Fix dependency cves (#6353)

* Upgraded golang.org/x/crypto v0.28.0 => v0.31.0. Signed-off-by: peng wu <2030047311@qq.com> * Upgraded golang.org/x/net v0.30.0 => v0.33.0. Signed-off-by: peng wu <2030047311@qq.com> * Upgraded github.com/golang/glog v1.2.2 => v1.2.4. Fix CVE-2024-45339. Signed-off-by: peng wu <2030047311@qq.com> * Upgrade go stdlib from 1.22.8 to 1.22.11. Fix CVE-2024-45336. Signed-off-by: peng wu <2030047311@qq.com> * Upgraded github.com/go-git/go-git/v5 v5.11.0 => v5.13.0. Fix CVE-2025-21613、CVE-2025-21614. Signed-off-by: peng wu <2030047311@qq.com> * Upgraded telemetry v1.0.1 => v1.0.2. Fix CVE-2024-45338、CVE-2024-34156、CVE-2024-34155、CVE-2024-34158、CVE-2024-4536、CVE-2024-45341. Signed-off-by: peng wu <2030047311@qq.com> --------- Signed-off-by: peng wu <2030047311@qq.com> (cherry picked from commit d38db0054c)
2025-02-08 14:54:12 +08:00
parent b34b7ea1fe
commit e7c97d3a56
158 changed files with 7268 additions and 1794 deletions
--- a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userattribute.go
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userattribute.go
@@ -9,7 +9,6 @@ import (
 	"image"
 	"image/jpeg"
 	"io"
-	"io/ioutil"
 )

 const UserAttrImageSubpacket = 1
@@ -63,7 +62,7 @@ func NewUserAttribute(contents ...*OpaqueSubpacket) *UserAttribute {

 func (uat *UserAttribute) parse(r io.Reader) (err error) {
 	// RFC 4880, section 5.13
-	b, err := ioutil.ReadAll(r)
+	b, err := io.ReadAll(r)
 	if err != nil {
 		return
 	}