Update tools (#768)

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/g-rath/osv-detector](https://togithub.com/g-rath/osv-detector) | require | minor | `v0.7.2` -> `v0.8.0` | | [github.com/urfave/cli/v2](https://togithub.com/urfave/cli) | require | minor | `v2.17.1` -> `v2.19.2` | | [golang.org/x/crypto](https://togithub.com/golang/crypto) | require | digest | `4161e89` -> `56aed06` | | [golang.org/x/exp](https://togithub.com/golang/exp) | require | digest | `b9f4876` -> `4de253d` | --- ### Release Notes <details> <summary>g-rath/osv-detector</summary> ### [`v0.8.0`](https://togithub.com/G-Rath/osv-detector/releases/tag/v0.8.0) [Compare Source](https://togithub.com/g-rath/osv-detector/compare/v0.7.2...v0.8.0) #### What's Changed - support parsing `poetry.lock`, for Python ([G-Rath/osv-detector#156) - support parsing `pubspec.lock`, for Dart ([G-Rath/osv-detector#159) **Full Changelog**: G-Rath/osv-detector@v0.7.2...v0.8.0 </details> <details> <summary>urfave/cli</summary> ### [`v2.19.2`](https://togithub.com/urfave/cli/releases/tag/v2.19.2) [Compare Source](https://togithub.com/urfave/cli/compare/v2.19.1...v2.19.2) #### What's Changed - fix: stop automatic sorting for --help by [@FGYFFFF](https://togithub.com/FGYFFFF) in [urfave/cli#1430 #### New Contributors - [@FGYFFFF](https://togithub.com/FGYFFFF) made their first contribution in [urfave/cli#1430 **Full Changelog**: urfave/cli@v2.19.1...v2.19.2 ### [`v2.19.1`](https://togithub.com/urfave/cli/releases/tag/v2.19.1) [Compare Source](https://togithub.com/urfave/cli/compare/v2.19.0...v2.19.1) #### What's Changed - Fix:(issue\_1500). Fix slice flag value duplication issue by [@dearchap](https://togithub.com/dearchap) in [urfave/cli#1502 **Full Changelog**: urfave/cli@v2.19.0...v2.19.1 ### [`v2.19.0`](https://togithub.com/urfave/cli/releases/tag/v2.19.0) [Compare Source](https://togithub.com/urfave/cli/compare/v2.18.2...v2.19.0) #### What's Changed - Fix:(issue\_1505) Fix flag alignment in help by [@dearchap](https://togithub.com/dearchap) in [urfave/cli#1506 **Full Changelog**: urfave/cli@v2.18.2...v2.19.0 ### [`v2.18.2`](https://togithub.com/urfave/cli/releases/tag/v2.18.2) [Compare Source](https://togithub.com/urfave/cli/compare/v2.18.1...v2.18.2) #### What's Changed - Configure GenericFlag's Destination type as struct not pointer by [@nkuba](https://togithub.com/nkuba) in [urfave/cli#1442 #### New Contributors - [@nkuba](https://togithub.com/nkuba) made their first contribution in [urfave/cli#1442 **Full Changelog**: urfave/cli@v2.18.1...v2.18.2 ### [`v2.18.1`](https://togithub.com/urfave/cli/releases/tag/v2.18.1) [Compare Source](https://togithub.com/urfave/cli/compare/v2.18.0...v2.18.1) #### What's Changed - Ensure "generate" step runs in CI prior to diff check by [@meatballhat](https://togithub.com/meatballhat) in [urfave/cli#1504 **Full Changelog**: urfave/cli@v2.18.0...v2.18.1 ### [`v2.18.0`](https://togithub.com/urfave/cli/releases/tag/v2.18.0) [Compare Source](https://togithub.com/urfave/cli/compare/v2.17.2...v2.18.0) #### What's Changed - Call FlagStringer in String() method of slice flags by [@fjl](https://togithub.com/fjl) in [urfave/cli#1508 #### New Contributors - [@fjl](https://togithub.com/fjl) made their first contribution in [urfave/cli#1508 **Full Changelog**: urfave/cli@v2.17.2...v2.18.0 ### [`v2.17.2`](https://togithub.com/urfave/cli/releases/tag/v2.17.2) [Compare Source](https://togithub.com/urfave/cli/compare/v2.17.1...v2.17.2) #### What's Changed - Remove nonexistent phony targets by [@meatballhat](https://togithub.com/meatballhat) in [urfave/cli#1503 - wrap: Avoid trailing whitespace for empty lines by [@abitrolly](https://togithub.com/abitrolly) in [urfave/cli#1513 #### New Contributors - [@abitrolly](https://togithub.com/abitrolly) made their first contribution in [urfave/cli#1513 **Full Changelog**: urfave/cli@v2.17.1...v2.17.2 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 6am on monday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/google/osv.dev).  Co-authored-by: Rex P <106129829+another-rex@users.noreply.github.com>
google · Oct 13, 2022 · ff6d8a7 · ff6d8a7
1 parent 6e2c427
commit ff6d8a7
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 4 deletions.
diff --git a/tools/osv-scanner/go.mod b/tools/osv-scanner/go.mod
@@ -4,14 +4,14 @@ go 1.19
 
 require (
 	github.com/CycloneDX/cyclonedx-go v0.7.0
-	github.com/g-rath/osv-detector v0.7.2
+	github.com/g-rath/osv-detector v0.8.0
 	github.com/google/go-cmp v0.5.9
 	github.com/jedib0t/go-pretty/v6 v6.4.0
 	github.com/package-url/packageurl-go v0.1.0
 	github.com/spdx/tools-golang v0.3.0
-	github.com/urfave/cli/v2 v2.17.1
-	golang.org/x/crypto v0.0.0-20221005025214-4161e89ecf1b
-	golang.org/x/exp v0.0.0-20221004215720-b9f4876ce741
+	github.com/urfave/cli/v2 v2.19.2
+	golang.org/x/crypto v0.0.0-20221012134737-56aed061732a
+	golang.org/x/exp v0.0.0-20221012211006-4de253d81b95
 	golang.org/x/term v0.0.0-20220919170432-7a66f970e087
 )
 

diff --git a/tools/osv-scanner/go.sum b/tools/osv-scanner/go.sum
@@ -15,6 +15,8 @@ github.com/g-rath/osv-detector v0.7.1 h1:f6VNrJLWtH54253QTAnwRVspZ8NbmPQsHDbAglW
 github.com/g-rath/osv-detector v0.7.1/go.mod h1:P0CI4ohMPoDDXfI4ir8NqrPRiHtwOiyi7SGZR0VGj4U=
 github.com/g-rath/osv-detector v0.7.2 h1:8l4+r0XfSpKKhVv5JETui4bLxHiwqQsivOEmYtc3m/o=
 github.com/g-rath/osv-detector v0.7.2/go.mod h1:P0CI4ohMPoDDXfI4ir8NqrPRiHtwOiyi7SGZR0VGj4U=
+github.com/g-rath/osv-detector v0.8.0 h1:MeCZbLLxnMaWVuIXL8buw7fEYO7zzw/b41c2k43w0l0=
+github.com/g-rath/osv-detector v0.8.0/go.mod h1:P0CI4ohMPoDDXfI4ir8NqrPRiHtwOiyi7SGZR0VGj4U=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/jedib0t/go-pretty/v6 v6.3.8 h1:p5eZqLFMEGr7CC+9915lC4Dk7Gub6mH7NE35jDhkJsQ=
@@ -49,18 +51,23 @@ github.com/urfave/cli/v2 v2.16.3 h1:gHoFIwpPjoyIMbJp/VFd+/vuD0dAgFK4B6DpEMFJfQk=
 github.com/urfave/cli/v2 v2.16.3/go.mod h1:1CNUng3PtjQMtRzJO4FMXBQvkGtuYRxxiR9xMa7jMwI=
 github.com/urfave/cli/v2 v2.17.1 h1:UzjDEw2dJQUE3iRaiNQ1VrVFbyAtKGH3VdkMoHA58V0=
 github.com/urfave/cli/v2 v2.17.1/go.mod h1:1CNUng3PtjQMtRzJO4FMXBQvkGtuYRxxiR9xMa7jMwI=
+github.com/urfave/cli/v2 v2.19.2 h1:eXu5089gqqiDQKSnFW+H/FhjrxRGztwSxlTsVK7IuqQ=
+github.com/urfave/cli/v2 v2.19.2/go.mod h1:1CNUng3PtjQMtRzJO4FMXBQvkGtuYRxxiR9xMa7jMwI=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
 golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 h1:Y/gsMcFOcR+6S6f3YeMKl5g+dZMEWqcz5Czj/GWYbkM=
 golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.0.0-20220926161630-eccd6366d1be/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.0.0-20221005025214-4161e89ecf1b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20221012134737-56aed061732a/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/exp v0.0.0-20220916125017-b168a2c6b86b h1:SCE/18RnFsLrjydh/R/s5EVvHoZprqEQUuoxK8q2Pc4=
 golang.org/x/exp v0.0.0-20220916125017-b168a2c6b86b/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
 golang.org/x/exp v0.0.0-20220921164117-439092de6870 h1:j8b6j9gzSigH28O5SjSpQSSh9lFd6f5D/q0aHjNTulc=
 golang.org/x/exp v0.0.0-20220921164117-439092de6870/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
 golang.org/x/exp v0.0.0-20221004215720-b9f4876ce741 h1:fGZugkZk2UgYBxtpKmvub51Yno1LJDeEsRp2xGD+0gY=
 golang.org/x/exp v0.0.0-20221004215720-b9f4876ce741/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
+golang.org/x/exp v0.0.0-20221012211006-4de253d81b95 h1:sBdrWpxhGDdTAYNqbgBLAR+ULAPPhfgncLr1X0lyWtg=
+golang.org/x/exp v0.0.0-20221012211006-4de253d81b95/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=