From 485cb3831e85887b6d38bd04eefae38e9698d48c Mon Sep 17 00:00:00 2001 From: Yujun Zhang Date: Sat, 28 Nov 2020 19:48:05 +0800 Subject: [PATCH] Upgrade go-getter * Provide a detector for repositories hosted on GitLab.com * Update github.com/ulikunitz/xz@v0.5.8 for CVE-2020-16845 --- api/go.mod | 2 +- api/go.sum | 8 ++++---- api/loader/getter.go | 1 + 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/api/go.mod b/api/go.mod index 2056376d0..ad5f795cd 100644 --- a/api/go.mod +++ b/api/go.mod @@ -12,7 +12,7 @@ require ( github.com/hashicorp/go-multierror v1.1.0 github.com/pkg/errors v0.8.1 github.com/stretchr/testify v1.4.0 - github.com/yujunz/go-getter v1.4.1-lite + github.com/yujunz/go-getter v1.5.1-lite.0.20201201013212-6d9c071adddf golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e gopkg.in/yaml.v2 v2.3.0 gopkg.in/yaml.v3 v3.0.0-20200121175148-a6ecf24a6d71 diff --git a/api/go.sum b/api/go.sum index c2e3f304e..7c7045357 100644 --- a/api/go.sum +++ b/api/go.sum @@ -406,8 +406,8 @@ github.com/timakin/bodyclose v0.0.0-20190930140734-f7f2e9bca95e/go.mod h1:Qimiff github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= -github.com/ulikunitz/xz v0.5.5 h1:pFrO0lVpTBXLpYw+pnLj6TbvHuyjXMfjGeCwSqCVwok= -github.com/ulikunitz/xz v0.5.5/go.mod h1:2bypXElzHzzJZwzH67Y6wb67pO62Rzfn7BSiF4ABRW8= +github.com/ulikunitz/xz v0.5.8 h1:ERv8V6GKqVi23rgu5cj9pVfVzJbOqAY2Ntl88O6c2nQ= +github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14= github.com/ultraware/funlen v0.0.2 h1:Av96YVBwwNSe4MLR7iI/BIa3VyI7/djnto/pK3Uxbdo= github.com/ultraware/funlen v0.0.2/go.mod h1:Dp4UiAus7Wdb9KUZsYWZEWiRzGuM2kXM1lPbfaF6xhA= github.com/ultraware/whitespace v0.0.4 h1:If7Va4cM03mpgrNH9k49/VOicWpGoG70XPBFFODYDsg= @@ -423,8 +423,8 @@ github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca h1:1CFlNzQhALwjS9mBAUkycX616GzgsuYUOCHA5+HSlXI= github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca/go.mod h1:ce1O1j6UtZfjr22oyGxGLbauSBp2YVXpARAosm7dHBg= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -github.com/yujunz/go-getter v1.4.1-lite h1:FhvNc94AXMZkfqUwfMKhnQEC9phkphSGdPTL7tIdhOM= -github.com/yujunz/go-getter v1.4.1-lite/go.mod h1:sbmqxXjyLunH1PkF3n7zSlnVeMvmYUuIl9ZVs/7NyCc= +github.com/yujunz/go-getter v1.5.1-lite.0.20201201013212-6d9c071adddf h1:gvEmqF83GB8R5XtrMseJb6A6R0OCtNAS8f4TmZg2dGc= +github.com/yujunz/go-getter v1.5.1-lite.0.20201201013212-6d9c071adddf/go.mod h1:bL0Pr07HEdsMZ1WBqZIxXj96r5LnFsY4LgPaPEGkw1k= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= diff --git a/api/loader/getter.go b/api/loader/getter.go index 6d397b56e..566ada052 100644 --- a/api/loader/getter.go +++ b/api/loader/getter.go @@ -80,6 +80,7 @@ func getRemoteTarget(rs *remoteTargetSpec) error { Mode: getter.ClientModeAny, Detectors: []getter.Detector{ new(getter.GitHubDetector), + new(getter.GitLabDetector), new(getter.GitDetector), new(getter.BitBucketDetector), },