Skip to content

Commit 4d2915c

Browse files
dlevy-msft-sqldlevy-msft-sql
authored
Merge branch 'main' into locfiles/380cd1ec-758c-4889-8c0f-2a9f0d9d1df5
2 parents 7eb2f58 + 460b0c9 commit 4d2915c

5 files changed

Lines changed: 92 additions & 470 deletions

File tree

.github/workflows/golangci-lint.yml

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,12 +9,16 @@ jobs:
99
name: lint-pr-changes
1010
runs-on: ubuntu-latest
1111
steps:
12-
- uses: actions/setup-go@v6
12+
# Pinned to commit SHA for supply chain security (CWE-829)
13+
# Verify: gh api repos/actions/setup-go/git/ref/tags/v6 --jq '.object.sha'
14+
- uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
1315
with:
1416
go-version: '1.24'
1517
- uses: actions/checkout@v6
1618
- name: golangci-lint
17-
uses: golangci/golangci-lint-action@v6
19+
# Pinned to commit SHA for supply chain security (CWE-829)
20+
# Verify: gh api repos/golangci/golangci-lint-action/git/ref/tags/v9 --jq '.object.sha'
21+
uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.0.0
1822
with:
1923
version: latest
2024
only-new-issues: true

NOTICE.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -587,8 +587,8 @@ SOFTWARE.
587587
## github.com/docker/distribution
588588

589589
* Name: github.com/docker/distribution
590-
* Version: v2.8.2
591-
* License: [Apache-2.0](https://github.com/docker/distribution/blob/v2.8.2/LICENSE)
590+
* Version: v2.8.3
591+
* License: [Apache-2.0](https://github.com/docker/distribution/blob/v2.8.3/LICENSE)
592592

593593
```
594594
Apache License

go.mod

Lines changed: 25 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -6,24 +6,25 @@ toolchain go1.24.12
66

77
require (
88
github.com/alecthomas/chroma/v2 v2.5.0
9-
github.com/billgraziano/dpapi v0.4.0
10-
github.com/docker/distribution v2.8.2+incompatible
11-
github.com/docker/docker v28.0.0+incompatible
12-
github.com/docker/go-connections v0.4.0
9+
github.com/billgraziano/dpapi v0.5.0
10+
github.com/distribution/reference v0.6.0
11+
github.com/docker/distribution v2.8.3+incompatible
12+
github.com/docker/docker v28.5.2+incompatible
13+
github.com/docker/go-connections v0.6.0
1314
github.com/golang-sql/sqlexp v0.1.0
1415
github.com/google/uuid v1.6.0
1516
github.com/microsoft/go-mssqldb v1.9.6
16-
github.com/opencontainers/image-spec v1.0.2
17+
github.com/opencontainers/image-spec v1.1.1
1718
github.com/peterh/liner v1.2.2
1819
github.com/pkg/errors v0.9.1
19-
github.com/spf13/cobra v1.6.1
20-
github.com/spf13/pflag v1.0.5
21-
github.com/spf13/viper v1.14.0
22-
github.com/stretchr/testify v1.10.0
20+
github.com/spf13/cobra v1.10.2
21+
github.com/spf13/pflag v1.0.10
22+
github.com/spf13/viper v1.21.0
23+
github.com/stretchr/testify v1.11.1
2324
golang.org/x/sys v0.40.0
2425
golang.org/x/term v0.39.0
2526
golang.org/x/text v0.33.0
26-
golang.org/x/tools v0.40.0
27+
golang.org/x/tools v0.41.0
2728
gopkg.in/yaml.v2 v2.4.0
2829
)
2930

@@ -37,61 +38,61 @@ require (
3738
github.com/Microsoft/go-winio v0.6.2 // indirect
3839
github.com/beorn7/perks v1.0.1 // indirect
3940
github.com/cespare/xxhash/v2 v2.3.0 // indirect
41+
github.com/containerd/errdefs v1.0.0 // indirect
42+
github.com/containerd/errdefs/pkg v0.3.0 // indirect
4043
github.com/containerd/log v0.1.0 // indirect
4144
github.com/davecgh/go-spew v1.1.1 // indirect
42-
github.com/distribution/reference v0.6.0 // indirect
4345
github.com/dlclark/regexp2 v1.4.0 // indirect
4446
github.com/docker/go-metrics v0.0.1 // indirect
4547
github.com/docker/go-units v0.5.0 // indirect
4648
github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 // indirect
4749
github.com/felixge/httpsnoop v1.0.4 // indirect
48-
github.com/fsnotify/fsnotify v1.6.0 // indirect
50+
github.com/fsnotify/fsnotify v1.9.0 // indirect
4951
github.com/go-logr/logr v1.4.2 // indirect
5052
github.com/go-logr/stdr v1.2.2 // indirect
51-
github.com/gogo/protobuf v1.3.2 // indirect
53+
github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
5254
github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
5355
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 // indirect
5456
github.com/golang/protobuf v1.5.4 // indirect
5557
github.com/gorilla/mux v1.8.1 // indirect
56-
github.com/hashicorp/hcl v1.0.0 // indirect
57-
github.com/inconshreveable/mousetrap v1.0.1 // indirect
58+
github.com/inconshreveable/mousetrap v1.1.0 // indirect
5859
github.com/kylelemons/godebug v1.1.0 // indirect
59-
github.com/magiconair/properties v1.8.6 // indirect
6060
github.com/mattn/go-runewidth v0.0.3 // indirect
6161
github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
62-
github.com/mitchellh/mapstructure v1.5.0 // indirect
6362
github.com/moby/docker-image-spec v1.3.1 // indirect
63+
github.com/moby/sys/atomicwriter v0.1.0 // indirect
6464
github.com/moby/term v0.5.2 // indirect
6565
github.com/morikuni/aec v1.0.0 // indirect
6666
github.com/opencontainers/go-digest v1.0.0 // indirect
67-
github.com/pelletier/go-toml v1.9.5 // indirect
68-
github.com/pelletier/go-toml/v2 v2.0.5 // indirect
67+
github.com/pelletier/go-toml/v2 v2.2.4 // indirect
6968
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
7069
github.com/pmezard/go-difflib v1.0.0 // indirect
7170
github.com/prometheus/client_golang v1.11.1 // indirect
7271
github.com/prometheus/client_model v0.2.0 // indirect
7372
github.com/prometheus/common v0.26.0 // indirect
7473
github.com/prometheus/procfs v0.6.0 // indirect
74+
github.com/sagikazarmark/locafero v0.11.0 // indirect
7575
github.com/shopspring/decimal v1.4.0 // indirect
76-
github.com/spf13/afero v1.9.2 // indirect
77-
github.com/spf13/cast v1.5.0 // indirect
78-
github.com/spf13/jwalterweatherman v1.1.0 // indirect
79-
github.com/subosito/gotenv v1.4.1 // indirect
76+
github.com/sourcegraph/conc v0.3.1-0.20240121214520-5f936abd7ae8 // indirect
77+
github.com/spf13/afero v1.15.0 // indirect
78+
github.com/spf13/cast v1.10.0 // indirect
79+
github.com/subosito/gotenv v1.6.0 // indirect
8080
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
8181
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect
8282
go.opentelemetry.io/otel v1.35.0 // indirect
8383
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0 // indirect
8484
go.opentelemetry.io/otel/metric v1.35.0 // indirect
8585
go.opentelemetry.io/otel/trace v1.35.0 // indirect
86+
go.yaml.in/yaml/v3 v3.0.4 // indirect
8687
golang.org/x/crypto v0.47.0 // indirect
8788
golang.org/x/mod v0.32.0 // indirect
8889
golang.org/x/net v0.49.0 // indirect
8990
golang.org/x/sync v0.19.0 // indirect
91+
golang.org/x/time v0.14.0 // indirect
9092
google.golang.org/genproto/googleapis/api v0.0.0-20250425173222-7b384671a197 // indirect
9193
google.golang.org/genproto/googleapis/rpc v0.0.0-20250425173222-7b384671a197 // indirect
9294
google.golang.org/grpc v1.71.1 // indirect
9395
google.golang.org/protobuf v1.36.6 // indirect
94-
gopkg.in/ini.v1 v1.67.0 // indirect
9596
gopkg.in/yaml.v3 v3.0.1 // indirect
9697
gotest.tools/v3 v3.5.2 // indirect
9798
)

0 commit comments

Comments
 (0)