diff options
| author | James O'Doherty <james@theodohertyfamily.com> | 2026-05-29 19:33:07 -0400 |
|---|---|---|
| committer | James O'Doherty <james@theodohertyfamily.com> | 2026-05-29 19:33:07 -0400 |
| commit | edf4e0f0380b6662ba88cfa00d2d2ff5a43032de (patch) | |
| tree | e96e7faa7dc7a3b12634fc18c067b205a5466cf1 /go.mod | |
| parent | b1b68a4aa441d9ce39d05f85338e371a704dd601 (diff) | |
security: upgrade dependencies to remediate transitive vulnerabilities
Upgrades several indirect and direct dependencies to their latest safe versions,
successfully resolving 26 dormant vulnerabilities identified by govulncheck.
- Upgraded golang.org/x/crypto from v0.37.0 to v0.52.0 (remediating 13 CVEs)
- Upgraded golang.org/x/net from v0.39.0 to v0.55.0 (remediating 12 CVEs)
- Upgraded golang.org/x/sys from v0.32.0 to v0.45.0 (remediating 1 CVE)
- Upgraded golang.zx2c4.com/wireguard to v0.0.0-20260522210424-ecfc5a8d5446
Ran `go mod tidy` and verified that all unit, integration, and E2E
data-plane tests continue to compile and pass successfully.
Diffstat (limited to 'go.mod')
| -rw-r--r-- | go.mod | 11 |
1 files changed, 7 insertions, 4 deletions
@@ -3,9 +3,12 @@ module git.theodohertyfamily.com/tools/wg-wrap go 1.26.3 require ( - golang.org/x/crypto v0.37.0 // indirect - golang.org/x/net v0.39.0 // indirect - golang.org/x/sys v0.32.0 // indirect + golang.org/x/sys v0.45.0 + golang.zx2c4.com/wireguard v0.0.0-20260522210424-ecfc5a8d5446 +) + +require ( + golang.org/x/crypto v0.52.0 // indirect + golang.org/x/net v0.55.0 // indirect golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect - golang.zx2c4.com/wireguard v0.0.0-20250521234502-f333402bd9cb // indirect ) |