Fix cves v0.53.x (#650)

* Bumo golang to 1.19.3

Signed-off-by: Neil Hickey <[email protected]>

* Fix CVEs

Signed-off-by: Neil Hickey <[email protected]>

* Updating the go and ubuntu version

Signed-off-by: Neil Hickey <[email protected]>
Co-authored-by: rohitagg2020 <[email protected]>

.github/workflows/golangci-lint.yml

@@ -12,15 +12,15 @@ jobs:
     name: lint
     runs-on: ubuntu-latest
     steps:
-      - name: Install Go 1.18
+      - name: Install Go 1.19.3
         uses: actions/setup-go@v3
         with:
-          go-version: "1.18"
+          go-version: "1.19.3"
       - uses: actions/checkout@v2
         with:
           fetch-depth: '0'
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v3
         with:
-          version: v1.45.2
+          version: v1.50.1
           args: -v

.github/workflows/release.yml

@@ -18,7 +18,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.18.3
+          go-version: 1.19.3
 
       - name: Build kapp Script
         run: |

.github/workflows/test-gh-k8s-1.16.yml

@@ -8,12 +8,12 @@ on:
 jobs:
   test-all:
     name: Test GH
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     steps:
       - name: Set up Go 1.x
         uses: actions/setup-go@v1
         with:
-          go-version: "1.18"
+          go-version: "1.19.3"
       - name: Check out code into the Go module directory
         uses: actions/checkout@v2
         with:

.github/workflows/test-gh.yml

@@ -13,7 +13,7 @@ jobs:
     - name: Set up Go 1.x
       uses: actions/setup-go@v1
       with:
-        go-version: "1.18"
+        go-version: "1.19.3"
     - name: Check out code into the Go module directory
       uses: actions/checkout@v2
       with:

.github/workflows/trivy-scan.yml

@@ -10,7 +10,7 @@ jobs:
     with:
       repo: vmware-tanzu/carvel-kapp
       tool: kapp
-      goVersion: 1.18
+      goVersion: 1.19.3
     secrets:
       githubToken: ${{ secrets.GITHUB_TOKEN }}
       slackWebhookURL: ${{ secrets.SLACK_WEBHOOK_URL }}

.golangci.yml

@@ -4,7 +4,6 @@ linters:
   enable:
     - goheader
     - revive
-    - deadcode
     - unused
   disable-all: true
 # all available settings of specific linters

go.mod

@@ -1,6 +1,6 @@
 module github.com/vmware-tanzu/carvel-kapp
 
-go 1.18
+go 1.19
 
 require (
 	github.com/cppforlife/cobrautil v0.0.0-20220907150944-da5ee3a6ab1f
@@ -63,7 +63,7 @@ require (
 	golang.org/x/oauth2 v0.0.0-20220524215830-622c5d57e401 // indirect
 	golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10 // indirect
 	golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
-	golang.org/x/text v0.3.7 // indirect
+	golang.org/x/text v0.3.8 // indirect
 	golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.28.0 // indirect

go.sum

@@ -615,8 +615,9 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.3.8 h1:nAL+RVCQ9uMn3vJZbV+MRnydTJFPf8qqY42YiA6MrqY=
+golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=