Merge pull request #976 from MichaelMure/fix/975/patch-security-vulnerabilities

Michael Muré created 3 years ago

fix: resolve Go vulnerabilities

Change summary

.github/workflows/benchmark.yml | 2 +-
.github/workflows/go.yml        | 9 ++++-----
.github/workflows/release.yml   | 6 +++---
cache/repo_cache_test.go        | 7 +++++++
go.mod                          | 2 +-
5 files changed, 16 insertions(+), 10 deletions(-)

Detailed changes

.github/workflows/benchmark.yml 🔗

@@ -18,7 +18,7 @@ jobs:
     steps:
       - uses: actions/setup-go@v3
         with:
-          go-version: 1.18.x
+          go-version: 1.19.4
       - uses: actions/checkout@v3
       # Run benchmark with `go test -bench` and stores the output to a file
       - name: Run benchmark

.github/workflows/go.yml 🔗

@@ -12,7 +12,7 @@ jobs:
 
     strategy:
       matrix:
-        go-version: [1.18.x]
+        go-version: [1.19.4]
         platform: [ubuntu-latest, macos-latest, windows-latest]
 
     runs-on: ${{ matrix.platform }}
@@ -20,7 +20,7 @@ jobs:
     steps:
 
       - name: Set up Go ${{ matrix.node-version }}
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
 
@@ -44,13 +44,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Install Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v3
         with:
-          go-version: 1.18.x
+          go-version: 1.19.4
 
       - name: Checkout code
         uses: actions/checkout@v2
 
       - name: Check Code Formatting
         run: find . -name "*.go" | while read line; do [ -z "$(gofmt -d "$line" | head)" ] || exit 1; done
-

.github/workflows/release.yml 🔗

@@ -12,9 +12,9 @@ jobs:
 
     steps:
       - name: Set up Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v3
         with:
-          go-version: 1.18.x
+          go-version: 1.19.4
 
       - name: Check out code
         uses: actions/checkout@v2
@@ -38,4 +38,4 @@ jobs:
           repo_token: "${{ secrets.GITHUB_TOKEN }}"
           draft: true
           prerelease: false
-          files: dist/*
+          files: dist/*

cache/repo_cache_test.go 🔗

@@ -149,6 +149,13 @@ func TestCache(t *testing.T) {
 	require.NoError(t, err)
 	_, err = cache.Bugs().ResolvePrefix(bug1.Id().String()[:10])
 	require.NoError(t, err)
+
+	// Close
+	require.NoError(t, cache.Close())
+	require.Empty(t, cache.bugs.cached)
+	require.Empty(t, cache.bugs.excerpts)
+	require.Empty(t, cache.identities.cached)
+	require.Empty(t, cache.identities.excerpts)
 }
 
 func TestCachePushPull(t *testing.T) {

go.mod 🔗

@@ -1,6 +1,6 @@
 module github.com/MichaelMure/git-bug
 
-go 1.18
+go 1.19
 
 require (
 	github.com/99designs/gqlgen v0.17.20