This makes sure that we don't become vulnerable to CVE-2018-17419 or
CVE-2019-19794 in the future. While we are not currently vulnerable to
either, there is a risk that a PR could be made which uses one of the
vulnerable methods in the future, so it's worth going ahead and updating
to ensure that a simple PR that would easily pass code review doesn't
lead to a vulnerability.
Signed-off-by: Sam Whited <sam@samwhited.com>
This bumps vndr to 9909bb2b8a0b7ea464527b376dc50389c90df587
and revendors dependencies.
Includes a change that prunes go files with `+build ignore`
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* run latest vndr so as to collect more LICENSE files
* remove unused packages
* vendor github.com/philhofer/fwd with LICENSE.md (MIT)
* vendor github.com/bsphere/le_go with LICENSE (MIT)
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
