[Release 1.11] Pin contrib 1.11.1-rc.1, Update retracted dependency, add CI...

[Release 1.11] Pin contrib 1.11.1-rc.1, Update retracted dependency, add CI check for retracted dependencies (#6452) * Add retracted dep check and upgrade retracted bluemonday version Signed-off-by: N Bernd Verst <github@bernd.dev> * Pin contrib 1.11.1-rc.1 Signed-off-by: N Bernd Verst <github@bernd.dev> --------- Signed-off-by: N Bernd Verst <github@bernd.dev>

[Release 1.11] Pin contrib 1.11.1-rc.1, Update retracted dependency, add CI...
[Release 1.11] Pin contrib 1.11.1-rc.1, Update retracted dependency, add CI check for retracted dependencies (#6452) * Add retracted dep check and upgrade retracted bluemonday version Signed-off-by: N Bernd Verst <github@bernd.dev> * Pin contrib 1.11.1-rc.1 Signed-off-by: N Bernd Verst <github@bernd.dev> --------- Signed-off-by: N Bernd Verst <github@bernd.dev>
19f05997 · Bernd Verst · GitHub · 3b8b2e26 · 19f05997 · 19f05997
隐藏空白更改
内联并排

Showing with 16 addition and 4 deletion

.github/workflows/dapr.yml .github/workflows/dapr.yml +7 -0

go.mod go.mod +6 -1

go.sum go.sum +3 -3

未找到文件。
--- a/.github/workflows/dapr.yml
+++ b/.github/workflows/dapr.yml
@@ -90,6 +90,13 @@ jobs:
          args: --build-tags allcomponents
      - name: Run go mod tidy check diff
        run: make modtidy check-diff
+      - name: Check for retracted dependencies
+        run: |
+          if [[ $(go list -mod=mod -f '{{if .Retracted}}{{.}}{{end}}' -u -m all) ]]; then
+            exit 1
+          else
+            exit 0
+          fi
      - name: Run gen-proto check diff
        run: |
          wget https://github.com/protocolbuffers/protobuf/releases/download/v${{ env.PROTOC_VERSION }}/protoc-${{ env.PROTOC_VERSION }}-linux-x86_64.zip

--- a/go.mod
+++ b/go.mod
@@ -9,7 +9,7 @@ require (
 	github.com/PuerkitoBio/purell v1.2.0
 	github.com/argoproj/argo-rollouts v1.4.1
 	github.com/cenkalti/backoff/v4 v4.2.1
-	github.com/dapr/components-contrib v1.11.0-rc.11
+	github.com/dapr/components-contrib v1.11.1-rc.1
 	github.com/dapr/kit v0.11.2
 	github.com/evanphx/json-patch/v5 v5.6.0
 	github.com/fasthttp/router v1.4.18
@@ -427,10 +427,15 @@ replace (
 	dubbo.apache.org/dubbo-go/v3 => dubbo.apache.org/dubbo-go/v3 v3.0.3-0.20230118042253-4f159a2b38f3
 	// the following lines are necessary to update to commits with proper licenses
 	github.com/chzyer/logex => github.com/chzyer/logex v1.2.1
+
 	github.com/toolkits/concurrent => github.com/niean/gotools v0.0.0-20151221085310-ff3f51fc5c60
 	gopkg.in/couchbaselabs/gocbconnstr.v1 => github.com/couchbaselabs/gocbconnstr v1.0.5
 )

+// update retracted indirect dependencies if necessary
+// check for retracted versions: go list -mod=mod -f '{{if .Retracted}}{{.}}{{end}}' -u -m all
+replace github.com/microcosm-cc/bluemonday => github.com/microcosm-cc/bluemonday v1.0.24
+
 // TODO: Remove this when upgrading the library to 2.0.10 or higher
 replace github.com/lestrrat-go/jwx/v2 => github.com/lestrrat-go/jwx/v2 v2.0.9-0.20230526134723-5f998ac6c826


--- a/go.sum
+++ b/go.sum
@@ -401,8 +401,8 @@ github.com/dancannon/gorethink v4.0.0+incompatible h1:KFV7Gha3AuqT+gr0B/eKvGhbjm
 github.com/dancannon/gorethink v4.0.0+incompatible/go.mod h1:BLvkat9KmZc1efyYwhz3WnybhRZtgF1K929FD8z1avU=
 github.com/danieljoos/wincred v1.1.2 h1:QLdCxFs1/Yl4zduvBdcHB8goaYk9RARS2SgLLRuAyr0=
 github.com/danieljoos/wincred v1.1.2/go.mod h1:GijpziifJoIBfYh+S7BbkdUTU4LfM+QnGqR5Vl2tAx0=
-github.com/dapr/components-contrib v1.11.0-rc.11 h1:PFUTCCfZ+99BIorCNR+mB/CEGnGFNMbI0OhQQ9pbq3E=
-github.com/dapr/components-contrib v1.11.0-rc.11/go.mod h1:prx2ATX6wFnR6Cp1xXGW3J9s5Gyz9AtOrG0xBf7QnHI=
+github.com/dapr/components-contrib v1.11.1-rc.1 h1:wYUya8qA/Xvwlm9O8yy3i6lbXqXn4uiObrGlb8xmE6Y=
+github.com/dapr/components-contrib v1.11.1-rc.1/go.mod h1:prx2ATX6wFnR6Cp1xXGW3J9s5Gyz9AtOrG0xBf7QnHI=
 github.com/dapr/kit v0.11.2 h1:4tJre4OWyOfBFDZeDvEIC+7nYgTRgqpCvo4/bfB2sN8=
 github.com/dapr/kit v0.11.2/go.mod h1:Iq5mKuZnmO+Lyu7MC8755YWv+mp3h7/nomRQcjZfN5k=
 github.com/dave/jennifer v1.4.0/go.mod h1:fIb+770HOpJ2fmN9EPPKOqm1vMGhB+TwXKMZhrIygKg=
@@ -1115,7 +1115,7 @@ github.com/mattn/go-sqlite3 v1.14.16 h1:yOQRA0RpS5PFz/oikGwBEqvAWhWg5ufRz4ETLjwp
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
 github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
-github.com/microcosm-cc/bluemonday v1.0.21 h1:dNH3e4PSyE4vNX+KlRGHT5KrSvjeUkoNPwEORjffHJg=
+github.com/microcosm-cc/bluemonday v1.0.24 h1:NGQoPtwGVcbGkKfvyYk1yRqknzBuoMiUrO6R7uFTPlw=
 github.com/microsoft/durabletask-go v0.2.4 h1:jeTz559GSXHmOzp5iTbeIq35YYxKSaDHkJcnl8F9wX4=
 github.com/microsoft/durabletask-go v0.2.4/go.mod h1:UtJXHmKalksdccRiN9Y16cHJYYtZN0bqmqOSiy56V8g=
 github.com/microsoft/go-mssqldb v0.21.0 h1:p2rpHIL7TlSv1QrbXJUAcbyRKnIT0C9rRkH2E4OjLn8=