Merge pull request #9 from krakend/update_rules_to_2_5

Update rules to 2.5
krakend · Nov 21, 2023 · 18b9a94 · 18b9a94
2 parents 1666879 + de706f4
commit 18b9a94
Show file tree

Hide file tree

Showing 12 changed files with 532 additions and 1,196 deletions.
diff --git a/audit.go b/audit.go
@@ -86,6 +86,7 @@ var ruleSet = []Rule{
 	NewRule("2.1.3", SeverityCritical, "TLS is configured but its disable flag prevents from using it.", hasTLSDisabled),
 	NewRule("2.1.7", SeverityHigh, "Enable HTTP security header checks (security/http).", hasNoHTTPSecure),
 	NewRule("2.1.8", SeverityHigh, "Avoid clear text communication (h2c).", hasH2C),
+	NewRule("2.1.9", SeverityLow, "Establish secure connections in internal traffic (avoid insecure_connections internally)", hasBackendInsecureConnections),
 	NewRule("2.2.1", SeverityMedium, "Hide the version banner in runtime.", hasNoObfuscatedVersionHeader),
 	NewRule("2.2.2", SeverityHigh, "Enable CORS.", hasNoCORS),
 	NewRule("2.2.3", SeverityHigh, "Avoid passing all input headers to the backend.", hasHeadersWildcard),
@@ -105,6 +106,9 @@ var ruleSet = []Rule{
 	NewRule("5.1.2", SeverityLow, "Disable the /__debug/ endpoint for added security.", hasDebugEnabled),
 	NewRule("5.1.3", SeverityLow, "Disable the /__echo/ endpoint for added security.", hasEchoEnabled),
 	NewRule("5.1.4", SeverityLow, "Declare explicit endpoints instead of using wildcards.", hasEndpointWildcard),
+	NewRule("5.1.5", SeverityMedium, "Declare explicit endpoints instead of using /__catchall.", hasEndpointCatchAll),
+	NewRule("5.1.6", SeverityMedium, "Avoid using multiple write methods in endpoint definitions.", hasMultipleUnsafeMethods),
+	NewRule("5.1.7", SeverityMedium, "Avoid using sequential proxy.", hasSequentialProxy),
 	NewRule("5.2.1", SeverityCritical, "Ensure all endpoints have at least one backend for proper functionality.", hasEndpointWithoutBackends),
 	NewRule("5.2.2", SeverityLow, "Benefit from the backend for frontend pattern capabilities.", hasASingleBackendPerEndpoint),
 	NewRule("5.2.3", SeverityLow, "Avoid coupling clients by overusing no-op encoding.", hasAllEndpointsAsNoop),

diff --git a/audit_example_test.go b/audit_example_test.go
@@ -43,5 +43,8 @@ func ExampleAudit() {
 	// 12: 4.1.1 MEDIUM  	Implement a telemetry system for collecting metrics for monitoring and troubleshooting.
 	// 13: 4.2.1 MEDIUM  	Implement a telemetry system for tracing for monitoring and troubleshooting.
 	// 14: 4.3.1 MEDIUM  	Use the improved logging component for better log parsing.
+	// 15: 5.1.5 MEDIUM  	Declare explicit endpoints instead of using /__catchall.
+	// 16: 5.1.6 MEDIUM  	Avoid using multiple write methods in endpoint definitions.
+	// 17: 5.1.7 MEDIUM  	Avoid using sequential proxy.
 
 }
diff --git a/audit_test.go b/audit_test.go
@@ -14,6 +14,7 @@ func TestAudit_all(t *testing.T) {
 			"2.1.3",
 			"2.1.7",
 			"2.1.8",
+			"2.1.9",
 			"2.2.1",
 			"2.2.2",
 			"2.2.3",
@@ -32,7 +33,10 @@ func TestAudit_all(t *testing.T) {
 			"5.1.2",
 			"5.1.3",
 			"5.1.4",
-			"5.2.2",
+			"5.1.5",
+			"5.1.6",
+			"5.1.7",
+			// "5.2.2", -- we added multiple backends to the test to check for multiple unsafe methods
 		},
 		levels: []string{SeverityCritical, SeverityHigh, SeverityMedium, SeverityLow},
 	}
@@ -45,6 +49,7 @@ func TestAudit_exclude(t *testing.T) {
 			"2.1.3",
 			"2.1.7",
 			"2.1.8",
+			"2.1.9",
 			"2.2.1",
 			"2.2.2",
 			"2.2.3",
@@ -63,7 +68,10 @@ func TestAudit_exclude(t *testing.T) {
 			"5.1.2",
 			"5.1.3",
 			"5.1.4",
-			"5.2.2",
+			"5.1.5",
+			"5.1.6",
+			"5.1.7",
+			// "5.2.2", -- we added multiple backends to the test to check for multiple unsafe methods
 		},
 		exclude: []string{"1.1.1", "1.1.2"},
 		levels:  []string{SeverityCritical, SeverityHigh, SeverityMedium, SeverityLow},
@@ -106,6 +114,9 @@ func testAudit(t *testing.T, tc testCase) {
 	}
 	for i, id := range tc.expectedRecommendations {
 		if i >= len(result.Recommendations) {
+			for j := i; j < len(tc.expectedRecommendations); j++ {
+				t.Errorf("missing recomendation: %s", tc.expectedRecommendations[j])
+			}
 			break
 		}
 		if result.Recommendations[i].Rule != id {

diff --git a/encode.go b/encode.go
@@ -55,27 +55,33 @@ func Unmarshal(b []byte, s *Service) error {
 }
 
 var componentAlias = map[string]string{
-	server.Namespace:         "a",
-	client.Namespace:         "b",
-	plugin.Namespace:         "c",
-	proxy.Namespace:          "d",
-	router.Namespace:         "e",
-	bf.Namespace:             "f",
-	botdetector.Namespace:    "g",
-	opencensus.Namespace:     "h",
-	ratelimit.Namespace:      "i",
-	ratelimitProxy.Namespace: "j",
-	"telemetry/newrelic":     "k",
-	"telemetry/ganalytics":   "l",
-	"telemetry/instana":      "m",
-	jose.ValidatorNamespace:  "n",
-	jose.SignerNamespace:     "o",
-	"auth/api-keys":          "p",
-	httpsecure.Namespace:     "q",
-	gologging.Namespace:      "r",
-	gelf.Namespace:           "s",
-	logstash.Namespace:       "t",
-	"backend/grpc":           "u",
+	server.Namespace:            "a",
+	client.Namespace:            "b",
+	plugin.Namespace:            "c",
+	proxy.Namespace:             "d",
+	router.Namespace:            "e",
+	bf.Namespace:                "f",
+	botdetector.Namespace:       "g",
+	opencensus.Namespace:        "h",
+	ratelimit.Namespace:         "i",
+	ratelimitProxy.Namespace:    "j",
+	"telemetry/newrelic":        "k",
+	"telemetry/ganalytics":      "l",
+	"telemetry/instana":         "m",
+	jose.ValidatorNamespace:     "n",
+	jose.SignerNamespace:        "o",
+	"auth/api-keys":             "p",
+	httpsecure.Namespace:        "q",
+	gologging.Namespace:         "r",
+	gelf.Namespace:              "s",
+	logstash.Namespace:          "t",
+	"backend/grpc":              "u",
+	"auth/basic":                "v",
+	"server/virtualhost":        "w",
+	"server/static-filesystem":  "x",
+	"backend/static-filesystem": "y",
+	"backend/http/client":       "z",
+	"telemetry/moesif":          "0",
 }
 
 func applyAlias(s Service) Service {

diff --git a/go.mod b/go.mod
@@ -4,146 +4,139 @@ go 1.19
 
 require (
 	github.com/krakendio/bloomfilter/v2 v2.0.4
-	github.com/krakendio/krakend-botdetector/v2 v2.0.3
+	github.com/krakendio/krakend-botdetector/v2 v2.1.0
 	github.com/krakendio/krakend-circuitbreaker/v2 v2.0.1
 	github.com/krakendio/krakend-cors/v2 v2.0.1
 	github.com/krakendio/krakend-gelf/v2 v2.0.1
 	github.com/krakendio/krakend-gologging/v2 v2.0.3
 	github.com/krakendio/krakend-httpsecure/v2 v2.0.1
-	github.com/krakendio/krakend-jose/v2 v2.0.5
+	github.com/krakendio/krakend-jose/v2 v2.3.0
 	github.com/krakendio/krakend-logstash/v2 v2.0.1
 	github.com/krakendio/krakend-metrics/v2 v2.0.1
-	github.com/krakendio/krakend-opencensus/v2 v2.0.1
-	github.com/krakendio/krakend-ratelimit/v3 v3.0.0
+	github.com/krakendio/krakend-opencensus/v2 v2.1.0
+	github.com/krakendio/krakend-ratelimit/v3 v3.1.0
 	github.com/krakendio/krakend-rss/v2 v2.0.1
-	github.com/krakendio/krakend-xml/v2 v2.0.1
-	github.com/luraproject/lura/v2 v2.3.1-0.20230929204025-69ca25ee70f7
+	github.com/krakendio/krakend-xml/v2 v2.1.0
+	github.com/luraproject/lura/v2 v2.4.2
+	github.com/mitchellh/mapstructure v1.5.0
 )
 
 require (
-	cloud.google.com/go v0.100.2 // indirect
-	cloud.google.com/go/compute v1.5.0 // indirect
-	cloud.google.com/go/iam v0.3.0 // indirect
-	cloud.google.com/go/kms v1.4.0 // indirect
-	github.com/Azure/azure-sdk-for-go v59.3.0+incompatible // indirect
-	github.com/Azure/go-autorest v14.2.0+incompatible // indirect
-	github.com/Azure/go-autorest/autorest v0.11.22 // indirect
-	github.com/Azure/go-autorest/autorest/adal v0.9.17 // indirect
-	github.com/Azure/go-autorest/autorest/azure/auth v0.5.9 // indirect
-	github.com/Azure/go-autorest/autorest/azure/cli v0.4.2 // indirect
-	github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
-	github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
-	github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect
-	github.com/Azure/go-autorest/logger v0.2.1 // indirect
-	github.com/Azure/go-autorest/tracing v0.6.0 // indirect
-	github.com/PuerkitoBio/goquery v1.5.1 // indirect
-	github.com/andybalholm/cascadia v1.1.0 // indirect
-	github.com/armon/go-metrics v0.3.10 // indirect
-	github.com/armon/go-radix v1.0.0 // indirect
-	github.com/auth0-community/go-auth0 v1.0.0 // indirect
-	github.com/aws/aws-sdk-go v1.43.31 // indirect
-	github.com/aws/aws-sdk-go-v2 v1.16.2 // indirect
-	github.com/aws/aws-sdk-go-v2/config v1.15.3 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.11.2 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.3 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.9 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.3 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/ini v1.3.10 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/kms v1.16.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.11.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.16.3 // indirect
-	github.com/aws/smithy-go v1.11.2 // indirect
-	github.com/bytedance/sonic v1.9.1 // indirect
+	cloud.google.com/go/compute v1.23.3 // indirect
+	cloud.google.com/go/compute/metadata v0.2.3 // indirect
+	cloud.google.com/go/iam v1.1.5 // indirect
+	cloud.google.com/go/kms v1.15.5 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.9.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.4.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 // indirect
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.0 // indirect
+	github.com/PuerkitoBio/goquery v1.8.1 // indirect
+	github.com/andybalholm/cascadia v1.3.2 // indirect
+	github.com/aws/aws-sdk-go v1.47.13 // indirect
+	github.com/aws/aws-sdk-go-v2 v1.23.0 // indirect
+	github.com/aws/aws-sdk-go-v2/config v1.25.2 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.16.1 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.14.4 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.2.3 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.5.3 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.7.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.10.1 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.10.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/kms v1.26.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.17.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.19.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.25.2 // indirect
+	github.com/aws/smithy-go v1.17.0 // indirect
+	github.com/bytedance/sonic v1.10.2 // indirect
 	github.com/cenkalti/backoff/v3 v3.2.2 // indirect
-	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
+	github.com/chenzhuoyu/base64x v0.0.0-20230717121745-296ad89f973d // indirect
+	github.com/chenzhuoyu/iasm v0.9.1 // indirect
 	github.com/clbanning/mxj v1.8.4 // indirect
-	github.com/dimchansky/utfbom v1.1.1 // indirect
-	github.com/fatih/color v1.13.0 // indirect
-	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
+	github.com/fatih/color v1.16.0 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
 	github.com/gin-gonic/gin v1.9.1 // indirect
+	github.com/go-jose/go-jose/v3 v3.0.1 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
-	github.com/go-playground/validator/v10 v10.14.0 // indirect
+	github.com/go-playground/validator/v10 v10.16.0 // indirect
+	github.com/go-test/deep v1.1.0 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
-	github.com/golang-jwt/jwt/v4 v4.4.1 // indirect
+	github.com/golang-jwt/jwt/v5 v5.1.0 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.2 // indirect
-	github.com/golang/snappy v0.0.4 // indirect
-	github.com/google/go-cmp v0.5.7 // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/google/s2a-go v0.1.7 // indirect
+	github.com/google/uuid v1.4.0 // indirect
 	github.com/google/wire v0.5.0 // indirect
-	github.com/googleapis/gax-go/v2 v2.2.0 // indirect
+	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
+	github.com/googleapis/gax-go/v2 v2.12.0 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
-	github.com/hashicorp/go-hclog v1.2.0 // indirect
-	github.com/hashicorp/go-immutable-radix v1.3.1 // indirect
+	github.com/hashicorp/go-hclog v1.5.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
-	github.com/hashicorp/go-plugin v1.4.3 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.0 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
 	github.com/hashicorp/go-rootcerts v1.0.2 // indirect
-	github.com/hashicorp/go-secure-stdlib/mlock v0.1.2 // indirect
-	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.4 // indirect
+	github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 // indirect
 	github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect
-	github.com/hashicorp/go-sockaddr v1.0.2 // indirect
-	github.com/hashicorp/go-uuid v1.0.2 // indirect
-	github.com/hashicorp/go-version v1.4.0 // indirect
-	github.com/hashicorp/golang-lru v0.5.4 // indirect
-	github.com/hashicorp/hcl v1.0.0 // indirect
-	github.com/hashicorp/vault/api v1.5.0 // indirect
-	github.com/hashicorp/vault/sdk v0.4.1 // indirect
-	github.com/hashicorp/yamux v0.0.0-20211028200310-0bc27b27de87 // indirect
+	github.com/hashicorp/go-sockaddr v1.0.6 // indirect
+	github.com/hashicorp/golang-lru v1.0.2 // indirect
+	github.com/hashicorp/hcl v1.0.1-vault-5 // indirect
+	github.com/hashicorp/vault/api v1.10.0 // indirect
 	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.6 // indirect
+	github.com/kr/text v0.2.0 // indirect
+	github.com/krakend/go-auth0 v1.0.0 // indirect
 	github.com/krakendio/flatmap v1.1.1 // indirect
+	github.com/kylelemons/godebug v1.1.0 // indirect
 	github.com/leodido/go-urn v1.2.4 // indirect
-	github.com/mattn/go-colorable v0.1.12 // indirect
-	github.com/mattn/go-isatty v0.0.19 // indirect
-	github.com/mitchellh/copystructure v1.2.0 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
-	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
-	github.com/mitchellh/mapstructure v1.4.3 // indirect
-	github.com/mitchellh/reflectwalk v1.0.2 // indirect
-	github.com/mmcdole/gofeed v1.1.3 // indirect
-	github.com/mmcdole/goxpp v0.0.0-20181012175147-0068e33feabf // indirect
+	github.com/mmcdole/gofeed v1.2.1 // indirect
+	github.com/mmcdole/goxpp v1.1.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/oklog/run v1.1.0 // indirect
 	github.com/op/go-logging v0.0.0-20160315200505-970db520ece7 // indirect
-	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
-	github.com/pierrec/lz4 v2.6.1+incompatible // indirect
-	github.com/rcrowley/go-metrics v0.0.0-20180406234716-d932a24a8ccb // indirect
+	github.com/pelletier/go-toml/v2 v2.1.0 // indirect
+	github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
+	github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
+	github.com/rogpeppe/go-internal v1.8.1 // indirect
 	github.com/ryanuber/go-glob v1.0.0 // indirect
-	github.com/sony/gobreaker v0.4.1 // indirect
-	github.com/tmthrgd/atomics v0.0.0-20180217065130-6910de195248 // indirect
-	github.com/tmthrgd/go-bitset v0.0.0-20180828125936-62ad9ed7ff29 // indirect
-	github.com/tmthrgd/go-bitwise v0.0.0-20170218093117-01bef038b6bd // indirect
-	github.com/tmthrgd/go-byte-test v0.0.0-20170223110042-2eb5216b83f7 // indirect
-	github.com/tmthrgd/go-hex v0.0.0-20180828131331-d1fb3dbb16a1 // indirect
-	github.com/tmthrgd/go-memset v0.0.0-20180828131805-6f4e59bf1e1d // indirect
-	github.com/tmthrgd/go-popcount v0.0.0-20180111143836-3918361d3e97 // indirect
+	github.com/sony/gobreaker v0.5.0 // indirect
+	github.com/tmthrgd/atomics v0.0.0-20190904060638-dc7a5fcc7e0d // indirect
+	github.com/tmthrgd/go-bitset v0.0.0-20190904054048-394d9a556c05 // indirect
+	github.com/tmthrgd/go-bitwise v0.0.0-20190904053232-1430ee983fca // indirect
+	github.com/tmthrgd/go-byte-test v0.0.0-20190904060354-2794345b9929 // indirect
+	github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc // indirect
+	github.com/tmthrgd/go-memset v0.0.0-20190904060434-6fb7a21f88f1 // indirect
+	github.com/tmthrgd/go-popcount v0.0.0-20190904054823-afb1ace8b04f // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
-	github.com/unrolled/secure v0.0.0-20180918153822-f340ee86eb8b // indirect
+	github.com/unrolled/secure v1.13.0 // indirect
 	github.com/valyala/fastrand v1.1.0 // indirect
-	go.opencensus.io v0.23.0 // indirect
-	go.uber.org/atomic v1.9.0 // indirect
-	gocloud.dev v0.25.0 // indirect
-	gocloud.dev/secrets/hashivault v0.25.0 // indirect
-	golang.org/x/arch v0.3.0 // indirect
-	golang.org/x/crypto v0.9.0 // indirect
-	golang.org/x/net v0.10.0 // indirect
-	golang.org/x/oauth2 v0.0.0-20220309155454-6242fa91716a // indirect
-	golang.org/x/sys v0.8.0 // indirect
-	golang.org/x/text v0.10.0 // indirect
-	golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 // indirect
-	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
-	google.golang.org/api v0.74.0 // indirect
-	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/genproto v0.0.0-20220401170504-314d38edb7de // indirect
-	google.golang.org/grpc v1.45.0 // indirect
-	google.golang.org/protobuf v1.30.0 // indirect
+	go.opencensus.io v0.24.0 // indirect
+	gocloud.dev v0.34.0 // indirect
+	gocloud.dev/secrets/hashivault v0.34.0 // indirect
+	golang.org/x/arch v0.6.0 // indirect
+	golang.org/x/crypto v0.15.0 // indirect
+	golang.org/x/net v0.18.0 // indirect
+	golang.org/x/oauth2 v0.14.0 // indirect
+	golang.org/x/sync v0.5.0 // indirect
+	golang.org/x/sys v0.14.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/time v0.4.0 // indirect
+	golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
+	google.golang.org/api v0.151.0 // indirect
+	google.golang.org/appengine v1.6.8 // indirect
+	google.golang.org/genproto v0.0.0-20231106174013-bbf56f31fb17 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20231106174013-bbf56f31fb17 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect
+	google.golang.org/grpc v1.59.0 // indirect
+	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/Graylog2/go-gelf.v2 v2.0.0-20191017102106-1550ee647df0 // indirect
 	gopkg.in/square/go-jose.v2 v2.6.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect