From 0f99dbb37c40c8990d372791f64ae12f268f2c6f Mon Sep 17 00:00:00 2001
From: rksharma95 <ramakant@accuknox.com>
Date: Wed, 15 Jan 2025 22:16:09 +0530
Subject: [PATCH] point vulenrable packages to fixed versions

Signed-off-by: rksharma95 <ramakant@accuknox.com>
---
 go.mod | 7 +++++++
 go.sum | 5 -----
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/go.mod b/go.mod
index d9314954..c5ad99b7 100644
--- a/go.mod
+++ b/go.mod
@@ -26,6 +26,13 @@ require (
 	sigs.k8s.io/yaml v1.4.0
 )
 
+replace (
+	github.com/notaryproject/notation-go/signer => github.com/notaryproject/notation-go/signer v1.2.1
+	google.golang.org/protobuf/encoding/protojson => google.golang.org/protobuf/encoding/protojson v1.36.2
+	google.golang.org/protobuf/internal/encoding/json => google.golang.org/protobuf/internal/encoding/json v1.36.2
+	gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.4.0
+)
+
 require (
 	github.com/accuknox/auto-policy-discovery/src v0.0.0-20230912162532-0b5b73425c5a
 	github.com/charmbracelet/bubbles v0.20.0
diff --git a/go.sum b/go.sum
index ee4aa421..a413e821 100644
--- a/go.sum
+++ b/go.sum
@@ -1310,11 +1310,6 @@ gopkg.in/natefinch/lumberjack.v2 v2.2.1 h1:bBRl1b0OH9s/DuPhuXpNl+VtCaJXFZ5/uEFST
 gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYskCTPBJVb9jqSc=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
-gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=