1a3864eb927288b196f2000"><code>052eac7</code></a>
internal/sarif: improve GOMODCACHE relative paths</li>
<li><a
href="https://github.com/golang/vuln/commit/93d3090660cdfbfe5dfa57dfc366438d35283648"><code>93d3090</code></a>
internal/sarif: add version to module info for locations</li>
<li><a
href="https://github.com/golang/vuln/commit/0e39fee41378bbb3678d501b1b19193c0060f540"><code>0e39fee</code></a>
internal/sarif: remove originalURIBaseIds</li>
<li>Additional commits viewable in <a
href="https://github.com/golang/vuln/compare/v1.1.0...v1.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/vuln&package-manager=go_modules&previous-version=1.1.0&new-version=1.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] committed Jun 6, 2024
1 parent 8a805fa commit 2da446f
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 7 deletions.
4 changes: 2 additions & 2 deletions tools/go.mod
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
module go.uber.org/zap/tools

require golang.org/x/vuln v1.1.0
require golang.org/x/vuln v1.1.1

require (
golang.org/x/mod v0.17.0 // indirect
golang.org/x/sync v0.7.0 // indirect
golang.org/x/tools v0.20.0 // indirect
golang.org/x/tools v0.21.1-0.20240514024235-59d9797072e7 // indirect
)

go 1.20
10 changes: 5 additions & 5 deletions tools/go.sum
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786 h1:rcv+Ippz6RAtvaGgKxc+8FQIpxHgsF+HBzPyYL2cyVU=
github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/renameio v0.1.0 h1:GOZbcHa3HfsPKPlmyPyN2KEohoMXOhdMbHrvbpl2QaA=
golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/tools v0.20.0 h1:hz/CVckiOxybQvFw6h7b/q80NTr9IUQb4s1IIzW7KNY=
golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg=
golang.org/x/vuln v1.1.0 h1:ECEdI+aEtjpF90eqEcDL5Q11DWSZAw5PJQWlp0+gWqc=
golang.org/x/vuln v1.1.0/go.mod h1:HT/Ar8fE34tbxWG2s7PYjVl+iIE4Er36/940Z+K540Y=
golang.org/x/tools v0.21.1-0.20240514024235-59d9797072e7 h1:DnP3aRQn/r68glNGB8/7+3iE77jA+YZZCxpfIXx2MdA=
golang.org/x/tools v0.21.1-0.20240514024235-59d9797072e7/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
golang.org/x/vuln v1.1.1 h1:4nYQg4OSr7uYQMtjuuYqLAEVuTjY4k/CPMYqvv5OPcI=
golang.org/x/vuln v1.1.1/go.mod h1:hNgE+SKMSp2wHVUpW0Ow2ejgKpNJePdML+4YjxrVxik=

0 comments on commit 2da446f

Please sign in to comment.