(yunikorn-core) branch master updated: [YUNIKORN-3161] Update Go depenedencies for CVE fixes (#1053)

Tue, 09 Dec 2025 06:23:14 -0800 

This is an automated email from the ASF dual-hosted git repository.

pbacsko pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/yunikorn-core.git


The following commit(s) were added to refs/heads/master by this push:
     new 04638eff [YUNIKORN-3161] Update Go depenedencies for CVE fixes (#1053)
04638eff is described below

commit 04638eff4db8e6855fb8ae95d6cdab8d2f013dc6
Author: Peter Bacsko <[email protected]>
AuthorDate: Tue Dec 9 15:22:55 2025 +0100

    [YUNIKORN-3161] Update Go depenedencies for CVE fixes (#1053)
    
    Closes: #1053
    
    Signed-off-by: Peter Bacsko <[email protected]>
---
 go.mod | 23 +++++++++++------------
 go.sum | 20 ++++++++++----------
 2 files changed, 21 insertions(+), 22 deletions(-)

diff --git a/go.mod b/go.mod
index a6036c7a..e376f5f2 100644
--- a/go.mod
+++ b/go.mod
@@ -19,9 +19,9 @@
 
 module github.com/apache/yunikorn-core
 
-go 1.23.0
+go 1.24.0
 
-toolchain go1.23.7
+toolchain go1.24.11
 
 require (
        github.com/apache/yunikorn-scheduler-interface 
v0.0.0-20251021140208-d3b357b98dcd
@@ -38,8 +38,7 @@ require (
        go.uber.org/zap v1.27.0
        go.yaml.in/yaml/v3 v3.0.4
        golang.org/x/exp v0.0.0-20250228200357-dead58393ab7
-       golang.org/x/net v0.43.0
-       golang.org/x/time v0.10.0
+       golang.org/x/time v0.14.0
        google.golang.org/grpc v1.71.0
        gotest.tools/v3 v3.5.2
 )
@@ -54,17 +53,17 @@ require (
        github.com/petermattis/goid v0.0.0-20250813065127-a731cc31b4fe // 
indirect
        github.com/prometheus/procfs v0.12.0 // indirect
        go.uber.org/multierr v1.10.0 // indirect
-       golang.org/x/crypto v0.41.0 // indirect
-       golang.org/x/sys v0.35.0 // indirect
-       golang.org/x/text v0.28.0 // indirect
+       golang.org/x/crypto v0.44.0 // indirect
+       golang.org/x/net v0.47.0 // indirect
+       golang.org/x/sys v0.38.0 // indirect
+       golang.org/x/text v0.31.0 // indirect
        google.golang.org/genproto/googleapis/rpc 
v0.0.0-20250115164207-1a7da9e5054f // indirect
        google.golang.org/protobuf v1.36.5 // indirect
 )
 
 replace (
-       golang.org/x/crypto => golang.org/x/crypto v0.35.0
-       golang.org/x/net => golang.org/x/net v0.43.0
-       golang.org/x/sys => golang.org/x/sys v0.35.0
-       golang.org/x/text => golang.org/x/text v0.28.0
-       golang.org/x/tools => golang.org/x/tools v0.30.0
+       golang.org/x/crypto => golang.org/x/crypto v0.45.0
+       golang.org/x/net => golang.org/x/net v0.47.0
+       golang.org/x/sys => golang.org/x/sys v0.39.0
+       golang.org/x/text => golang.org/x/text v0.31.0
 )
diff --git a/go.sum b/go.sum
index 03f92b72..dd1a958a 100644
--- a/go.sum
+++ b/go.sum
@@ -88,18 +88,18 @@ go.uber.org/zap v1.27.0 
h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
 go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
 go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc=
 go.yaml.in/yaml/v3 v3.0.4/go.mod 
h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
-golang.org/x/crypto v0.35.0 h1:b15kiHdrGCHrP6LvwaQ3c03kgNhhiMgvlhxHQhmg2Xs=
-golang.org/x/crypto v0.35.0/go.mod 
h1:dy7dXNW32cAb/6/PRuTNsix8T+vJAqvuIy5Bli/x0YQ=
+golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
+golang.org/x/crypto v0.45.0/go.mod 
h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
 golang.org/x/exp v0.0.0-20250228200357-dead58393ab7 
h1:aWwlzYV971S4BXRS9AmqwDLAD85ouC6X+pocatKY58c=
 golang.org/x/exp v0.0.0-20250228200357-dead58393ab7/go.mod 
h1:BHOTPb3L19zxehTsLoJXVaTktb06DFgmdW6Wb9s8jqk=
-golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE=
-golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg=
-golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
-golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
-golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng=
-golang.org/x/text v0.28.0/go.mod 
h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU=
-golang.org/x/time v0.10.0 h1:3usCWA8tQn0L8+hFJQNgzpWbd89begxN66o1Ojdn5L4=
-golang.org/x/time v0.10.0/go.mod 
h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
+golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
+golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
+golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
+golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
+golang.org/x/text v0.31.0/go.mod 
h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
+golang.org/x/time v0.14.0 h1:MRx4UaLrDotUKUdCIqzPC48t1Y9hANFKIRpNx+Te8PI=
+golang.org/x/time v0.14.0/go.mod 
h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f 
h1:OxYkA3wjPsZyBylwymxSHa7ViiW1Sml4ToBrncvFehI=
 google.golang.org/genproto/googleapis/rpc 
v0.0.0-20250115164207-1a7da9e5054f/go.mod 
h1:+2Yz8+CLJbIfL9z73EW45avw8Lmge3xVElCP9zEKi50=
 google.golang.org/grpc v1.71.0 h1:kF77BGdPTQ4/JZWMlb9VpJ5pa25aqvVqogsxNHHdeBg=


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to