@@ -9,12 +9,12 @@ require (
99 github.com/google/go-cmp v0.6.0
1010 github.com/google/go-github/v47 v47.1.0
1111 github.com/iancoleman/strcase v0.3.0
12- github.com/ossf/scorecard/v4 v4.10.5
12+ github.com/ossf/scorecard/v4 v4.13.1
1313 github.com/shurcooL/githubv4 v0.0.0-20220115235240-a14260e6f8a2
1414 go.opencensus.io v0.24.0
1515 go.uber.org/zap v1.26.0
1616 gocloud.dev v0.34.0
17- golang.org/x/exp v0.0.0-20230713183714-613f0c0eb8a1
17+ golang.org/x/exp v0.0.0-20230905200255-921286631fa9
1818 golang.org/x/sys v0.13.0
1919 google.golang.org/api v0.148.0
2020 gopkg.in/yaml.v3 v3.0.1
@@ -30,11 +30,13 @@ require (
3030 cloud.google.com/go/storage v1.31.0 // indirect
3131 cloud.google.com/go/trace v1.10.1 // indirect
3232 contrib.go.opencensus.io/exporter/stackdriver v0.13.14 // indirect
33- github.com/BurntSushi/toml v1.2.1 // indirect
34- github.com/CycloneDX/cyclonedx-go v0.7.0 // indirect
33+ dario.cat/mergo v1.0.0 // indirect
34+ github.com/BurntSushi/toml v1.3.2 // indirect
35+ github.com/CycloneDX/cyclonedx-go v0.7.2 // indirect
3536 github.com/Microsoft/go-winio v0.6.1 // indirect
36- github.com/ProtonMail/go-crypto v0.0.0-20221026131551-cf6655e29de4 // indirect
37- github.com/acomagu/bufpipe v1.0.3 // indirect
37+ github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c // indirect
38+ github.com/acomagu/bufpipe v1.0.4 // indirect
39+ github.com/anchore/go-struct-converter v0.0.0-20230627203149-c72ef8859ca9 // indirect
3840 github.com/andybalholm/brotli v1.0.4 // indirect
3941 github.com/apache/arrow/go/v12 v12.0.0 // indirect
4042 github.com/apache/thrift v0.16.0 // indirect
@@ -59,52 +61,59 @@ require (
5961 github.com/aws/aws-sdk-go-v2/service/sts v1.21.1 // indirect
6062 github.com/aws/smithy-go v1.14.0 // indirect
6163 github.com/bombsimon/logrusr/v2 v2.0.1 // indirect
62- github.com/bradleyfalzon/ghinstallation/v2 v2.1 .0 // indirect
64+ github.com/bradleyfalzon/ghinstallation/v2 v2.8 .0 // indirect
6365 github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect
6466 github.com/cloudflare/circl v1.3.3 // indirect
67+ github.com/cyphar/filepath-securejoin v0.2.4 // indirect
6568 github.com/emirpasic/gods v1.18.1 // indirect
66- github.com/go-git/gcfg v1.5.0 // indirect
67- github.com/go-git/go-billy/v5 v5.4.1 // indirect
68- github.com/go-git/go-git/v5 v5.5.2 // indirect
69+ github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
70+ github.com/go-git/go-billy/v5 v5.5.0 // indirect
71+ github.com/go-git/go-git/v5 v5.9.0 // indirect
6972 github.com/go-logr/logr v1.2.4 // indirect
73+ github.com/goark/errs v1.3.2 // indirect
74+ github.com/goark/go-cvss v1.6.6 // indirect
7075 github.com/goccy/go-json v0.9.11 // indirect
7176 github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
7277 github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
7378 github.com/golang/protobuf v1.5.3 // indirect
7479 github.com/golang/snappy v0.0.4 // indirect
7580 github.com/google/flatbuffers v2.0.8+incompatible // indirect
76- github.com/google/go-github/v38 v38.1 .0// indirect
77- github.com/google/go-github/v45 v45.2 .0// indirect
81+ github.com/google/go-github/v53 v53.2 .0// indirect
82+ github.com/google/go-github/v56 v56.0 .0// indirect
7883 github.com/google/go-querystring v1.1.0 // indirect
79- github.com/google/osv-scanner v1.2.1-0.20230302232134-592acbc2539b // indirect
84+ github.com/google/osv-scanner v1.4.1 // indirect
8085 github.com/google/s2a-go v0.1.7 // indirect
8186 github.com/google/uuid v1.3.1 // indirect
8287 github.com/google/wire v0.5.0 // indirect
8388 github.com/googleapis/enterprise-certificate-proxy v0.3.1 // indirect
8489 github.com/googleapis/gax-go/v2 v2.12.0 // indirect
85- github.com/imdario/mergo v0.3.16 // indirect
90+ github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
91+ github.com/hashicorp/go-retryablehttp v0.7.4 // indirect
92+ github.com/ianlancetaylor/demangle v0.0.0-20230524184225-eabc099b10ab // indirect
8693 github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
87- github.com/jedib0t/go-pretty/v6 v6.4.4 // indirect
94+ github.com/jedib0t/go-pretty/v6 v6.4.7 // indirect
8895 github.com/jmespath/go-jmespath v0.4.0 // indirect
8996 github.com/jszwec/csvutil v1.8.0 // indirect
9097 github.com/kevinburke/ssh_config v1.2.0 // indirect
9198 github.com/klauspost/asmfmt v1.3.2 // indirect
9299 github.com/klauspost/compress v1.16.7 // indirect
93100 github.com/klauspost/cpuid/v2 v2.0.9 // indirect
94- github.com/mattn/go-runewidth v0.0.13 // indirect
101+ github.com/mattn/go-runewidth v0.0.15 // indirect
95102 github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8 // indirect
96103 github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3 // indirect
97- github.com/package-url/packageurl-go v0.1.1-0.20220428063043-89078438f170 // indirect
104+ github.com/owenrumney/go-sarif/v2 v2.2.2 // indirect
105+ github.com/package-url/packageurl-go v0.1.1 // indirect
98106 github.com/pierrec/lz4/v4 v4.1.15 // indirect
99- github.com/pjbgf/sha1cd v0.2.3 // indirect
107+ github.com/pjbgf/sha1cd v0.3.0 // indirect
100108 github.com/prometheus/prometheus v0.46.0 // indirect
101- github.com/rivo/uniseg v0.2.0 // indirect
102- github.com/sergi/go-diff v1.1.0 // indirect
109+ github.com/rivo/uniseg v0.4.4 // indirect
110+ github.com/sergi/go-diff v1.3.1 // indirect
103111 github.com/shurcooL/graphql v0.0.0-20200928012149-18c5c3165e3a // indirect
104- github.com/sirupsen/logrus v1.9.0 // indirect
105- github.com/skeema/knownhosts v1.1.0 // indirect
112+ github.com/sirupsen/logrus v1.9.3 // indirect
113+ github.com/skeema/knownhosts v1.2.1 // indirect
106114 github.com/spdx/gordf v0.0.0-20221230105357-b735bd5aac89 // indirect
107- github.com/spdx/tools-golang v0.4.0 // indirect
115+ github.com/spdx/tools-golang v0.5.3 // indirect
116+ github.com/xanzy/go-gitlab v0.93.1 // indirect
108117 github.com/xanzy/ssh-agent v0.3.3 // indirect
109118 github.com/zeebo/xxh3 v1.0.2 // indirect
110119 go.uber.org/multierr v1.11.0 // indirect
@@ -113,10 +122,10 @@ require (
113122 golang.org/x/net v0.17.0 // indirect
114123 golang.org/x/oauth2 v0.13.0 // indirect
115124 golang.org/x/sync v0.4.0 // indirect
116- golang.org/x/term v0.13.0 // indirect
117125 golang.org/x/text v0.13.0 // indirect
118- golang.org/x/tools v0.11.0 // indirect
119- golang.org/x/vuln v0.0.0-20230118164824-4ec8867cc0e6 // indirect
126+ golang.org/x/time v0.3.0 // indirect
127+ golang.org/x/tools v0.13.0 // indirect
128+ golang.org/x/vuln v1.0.1 // indirect
120129 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
121130 google.golang.org/appengine v1.6.7 // indirect
122131 google.golang.org/genproto v0.0.0-20231002182017-d307bd883b97 // indirect
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
0 commit comments