Bump go toolchain version to address CVE-2023-45288

henrybear327 · henrybear327 · commit 0b59bc131779 · 2024-04-05T14:21:41.000+02:00
Changes: - Bump toolchain version to 1.21.9 due to CVE-2023-45288 - run `go mod tidy` Reference: - PR etcd #17703 Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
diff --git a/.github/workflows/failpoint_test.yaml b/.github/workflows/failpoint_test.yaml
@@ -17,4 +17,3 @@ jobs:
       - run: |
           make gofail-enable
           make test-failpoint
-
diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml
@@ -102,4 +102,3 @@ jobs:
       with:
         go-version: ${{ steps.goversion.outputs.goversion }}
     - run: make coverage
-
diff --git a/.go-version b/.go-version
@@ -1 +1 @@
-1.17.13
+1.21.9
diff --git a/go.mod b/go.mod
@@ -1,16 +1,16 @@
 module go.etcd.io/bbolt
 
-go 1.17
+go 1.21
 
 require (
 	github.com/stretchr/testify v1.8.1
 	go.etcd.io/gofail v0.1.0
+	golang.org/x/sync v0.5.0
 	golang.org/x/sys v0.4.0
 )
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	golang.org/x/sync v0.5.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
