From 41db41e141d3d0997d7c4294fc68794ee20ee3dd Mon Sep 17 00:00:00 2001 From: Clay McGinnis Date: Wed, 29 Apr 2026 16:23:45 -0700 Subject: [PATCH] fix(deps): bump buger/jsonparser to v1.1.2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit GHSA-6g7g-w4f8-9c9x — denial of service in versions <= 1.1.1. Pulled in indirectly via github.com/pb33f/libopenapi -> ordered-map -> jsonparser. --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index c18f66e..24e4c18 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( require ( github.com/bahlo/generic-list-go v0.2.0 // indirect - github.com/buger/jsonparser v1.1.1 // indirect + github.com/buger/jsonparser v1.1.2 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/pb33f/jsonpath v0.8.1 // indirect github.com/pb33f/ordered-map/v2 v2.3.0 // indirect diff --git a/go.sum b/go.sum index bdae60f..f85f564 100644 --- a/go.sum +++ b/go.sum @@ -1,7 +1,7 @@ github.com/bahlo/generic-list-go v0.2.0 h1:5sz/EEAK+ls5wF+NeqDpk5+iNdMDXrh3z3nPnH1Wvgk= github.com/bahlo/generic-list-go v0.2.0/go.mod h1:2KvAjgMlE5NNynlg/5iLrrCCZ2+5xWbdbCW3pNTGyYg= -github.com/buger/jsonparser v1.1.1 h1:2PnMjfWD7wBILjqQbt530v576A/cAbQvEW9gGIpYMUs= -github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= +github.com/buger/jsonparser v1.1.2 h1:frqHqw7otoVbk5M8LlE/L7HTnIq2v9RX6EJ48i9AxJk= +github.com/buger/jsonparser v1.1.2/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=