Updated yaml dependency - although dependabot raised an issue, Gokapi was not affected by CVE-2022-28948, as v2 was used

2026-01-05 16:29:52 -06:00 · 2022-05-31 18:33:41 +02:00
parent 37facb96a2
commit 0b78939d09
3 changed files with 3 additions and 3 deletions
--- a/build/go.mod
+++ b/build/go.mod
@@ -12,7 +12,7 @@ require (
 	golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
 	golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602
 	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
-	gopkg.in/yaml.v2 v2.4.0
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
 )

 require (
--- a/go.mod
+++ b/go.mod
@@ -12,7 +12,7 @@ require (
 	golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
 	golang.org/x/oauth2 v0.0.0-20210402161424-2e8d93401602
 	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
-	gopkg.in/yaml.v2 v2.4.0
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
 )

 require (
--- a/internal/configuration/cloudconfig/CloudConfig.go
+++ b/internal/configuration/cloudconfig/CloudConfig.go
@@ -5,7 +5,7 @@ import (
 	"github.com/forceu/gokapi/internal/environment"
 	"github.com/forceu/gokapi/internal/helper"
 	"github.com/forceu/gokapi/internal/models"
-	"gopkg.in/yaml.v2"
+	"gopkg.in/yaml.v3"
 	"io/ioutil"
 	"os"
 )