Skip to content

Commit 0b1ae5b

Browse files
dependabot[bot]dependabot[bot]
authored
Bump github.com/ossf/scorecard/v4 from 4.10.5 to 4.13.1
Bumps [github.com/ossf/scorecard/v4](https://github.com/ossf/scorecard) from 4.10.5 to 4.13.1. - [Release notes](https://github.com/ossf/scorecard/releases) - [Changelog](https://github.com/ossf/scorecard/blob/main/RELEASE.md) - [Commits](ossf/scorecard@v4.10.5...v4.13.1) --- updated-dependencies: - dependency-name: github.com/ossf/scorecard/v4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
1 parent 7a2dfe6 commit 0b1ae5b

File tree

2 files changed

+306
-2768
lines changed

2 files changed

+306
-2768
lines changed

go.mod

+90-79
Original file line numberDiff line numberDiff line change
@@ -3,127 +3,138 @@ module github.com/ossf/criticality_score
33
go 1.19
44

55
require (
6-
cloud.google.com/go/bigquery v1.51.0
6+
cloud.google.com/go/bigquery v1.56.0
77
github.com/blendle/zapdriver v1.3.1
88
github.com/go-logr/zapr v1.2.3
9-
github.com/google/go-cmp v0.5.9
9+
github.com/google/go-cmp v0.6.0
1010
github.com/google/go-github/v47 v47.1.0
1111
github.com/iancoleman/strcase v0.2.0
12-
github.com/ossf/scorecard/v4 v4.10.5
12+
github.com/ossf/scorecard/v4 v4.13.1
1313
github.com/shurcooL/githubv4 v0.0.0-20220115235240-a14260e6f8a2
1414
go.opencensus.io v0.24.0
1515
go.uber.org/zap v1.24.0
16-
gocloud.dev v0.29.0
17-
golang.org/x/exp v0.0.0-20230224173230-c95f2b4c22f2
18-
golang.org/x/sys v0.7.0
19-
google.golang.org/api v0.119.0
16+
gocloud.dev v0.34.0
17+
golang.org/x/exp v0.0.0-20230905200255-921286631fa9
18+
golang.org/x/sys v0.13.0
19+
google.golang.org/api v0.139.0
2020
gopkg.in/yaml.v3 v3.0.1
2121
)
2222

2323
require (
24-
cloud.google.com/go v0.110.0 // indirect
25-
cloud.google.com/go/compute v1.19.0 // indirect
24+
cloud.google.com/go v0.110.7 // indirect
25+
cloud.google.com/go/compute v1.23.0 // indirect
2626
cloud.google.com/go/compute/metadata v0.2.3 // indirect
27-
cloud.google.com/go/iam v0.13.0 // indirect
28-
cloud.google.com/go/monitoring v1.13.0 // indirect
29-
cloud.google.com/go/pubsub v1.30.0 // indirect
30-
cloud.google.com/go/storage v1.29.0 // indirect
31-
cloud.google.com/go/trace v1.9.0 // indirect
27+
cloud.google.com/go/iam v1.1.1 // indirect
28+
cloud.google.com/go/monitoring v1.15.1 // indirect
29+
cloud.google.com/go/pubsub v1.33.0 // indirect
30+
cloud.google.com/go/storage v1.31.0 // indirect
31+
cloud.google.com/go/trace v1.10.1 // indirect
3232
contrib.go.opencensus.io/exporter/stackdriver v0.13.14 // indirect
33-
github.com/BurntSushi/toml v1.2.1 // indirect
34-
github.com/CycloneDX/cyclonedx-go v0.7.0 // indirect
35-
github.com/Microsoft/go-winio v0.6.0 // indirect
36-
github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4 // indirect
37-
github.com/acomagu/bufpipe v1.0.3 // indirect
33+
dario.cat/mergo v1.0.0 // indirect
34+
github.com/BurntSushi/toml v1.3.2 // indirect
35+
github.com/CycloneDX/cyclonedx-go v0.7.2 // indirect
36+
github.com/Microsoft/go-winio v0.6.1 // indirect
37+
github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c // indirect
38+
github.com/acomagu/bufpipe v1.0.4 // indirect
39+
github.com/anchore/go-struct-converter v0.0.0-20230627203149-c72ef8859ca9 // indirect
3840
github.com/andybalholm/brotli v1.0.4 // indirect
39-
github.com/apache/arrow/go/v11 v11.0.0 // indirect
41+
github.com/apache/arrow/go/v12 v12.0.0 // indirect
4042
github.com/apache/thrift v0.16.0 // indirect
41-
github.com/aws/aws-sdk-go v1.44.200 // indirect
42-
github.com/aws/aws-sdk-go-v2 v1.17.4 // indirect
43-
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.10 // indirect
44-
github.com/aws/aws-sdk-go-v2/config v1.18.12 // indirect
45-
github.com/aws/aws-sdk-go-v2/credentials v1.13.12 // indirect
46-
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.22 // indirect
47-
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.51 // indirect
48-
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.28 // indirect
49-
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.22 // indirect
50-
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.29 // indirect
51-
github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.19 // indirect
52-
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11 // indirect
53-
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.23 // indirect
54-
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.22 // indirect
55-
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.13.22 // indirect
56-
github.com/aws/aws-sdk-go-v2/service/s3 v1.30.2 // indirect
57-
github.com/aws/aws-sdk-go-v2/service/sso v1.12.1 // indirect
58-
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.1 // indirect
59-
github.com/aws/aws-sdk-go-v2/service/sts v1.18.3 // indirect
60-
github.com/aws/smithy-go v1.13.5 // indirect
43+
github.com/aws/aws-sdk-go v1.44.314 // indirect
44+
github.com/aws/aws-sdk-go-v2 v1.20.0 // indirect
45+
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.11 // indirect
46+
github.com/aws/aws-sdk-go-v2/config v1.18.32 // indirect
47+
github.com/aws/aws-sdk-go-v2/credentials v1.13.31 // indirect
48+
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.7 // indirect
49+
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.76 // indirect
50+
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.37 // indirect
51+
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.31 // indirect
52+
github.com/aws/aws-sdk-go-v2/internal/ini v1.3.38 // indirect
53+
github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.0 // indirect
54+
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.12 // indirect
55+
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.32 // indirect
56+
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.31 // indirect
57+
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.0 // indirect
58+
github.com/aws/aws-sdk-go-v2/service/s3 v1.38.1 // indirect
59+
github.com/aws/aws-sdk-go-v2/service/sso v1.13.1 // indirect
60+
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.15.1 // indirect
61+
github.com/aws/aws-sdk-go-v2/service/sts v1.21.1 // indirect
62+
github.com/aws/smithy-go v1.14.0 // indirect
6163
github.com/benbjohnson/clock v1.3.0 // indirect
6264
github.com/bombsimon/logrusr/v2 v2.0.1 // indirect
63-
github.com/bradleyfalzon/ghinstallation/v2 v2.1.0 // indirect
65+
github.com/bradleyfalzon/ghinstallation/v2 v2.8.0 // indirect
6466
github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect
65-
github.com/cloudflare/circl v1.1.0 // indirect
67+
github.com/cloudflare/circl v1.3.3 // indirect
68+
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
6669
github.com/emirpasic/gods v1.18.1 // indirect
67-
github.com/go-git/gcfg v1.5.0 // indirect
68-
github.com/go-git/go-billy/v5 v5.4.1 // indirect
69-
github.com/go-git/go-git/v5 v5.5.2 // indirect
70-
github.com/go-logr/logr v1.2.3 // indirect
70+
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
71+
github.com/go-git/go-billy/v5 v5.5.0 // indirect
72+
github.com/go-git/go-git/v5 v5.9.0 // indirect
73+
github.com/go-logr/logr v1.2.4 // indirect
74+
github.com/goark/errs v1.3.2 // indirect
75+
github.com/goark/go-cvss v1.6.6 // indirect
7176
github.com/goccy/go-json v0.9.11 // indirect
72-
github.com/golang-jwt/jwt/v4 v4.4.3 // indirect
77+
github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
7378
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
7479
github.com/golang/protobuf v1.5.3 // indirect
7580
github.com/golang/snappy v0.0.4 // indirect
7681
github.com/google/flatbuffers v2.0.8+incompatible // indirect
77-
github.com/google/go-github/v38 v38.1.0 // indirect
78-
github.com/google/go-github/v45 v45.2.0 // indirect
82+
github.com/google/go-github/v53 v53.2.0 // indirect
83+
github.com/google/go-github/v56 v56.0.0 // indirect
7984
github.com/google/go-querystring v1.1.0 // indirect
80-
github.com/google/osv-scanner v1.2.1-0.20230302232134-592acbc2539b // indirect
81-
github.com/google/s2a-go v0.1.2 // indirect
85+
github.com/google/osv-scanner v1.4.1 // indirect
86+
github.com/google/s2a-go v0.1.7 // indirect
8287
github.com/google/uuid v1.3.0 // indirect
8388
github.com/google/wire v0.5.0 // indirect
84-
github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect
85-
github.com/googleapis/gax-go/v2 v2.8.0 // indirect
86-
github.com/imdario/mergo v0.3.13 // indirect
89+
github.com/googleapis/enterprise-certificate-proxy v0.2.5 // indirect
90+
github.com/googleapis/gax-go/v2 v2.12.0 // indirect
91+
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
92+
github.com/hashicorp/go-retryablehttp v0.7.4 // indirect
93+
github.com/ianlancetaylor/demangle v0.0.0-20230524184225-eabc099b10ab // indirect
8794
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
88-
github.com/jedib0t/go-pretty/v6 v6.4.4 // indirect
95+
github.com/jedib0t/go-pretty/v6 v6.4.7 // indirect
8996
github.com/jmespath/go-jmespath v0.4.0 // indirect
9097
github.com/jszwec/csvutil v1.8.0 // indirect
9198
github.com/kevinburke/ssh_config v1.2.0 // indirect
9299
github.com/klauspost/asmfmt v1.3.2 // indirect
93-
github.com/klauspost/compress v1.15.12 // indirect
100+
github.com/klauspost/compress v1.16.7 // indirect
94101
github.com/klauspost/cpuid/v2 v2.0.9 // indirect
95-
github.com/mattn/go-runewidth v0.0.13 // indirect
102+
github.com/mattn/go-runewidth v0.0.15 // indirect
96103
github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8 // indirect
97104
github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3 // indirect
98-
github.com/package-url/packageurl-go v0.1.1-0.20220428063043-89078438f170 // indirect
105+
github.com/owenrumney/go-sarif/v2 v2.2.2 // indirect
106+
github.com/package-url/packageurl-go v0.1.1 // indirect
99107
github.com/pierrec/lz4/v4 v4.1.15 // indirect
100-
github.com/pjbgf/sha1cd v0.2.3 // indirect
101-
github.com/prometheus/prometheus v0.42.0 // indirect
102-
github.com/rivo/uniseg v0.2.0 // indirect
103-
github.com/sergi/go-diff v1.1.0 // indirect
108+
github.com/pjbgf/sha1cd v0.3.0 // indirect
109+
github.com/prometheus/prometheus v0.46.0 // indirect
110+
github.com/rivo/uniseg v0.4.4 // indirect
111+
github.com/sergi/go-diff v1.3.1 // indirect
104112
github.com/shurcooL/graphql v0.0.0-20200928012149-18c5c3165e3a // indirect
105-
github.com/sirupsen/logrus v1.9.0 // indirect
106-
github.com/skeema/knownhosts v1.1.0 // indirect
113+
github.com/sirupsen/logrus v1.9.3 // indirect
114+
github.com/skeema/knownhosts v1.2.1 // indirect
107115
github.com/spdx/gordf v0.0.0-20221230105357-b735bd5aac89 // indirect
108-
github.com/spdx/tools-golang v0.4.0 // indirect
116+
github.com/spdx/tools-golang v0.5.3 // indirect
117+
github.com/xanzy/go-gitlab v0.93.1 // indirect
109118
github.com/xanzy/ssh-agent v0.3.3 // indirect
110119
github.com/zeebo/xxh3 v1.0.2 // indirect
111-
go.uber.org/atomic v1.10.0 // indirect
112-
go.uber.org/multierr v1.9.0 // indirect
113-
golang.org/x/crypto v0.6.0 // indirect
114-
golang.org/x/mod v0.8.0 // indirect
115-
golang.org/x/net v0.9.0 // indirect
116-
golang.org/x/oauth2 v0.7.0 // indirect
117-
golang.org/x/sync v0.1.0 // indirect
118-
golang.org/x/term v0.7.0 // indirect
119-
golang.org/x/text v0.9.0 // indirect
120-
golang.org/x/tools v0.6.0 // indirect
121-
golang.org/x/vuln v0.0.0-20230118164824-4ec8867cc0e6 // indirect
120+
go.uber.org/atomic v1.11.0 // indirect
121+
go.uber.org/multierr v1.11.0 // indirect
122+
golang.org/x/crypto v0.14.0 // indirect
123+
golang.org/x/mod v0.12.0 // indirect
124+
golang.org/x/net v0.17.0 // indirect
125+
golang.org/x/oauth2 v0.13.0 // indirect
126+
golang.org/x/sync v0.3.0 // indirect
127+
golang.org/x/text v0.13.0 // indirect
128+
golang.org/x/time v0.3.0 // indirect
129+
golang.org/x/tools v0.13.0 // indirect
130+
golang.org/x/vuln v1.0.1 // indirect
122131
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
123132
google.golang.org/appengine v1.6.7 // indirect
124-
google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect
125-
google.golang.org/grpc v1.54.0 // indirect
126-
google.golang.org/protobuf v1.30.0 // indirect
133+
google.golang.org/genproto v0.0.0-20230803162519-f966b187b2e5 // indirect
134+
google.golang.org/genproto/googleapis/api v0.0.0-20230803162519-f966b187b2e5 // indirect
135+
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
136+
google.golang.org/grpc v1.57.0 // indirect
137+
google.golang.org/protobuf v1.31.0 // indirect
127138
gopkg.in/warnings.v0 v0.1.2 // indirect
128139
gopkg.in/yaml.v2 v2.4.0 // indirect
129140
)

0 commit comments

Comments
 (0)