Vulnerable module import: github.com/hashicorp/go-retryablehttp

The version of used `github.com/hashicorp/go-retryablehttp` module has known vuln: [GO-2024-2947](https://pkg.go.dev/vuln/GO-2024-2947)

```
$ govulncheck ./...
=== Symbol Results ===

Vulnerability #1: GO-2024-2947
    Leak of sensitive information to log files in
    github.com/hashicorp/go-retryablehttp
  More info: https://pkg.go.dev/vuln/GO-2024-2947
  Module: github.com/hashicorp/go-retryablehttp
    Found in: github.com/hashicorp/go-retryablehttp@v0.7.1
    Fixed in: github.com/hashicorp/go-retryablehttp@v0.7.7
    Example traces found:
      #1: connection.go:458:23: databricks.conn.handleStagingPut calls http.Client.Do, which eventually calls retryablehttp.RoundTripper.RoundTrip

Your code is affected by 1 vulnerability from 1 module.
This scan also found 2 vulnerabilities in packages you import and 2
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
```

Please, update your `go.mod`

Ofc, the manual update in my `go.mod` is a valid option.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerable module import: github.com/hashicorp/go-retryablehttp #251

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Vulnerable module import: github.com/hashicorp/go-retryablehttp #251

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions