From ff6d8a786330d55772afd687e56ae9b9858d603b Mon Sep 17 00:00:00 2001
From: WhiteSource Renovate <bot@renovateapp.com>
Date: Thu, 13 Oct 2022 05:11:40 +0200
Subject: [PATCH] Update tools (#768)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[github.com/g-rath/osv-detector](https://togithub.com/g-rath/osv-detector)
| require | minor | `v0.7.2` -> `v0.8.0` |
| [github.com/urfave/cli/v2](https://togithub.com/urfave/cli) | require
| minor | `v2.17.1` -> `v2.19.2` |
| [golang.org/x/crypto](https://togithub.com/golang/crypto) | require |
digest | `4161e89` -> `56aed06` |
| [golang.org/x/exp](https://togithub.com/golang/exp) | require | digest
| `b9f4876` -> `4de253d` |

---

### Release Notes

<details>
<summary>g-rath/osv-detector</summary>

###
[`v0.8.0`](https://togithub.com/G-Rath/osv-detector/releases/tag/v0.8.0)

[Compare
Source](https://togithub.com/g-rath/osv-detector/compare/v0.7.2...v0.8.0)

#### What's Changed

- support parsing `poetry.lock`, for Python
([https://github.com/G-Rath/osv-detector/pull/156](https://togithub.com/G-Rath/osv-detector/pull/156))
- support parsing `pubspec.lock`, for Dart
([https://github.com/G-Rath/osv-detector/pull/159](https://togithub.com/G-Rath/osv-detector/pull/159))

**Full Changelog**:
https://github.com/G-Rath/osv-detector/compare/v0.7.2...v0.8.0

</details>

<details>
<summary>urfave/cli</summary>

### [`v2.19.2`](https://togithub.com/urfave/cli/releases/tag/v2.19.2)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.19.1...v2.19.2)

#### What's Changed

- fix: stop automatic sorting for --help by
[@&#8203;FGYFFFF](https://togithub.com/FGYFFFF) in
[https://github.com/urfave/cli/pull/1430](https://togithub.com/urfave/cli/pull/1430)

#### New Contributors

- [@&#8203;FGYFFFF](https://togithub.com/FGYFFFF) made their first
contribution in
[https://github.com/urfave/cli/pull/1430](https://togithub.com/urfave/cli/pull/1430)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.19.1...v2.19.2

### [`v2.19.1`](https://togithub.com/urfave/cli/releases/tag/v2.19.1)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.19.0...v2.19.1)

#### What's Changed

- Fix:(issue\_1500). Fix slice flag value duplication issue by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1502](https://togithub.com/urfave/cli/pull/1502)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.19.0...v2.19.1

### [`v2.19.0`](https://togithub.com/urfave/cli/releases/tag/v2.19.0)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.18.2...v2.19.0)

#### What's Changed

- Fix:(issue\_1505) Fix flag alignment in help by
[@&#8203;dearchap](https://togithub.com/dearchap) in
[https://github.com/urfave/cli/pull/1506](https://togithub.com/urfave/cli/pull/1506)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.18.2...v2.19.0

### [`v2.18.2`](https://togithub.com/urfave/cli/releases/tag/v2.18.2)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.18.1...v2.18.2)

#### What's Changed

- Configure GenericFlag's Destination type as struct not pointer by
[@&#8203;nkuba](https://togithub.com/nkuba) in
[https://github.com/urfave/cli/pull/1442](https://togithub.com/urfave/cli/pull/1442)

#### New Contributors

- [@&#8203;nkuba](https://togithub.com/nkuba) made their first
contribution in
[https://github.com/urfave/cli/pull/1442](https://togithub.com/urfave/cli/pull/1442)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.18.1...v2.18.2

### [`v2.18.1`](https://togithub.com/urfave/cli/releases/tag/v2.18.1)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.18.0...v2.18.1)

#### What's Changed

- Ensure "generate" step runs in CI prior to diff check by
[@&#8203;meatballhat](https://togithub.com/meatballhat) in
[https://github.com/urfave/cli/pull/1504](https://togithub.com/urfave/cli/pull/1504)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.18.0...v2.18.1

### [`v2.18.0`](https://togithub.com/urfave/cli/releases/tag/v2.18.0)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.17.2...v2.18.0)

#### What's Changed

- Call FlagStringer in String() method of slice flags by
[@&#8203;fjl](https://togithub.com/fjl) in
[https://github.com/urfave/cli/pull/1508](https://togithub.com/urfave/cli/pull/1508)

#### New Contributors

- [@&#8203;fjl](https://togithub.com/fjl) made their first contribution
in
[https://github.com/urfave/cli/pull/1508](https://togithub.com/urfave/cli/pull/1508)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.17.2...v2.18.0

### [`v2.17.2`](https://togithub.com/urfave/cli/releases/tag/v2.17.2)

[Compare
Source](https://togithub.com/urfave/cli/compare/v2.17.1...v2.17.2)

#### What's Changed

- Remove nonexistent phony targets by
[@&#8203;meatballhat](https://togithub.com/meatballhat) in
[https://github.com/urfave/cli/pull/1503](https://togithub.com/urfave/cli/pull/1503)
- wrap: Avoid trailing whitespace for empty lines by
[@&#8203;abitrolly](https://togithub.com/abitrolly) in
[https://github.com/urfave/cli/pull/1513](https://togithub.com/urfave/cli/pull/1513)

#### New Contributors

- [@&#8203;abitrolly](https://togithub.com/abitrolly) made their first
contribution in
[https://github.com/urfave/cli/pull/1513](https://togithub.com/urfave/cli/pull/1513)

**Full Changelog**:
https://github.com/urfave/cli/compare/v2.17.1...v2.17.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click
this checkbox.

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/google/osv.dev).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzMi4yMjIuMyIsInVwZGF0ZWRJblZlciI6IjMyLjIzNC4yIn0=-->

Co-authored-by: Rex P <106129829+another-rex@users.noreply.github.com>
---
 tools/osv-scanner/go.mod | 8 ++++----
 tools/osv-scanner/go.sum | 7 +++++++
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/tools/osv-scanner/go.mod b/tools/osv-scanner/go.mod
index 493243651fa..ccbe9a36bfd 100644
--- a/tools/osv-scanner/go.mod
+++ b/tools/osv-scanner/go.mod
@@ -4,14 +4,14 @@ go 1.19
 
 require (
 	github.com/CycloneDX/cyclonedx-go v0.7.0
-	github.com/g-rath/osv-detector v0.7.2
+	github.com/g-rath/osv-detector v0.8.0
 	github.com/google/go-cmp v0.5.9
 	github.com/jedib0t/go-pretty/v6 v6.4.0
 	github.com/package-url/packageurl-go v0.1.0
 	github.com/spdx/tools-golang v0.3.0
-	github.com/urfave/cli/v2 v2.17.1
-	golang.org/x/crypto v0.0.0-20221005025214-4161e89ecf1b
-	golang.org/x/exp v0.0.0-20221004215720-b9f4876ce741
+	github.com/urfave/cli/v2 v2.19.2
+	golang.org/x/crypto v0.0.0-20221012134737-56aed061732a
+	golang.org/x/exp v0.0.0-20221012211006-4de253d81b95
 	golang.org/x/term v0.0.0-20220919170432-7a66f970e087
 )
 
diff --git a/tools/osv-scanner/go.sum b/tools/osv-scanner/go.sum
index 0514c6d1e93..ea8254bfdc7 100644
--- a/tools/osv-scanner/go.sum
+++ b/tools/osv-scanner/go.sum
@@ -15,6 +15,8 @@ github.com/g-rath/osv-detector v0.7.1 h1:f6VNrJLWtH54253QTAnwRVspZ8NbmPQsHDbAglW
 github.com/g-rath/osv-detector v0.7.1/go.mod h1:P0CI4ohMPoDDXfI4ir8NqrPRiHtwOiyi7SGZR0VGj4U=
 github.com/g-rath/osv-detector v0.7.2 h1:8l4+r0XfSpKKhVv5JETui4bLxHiwqQsivOEmYtc3m/o=
 github.com/g-rath/osv-detector v0.7.2/go.mod h1:P0CI4ohMPoDDXfI4ir8NqrPRiHtwOiyi7SGZR0VGj4U=
+github.com/g-rath/osv-detector v0.8.0 h1:MeCZbLLxnMaWVuIXL8buw7fEYO7zzw/b41c2k43w0l0=
+github.com/g-rath/osv-detector v0.8.0/go.mod h1:P0CI4ohMPoDDXfI4ir8NqrPRiHtwOiyi7SGZR0VGj4U=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/jedib0t/go-pretty/v6 v6.3.8 h1:p5eZqLFMEGr7CC+9915lC4Dk7Gub6mH7NE35jDhkJsQ=
@@ -49,18 +51,23 @@ github.com/urfave/cli/v2 v2.16.3 h1:gHoFIwpPjoyIMbJp/VFd+/vuD0dAgFK4B6DpEMFJfQk=
 github.com/urfave/cli/v2 v2.16.3/go.mod h1:1CNUng3PtjQMtRzJO4FMXBQvkGtuYRxxiR9xMa7jMwI=
 github.com/urfave/cli/v2 v2.17.1 h1:UzjDEw2dJQUE3iRaiNQ1VrVFbyAtKGH3VdkMoHA58V0=
 github.com/urfave/cli/v2 v2.17.1/go.mod h1:1CNUng3PtjQMtRzJO4FMXBQvkGtuYRxxiR9xMa7jMwI=
+github.com/urfave/cli/v2 v2.19.2 h1:eXu5089gqqiDQKSnFW+H/FhjrxRGztwSxlTsVK7IuqQ=
+github.com/urfave/cli/v2 v2.19.2/go.mod h1:1CNUng3PtjQMtRzJO4FMXBQvkGtuYRxxiR9xMa7jMwI=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
 golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 h1:Y/gsMcFOcR+6S6f3YeMKl5g+dZMEWqcz5Czj/GWYbkM=
 golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.0.0-20220926161630-eccd6366d1be/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.0.0-20221005025214-4161e89ecf1b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/crypto v0.0.0-20221012134737-56aed061732a/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/exp v0.0.0-20220916125017-b168a2c6b86b h1:SCE/18RnFsLrjydh/R/s5EVvHoZprqEQUuoxK8q2Pc4=
 golang.org/x/exp v0.0.0-20220916125017-b168a2c6b86b/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
 golang.org/x/exp v0.0.0-20220921164117-439092de6870 h1:j8b6j9gzSigH28O5SjSpQSSh9lFd6f5D/q0aHjNTulc=
 golang.org/x/exp v0.0.0-20220921164117-439092de6870/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
 golang.org/x/exp v0.0.0-20221004215720-b9f4876ce741 h1:fGZugkZk2UgYBxtpKmvub51Yno1LJDeEsRp2xGD+0gY=
 golang.org/x/exp v0.0.0-20221004215720-b9f4876ce741/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
+golang.org/x/exp v0.0.0-20221012211006-4de253d81b95 h1:sBdrWpxhGDdTAYNqbgBLAR+ULAPPhfgncLr1X0lyWtg=
+golang.org/x/exp v0.0.0-20221012211006-4de253d81b95/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=