* [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 @ 2020-06-18 7:34 Zhixiong Chi 2020-06-18 12:49 ` Bruce Ashfield 2020-06-22 13:35 ` Bruce Ashfield 0 siblings, 2 replies; 8+ messages in thread From: Zhixiong Chi @ 2020-06-18 7:34 UTC (permalink / raw) To: bruce.ashfield, yocto Backport the CVE patch from the upstream: https://github.com/kubernetes/kubernetes.git Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> --- .../kubernetes/CVE-2019-11254.patch | 797 ++++++++++++++++++ .../kubernetes/kubernetes_git.bb | 1 + 2 files changed, 798 insertions(+) create mode 100644 recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch diff --git a/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch new file mode 100644 index 0000000..2d991a9 --- /dev/null +++ b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch @@ -0,0 +1,797 @@ +From e9ba264d57d379d86dfbf3ae94e82eb0ead9c468 Mon Sep 17 00:00:00 2001 +From: CJ Cullen <cjcullen@google.com> +Date: Wed, 22 Jan 2020 11:32:39 -0800 +Subject: [PATCH] update gopkg.in/yaml.v2 to v2.2.8 + +CVE: CVE-2019-11254 +Upstream-Status: Backport [https://github.com/kubernetes/kubernetes.git branch: release-1.16] +Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> +--- + src/import/go.mod | 4 +- + src/import/go.sum | 4 +- + src/import/staging/src/k8s.io/api/go.sum | 4 +- + .../src/k8s.io/apiextensions-apiserver/go.mod | 2 +- + .../src/k8s.io/apiextensions-apiserver/go.sum | 4 +- + src/import/staging/src/k8s.io/apimachinery/go.mod | 2 +- + src/import/staging/src/k8s.io/apimachinery/go.sum | 4 +- + src/import/staging/src/k8s.io/apiserver/go.mod | 2 +- + src/import/staging/src/k8s.io/apiserver/go.sum | 4 +- + src/import/staging/src/k8s.io/cli-runtime/go.sum | 4 +- + src/import/staging/src/k8s.io/client-go/go.sum | 4 +- + src/import/staging/src/k8s.io/cloud-provider/go.sum | 4 +- + src/import/staging/src/k8s.io/cluster-bootstrap/go.sum | 4 +- + src/import/staging/src/k8s.io/code-generator/go.mod | 2 +- + src/import/staging/src/k8s.io/code-generator/go.sum | 4 +- + src/import/staging/src/k8s.io/component-base/go.sum | 4 +- + src/import/staging/src/k8s.io/csi-translation-lib/go.sum | 4 +- + src/import/staging/src/k8s.io/kube-aggregator/go.sum | 4 +- + .../src/k8s.io/kube-controller-manager/go.sum | 4 +- + src/import/staging/src/k8s.io/kube-proxy/go.sum | 4 +- + src/import/staging/src/k8s.io/kube-scheduler/go.sum | 4 +- + src/import/staging/src/k8s.io/kubectl/go.mod | 2 +- + src/import/staging/src/k8s.io/kubectl/go.sum | 4 +- + src/import/staging/src/k8s.io/kubelet/go.sum | 4 +- + .../src/k8s.io/legacy-cloud-providers/go.sum | 4 +- + src/import/staging/src/k8s.io/metrics/go.sum | 4 +- + src/import/staging/src/k8s.io/node-api/go.sum | 4 +- + src/import/staging/src/k8s.io/sample-apiserver/go.sum | 4 +- + src/import/staging/src/k8s.io/sample-cli-plugin/go.sum | 4 +- + src/import/staging/src/k8s.io/sample-controller/go.sum | 4 +- + src/import/vendor/gopkg.in/yaml.v2/.travis.yml | 18 +-- + src/import/vendor/gopkg.in/yaml.v2/decode.go | 14 ++- + src/import/vendor/gopkg.in/yaml.v2/scannerc.go | 107 +++++++++--------- + src/import/vendor/gopkg.in/yaml.v2/yaml.go | 2 +- + src/import/vendor/gopkg.in/yaml.v2/yamlh.go | 1 + + src/import/vendor/modules.txt | 2 +- + 36 files changed, 130 insertions(+), 124 deletions(-) + +diff --git a/src/import/go.mod b/go.mod +index cf8c9147e62..884870f8843 100644 +--- a/src/import/go.mod ++++ b/src/import/go.mod +@@ -139,7 +139,7 @@ require ( + google.golang.org/grpc v1.23.0 + gopkg.in/gcfg.v1 v1.2.0 + gopkg.in/square/go-jose.v2 v2.2.2 +- gopkg.in/yaml.v2 v2.2.4 ++ gopkg.in/yaml.v2 v2.2.8 + gotest.tools v2.2.0+incompatible + gotest.tools/gotestsum v0.3.5 + honnef.co/go/tools v0.0.1-2019.2.2 +@@ -444,7 +444,7 @@ replace ( + gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 + gopkg.in/tomb.v1 => gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 + gopkg.in/warnings.v0 => gopkg.in/warnings.v0 v0.1.1 +- gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.4 ++ gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.8 + gotest.tools => gotest.tools v2.2.0+incompatible + gotest.tools/gotestsum => gotest.tools/gotestsum v0.3.5 + honnef.co/go/tools => honnef.co/go/tools v0.0.1-2019.2.2 +diff --git a/src/import/go.sum b/src/import/go.sum +index b5e3f74686f..617081d2d9e 100644 +--- a/src/import/go.sum ++++ b/src/import/go.sum +@@ -492,8 +492,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= + gopkg.in/warnings.v0 v0.1.1 h1:XM28wIgFzaBmeZ5dNHIpWLQpt/9DGKxk+rCg/22nnYE= + gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= + gotest.tools/gotestsum v0.3.5 h1:VePOWRsuWFYpfp/G8mbmOZKxO5T3501SEGQRUdvq7h0= +diff --git a/src/import/staging/src/k8s.io/api/go.sum b/src/import/staging/src/k8s.io/api/go.sum +index c162d16011e..8ac86891676 100644 +--- a/src/import/staging/src/k8s.io/api/go.sum ++++ b/src/import/staging/src/k8s.io/api/go.sum +@@ -90,8 +90,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod +index f2cc6ca100f..41289345ad7 100644 +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod +@@ -21,7 +21,7 @@ require ( + github.com/spf13/pflag v1.0.3 + github.com/stretchr/testify v1.3.0 + google.golang.org/grpc v1.23.0 +- gopkg.in/yaml.v2 v2.2.4 ++ gopkg.in/yaml.v2 v2.2.8 + k8s.io/api v0.0.0 + k8s.io/apimachinery v0.0.0 + k8s.io/apiserver v0.0.0 +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum +index 853644fbe6d..1c4460fdc38 100644 +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum +@@ -349,8 +349,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.mod b/src/import/staging/src/k8s.io/apimachinery/go.mod +index 5b49085be74..bdd9ed2f63d 100644 +--- a/src/import/staging/src/k8s.io/apimachinery/go.mod ++++ b/src/import/staging/src/k8s.io/apimachinery/go.mod +@@ -30,7 +30,7 @@ require ( + golang.org/x/text v0.3.2 // indirect + gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect + gopkg.in/inf.v0 v0.9.0 +- gopkg.in/yaml.v2 v2.2.4 ++ gopkg.in/yaml.v2 v2.2.8 + k8s.io/klog v0.4.0 + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf + sigs.k8s.io/yaml v1.1.0 +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.sum b/src/import/staging/src/k8s.io/apimachinery/go.sum +index 916261e42c0..636ef5751ea 100644 +--- a/src/import/staging/src/k8s.io/apimachinery/go.sum ++++ b/src/import/staging/src/k8s.io/apimachinery/go.sum +@@ -106,8 +106,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= +diff --git a/src/import/staging/src/k8s.io/apiserver/go.mod b/src/import/staging/src/k8s.io/apiserver/go.mod +index 8f97b49b06a..e1fdb94df10 100644 +--- a/src/import/staging/src/k8s.io/apiserver/go.mod ++++ b/src/import/staging/src/k8s.io/apiserver/go.mod +@@ -47,7 +47,7 @@ require ( + google.golang.org/grpc v1.23.0 + gopkg.in/natefinch/lumberjack.v2 v2.0.0 + gopkg.in/square/go-jose.v2 v2.2.2 +- gopkg.in/yaml.v2 v2.2.4 ++ gopkg.in/yaml.v2 v2.2.8 + gotest.tools v2.2.0+incompatible // indirect + k8s.io/api v0.0.0 + k8s.io/apimachinery v0.0.0 +diff --git a/src/import/staging/src/k8s.io/apiserver/go.sum b/src/import/staging/src/k8s.io/apiserver/go.sum +index 9658ae1784a..d055f0d08a2 100644 +--- a/src/import/staging/src/k8s.io/apiserver/go.sum ++++ b/src/import/staging/src/k8s.io/apiserver/go.sum +@@ -268,8 +268,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +diff --git a/src/import/staging/src/k8s.io/cli-runtime/go.sum b/src/import/staging/src/k8s.io/cli-runtime/go.sum +index 71af2c05905..641ba432230 100644 +--- a/src/import/staging/src/k8s.io/cli-runtime/go.sum ++++ b/src/import/staging/src/k8s.io/cli-runtime/go.sum +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +diff --git a/src/import/staging/src/k8s.io/client-go/go.sum b/src/import/staging/src/k8s.io/client-go/go.sum +index ec7d3780cad..315bfceda79 100644 +--- a/src/import/staging/src/k8s.io/client-go/go.sum ++++ b/src/import/staging/src/k8s.io/client-go/go.sum +@@ -175,8 +175,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +diff --git a/src/import/staging/src/k8s.io/cloud-provider/go.sum b/src/import/staging/src/k8s.io/cloud-provider/go.sum +index e00d8e24a27..7d446c66231 100644 +--- a/src/import/staging/src/k8s.io/cloud-provider/go.sum ++++ b/src/import/staging/src/k8s.io/cloud-provider/go.sum +@@ -158,8 +158,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +diff --git a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum +index 09c98a9ccd8..e148b9741de 100644 +--- a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum ++++ b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum +@@ -91,8 +91,8 @@ gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76 + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= +diff --git a/src/import/staging/src/k8s.io/code-generator/go.mod b/src/import/staging/src/k8s.io/code-generator/go.mod +index 7717cae18ba..0dc05a6c181 100644 +--- a/src/import/staging/src/k8s.io/code-generator/go.mod ++++ b/src/import/staging/src/k8s.io/code-generator/go.mod +@@ -15,7 +15,7 @@ require ( + golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac // indirect + gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485 + gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e // indirect +- gopkg.in/yaml.v2 v2.2.4 // indirect ++ gopkg.in/yaml.v2 v2.2.8 // indirect + k8s.io/gengo v0.0.0-20190822140433-26a664648505 + k8s.io/klog v0.4.0 + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf +diff --git a/src/import/staging/src/k8s.io/code-generator/go.sum b/src/import/staging/src/k8s.io/code-generator/go.sum +index a34b8497afa..a3be7c382b8 100644 +--- a/src/import/staging/src/k8s.io/code-generator/go.sum ++++ b/src/import/staging/src/k8s.io/code-generator/go.sum +@@ -103,8 +103,8 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= + k8s.io/gengo v0.0.0-20190822140433-26a664648505 h1:ZY6yclUKVbZ+SdWnkfY+Je5vrMpKOxmGeKRbsXVmqYM= +diff --git a/src/import/staging/src/k8s.io/component-base/go.sum b/src/import/staging/src/k8s.io/component-base/go.sum +index 34151a5846d..155e3e420e9 100644 +--- a/src/import/staging/src/k8s.io/component-base/go.sum ++++ b/src/import/staging/src/k8s.io/component-base/go.sum +@@ -171,8 +171,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +diff --git a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum +index 71646a53606..a4de3199c55 100644 +--- a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum ++++ b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum +@@ -139,8 +139,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +diff --git a/src/import/staging/src/k8s.io/kube-aggregator/go.sum b/src/import/staging/src/k8s.io/kube-aggregator/go.sum +index 306beb4d2c1..be07875a640 100644 +--- a/src/import/staging/src/k8s.io/kube-aggregator/go.sum ++++ b/src/import/staging/src/k8s.io/kube-aggregator/go.sum +@@ -303,8 +303,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +diff --git a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum +index 346871c01de..1653f3eca5a 100644 +--- a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum ++++ b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +diff --git a/src/import/staging/src/k8s.io/kube-proxy/go.sum b/src/import/staging/src/k8s.io/kube-proxy/go.sum +index 346871c01de..1653f3eca5a 100644 +--- a/src/import/staging/src/k8s.io/kube-proxy/go.sum ++++ b/src/import/staging/src/k8s.io/kube-proxy/go.sum +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +diff --git a/src/import/staging/src/k8s.io/kube-scheduler/go.sum b/src/import/staging/src/k8s.io/kube-scheduler/go.sum +index 346871c01de..1653f3eca5a 100644 +--- a/src/import/staging/src/k8s.io/kube-scheduler/go.sum ++++ b/src/import/staging/src/k8s.io/kube-scheduler/go.sum +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +diff --git a/src/import/staging/src/k8s.io/kubectl/go.mod b/src/import/staging/src/k8s.io/kubectl/go.mod +index 5e5e4b2bbed..d1c8a52cbb4 100644 +--- a/src/import/staging/src/k8s.io/kubectl/go.mod ++++ b/src/import/staging/src/k8s.io/kubectl/go.mod +@@ -33,7 +33,7 @@ require ( + github.com/spf13/pflag v1.0.3 + github.com/stretchr/testify v1.3.0 + golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f +- gopkg.in/yaml.v2 v2.2.4 ++ gopkg.in/yaml.v2 v2.2.8 + gotest.tools v2.2.0+incompatible // indirect + k8s.io/api v0.0.0 + k8s.io/apimachinery v0.0.0 +diff --git a/src/import/staging/src/k8s.io/kubectl/go.sum b/src/import/staging/src/k8s.io/kubectl/go.sum +index b164ecd3dc3..17d56a30001 100644 +--- a/src/import/staging/src/k8s.io/kubectl/go.sum ++++ b/src/import/staging/src/k8s.io/kubectl/go.sum +@@ -268,8 +268,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +diff --git a/src/import/staging/src/k8s.io/kubelet/go.sum b/src/import/staging/src/k8s.io/kubelet/go.sum +index 0635238e2ce..e12860540cd 100644 +--- a/src/import/staging/src/k8s.io/kubelet/go.sum ++++ b/src/import/staging/src/k8s.io/kubelet/go.sum +@@ -87,8 +87,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= +diff --git a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum +index 7da7d10f1b0..4affb42e698 100644 +--- a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum ++++ b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum +@@ -271,8 +271,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +diff --git a/src/import/staging/src/k8s.io/metrics/go.sum b/src/import/staging/src/k8s.io/metrics/go.sum +index 4ba35f7c725..b820dfe346b 100644 +--- a/src/import/staging/src/k8s.io/metrics/go.sum ++++ b/src/import/staging/src/k8s.io/metrics/go.sum +@@ -192,8 +192,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= +diff --git a/src/import/staging/src/k8s.io/node-api/go.sum b/src/import/staging/src/k8s.io/node-api/go.sum +index eb2113416f4..df4095e8c53 100644 +--- a/src/import/staging/src/k8s.io/node-api/go.sum ++++ b/src/import/staging/src/k8s.io/node-api/go.sum +@@ -195,8 +195,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= +diff --git a/src/import/staging/src/k8s.io/sample-apiserver/go.sum b/src/import/staging/src/k8s.io/sample-apiserver/go.sum +index 6100b600021..c9af593485a 100644 +--- a/src/import/staging/src/k8s.io/sample-apiserver/go.sum ++++ b/src/import/staging/src/k8s.io/sample-apiserver/go.sum +@@ -300,8 +300,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +diff --git a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum +index 71af2c05905..641ba432230 100644 +--- a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum ++++ b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +diff --git a/src/import/staging/src/k8s.io/sample-controller/go.sum b/src/import/staging/src/k8s.io/sample-controller/go.sum +index 2729443484f..9d360830a5a 100644 +--- a/src/import/staging/src/k8s.io/sample-controller/go.sum ++++ b/src/import/staging/src/k8s.io/sample-controller/go.sum +@@ -196,8 +196,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= +diff --git a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml +index 9f556934d8b..055480b9ef8 100644 +--- a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml ++++ b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml +@@ -1,12 +1,16 @@ + language: go + + go: +- - 1.4 +- - 1.5 +- - 1.6 +- - 1.7 +- - 1.8 +- - 1.9 +- - tip ++ - "1.4.x" ++ - "1.5.x" ++ - "1.6.x" ++ - "1.7.x" ++ - "1.8.x" ++ - "1.9.x" ++ - "1.10.x" ++ - "1.11.x" ++ - "1.12.x" ++ - "1.13.x" ++ - "tip" + + go_import_path: gopkg.in/yaml.v2 +diff --git a/src/import/vendor/gopkg.in/yaml.v2/decode.go b/src/import/vendor/gopkg.in/yaml.v2/decode.go +index 53108765555..129bc2a97d3 100644 +--- a/src/import/vendor/gopkg.in/yaml.v2/decode.go ++++ b/src/import/vendor/gopkg.in/yaml.v2/decode.go +@@ -319,10 +319,14 @@ func (d *decoder) prepare(n *node, out reflect.Value) (newout reflect.Value, unm + } + + const ( +- // 400,000 decode operations is ~500kb of dense object declarations, or ~5kb of dense object declarations with 10000% alias expansion ++ // 400,000 decode operations is ~500kb of dense object declarations, or ++ // ~5kb of dense object declarations with 10000% alias expansion + alias_ratio_range_low = 400000 +- // 4,000,000 decode operations is ~5MB of dense object declarations, or ~4.5MB of dense object declarations with 10% alias expansion ++ ++ // 4,000,000 decode operations is ~5MB of dense object declarations, or ++ // ~4.5MB of dense object declarations with 10% alias expansion + alias_ratio_range_high = 4000000 ++ + // alias_ratio_range is the range over which we scale allowed alias ratios + alias_ratio_range = float64(alias_ratio_range_high - alias_ratio_range_low) + ) +@@ -784,8 +788,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { + case mappingNode: + d.unmarshal(n, out) + case aliasNode: +- an, ok := d.doc.anchors[n.value] +- if ok && an.kind != mappingNode { ++ if n.alias != nil && n.alias.kind != mappingNode { + failWantMap() + } + d.unmarshal(n, out) +@@ -794,8 +797,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { + for i := len(n.children) - 1; i >= 0; i-- { + ni := n.children[i] + if ni.kind == aliasNode { +- an, ok := d.doc.anchors[ni.value] +- if ok && an.kind != mappingNode { ++ if ni.alias != nil && ni.alias.kind != mappingNode { + failWantMap() + } + } else if ni.kind != mappingNode { +diff --git a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go +index 570b8ecd10f..0b9bb6030a0 100644 +--- a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go ++++ b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go +@@ -626,31 +626,18 @@ func trace(args ...interface{}) func() { + func yaml_parser_fetch_more_tokens(parser *yaml_parser_t) bool { + // While we need more tokens to fetch, do it. + for { +- // Check if we really need to fetch more tokens. +- need_more_tokens := false +- +- if parser.tokens_head == len(parser.tokens) { +- // Queue is empty. +- need_more_tokens = true +- } else { +- // Check if any potential simple key may occupy the head position. +- if !yaml_parser_stale_simple_keys(parser) { ++ if parser.tokens_head != len(parser.tokens) { ++ // If queue is non-empty, check if any potential simple key may ++ // occupy the head position. ++ head_tok_idx, ok := parser.simple_keys_by_tok[parser.tokens_parsed] ++ if !ok { ++ break ++ } else if valid, ok := yaml_simple_key_is_valid(parser, &parser.simple_keys[head_tok_idx]); !ok { + return false +- } +- +- for i := range parser.simple_keys { +- simple_key := &parser.simple_keys[i] +- if simple_key.possible && simple_key.token_number == parser.tokens_parsed { +- need_more_tokens = true +- break +- } ++ } else if !valid { ++ break + } + } +- +- // We are finished. +- if !need_more_tokens { +- break +- } + // Fetch the next token. + if !yaml_parser_fetch_next_token(parser) { + return false +@@ -678,11 +665,6 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { + return false + } + +- // Remove obsolete potential simple keys. +- if !yaml_parser_stale_simple_keys(parser) { +- return false +- } +- + // Check the indentation level against the current column. + if !yaml_parser_unroll_indent(parser, parser.mark.column) { + return false +@@ -837,29 +819,30 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { + "found character that cannot start any token") + } + +-// Check the list of potential simple keys and remove the positions that +-// cannot contain simple keys anymore. +-func yaml_parser_stale_simple_keys(parser *yaml_parser_t) bool { +- // Check for a potential simple key for each flow level. +- for i := range parser.simple_keys { +- simple_key := &parser.simple_keys[i] +- +- // The specification requires that a simple key +- // +- // - is limited to a single line, +- // - is shorter than 1024 characters. +- if simple_key.possible && (simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index) { +- +- // Check if the potential simple key to be removed is required. +- if simple_key.required { +- return yaml_parser_set_scanner_error(parser, +- "while scanning a simple key", simple_key.mark, +- "could not find expected ':'") +- } +- simple_key.possible = false ++func yaml_simple_key_is_valid(parser *yaml_parser_t, simple_key *yaml_simple_key_t) (valid, ok bool) { ++ if !simple_key.possible { ++ return false, true ++ } ++ ++ // The 1.2 specification says: ++ // ++ // "If the ? indicator is omitted, parsing needs to see past the ++ // implicit key to recognize it as such. To limit the amount of ++ // lookahead required, the “:” indicator must appear at most 1024 ++ // Unicode characters beyond the start of the key. In addition, the key ++ // is restricted to a single line." ++ // ++ if simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index { ++ // Check if the potential simple key to be removed is required. ++ if simple_key.required { ++ return false, yaml_parser_set_scanner_error(parser, ++ "while scanning a simple key", simple_key.mark, ++ "could not find expected ':'") + } ++ simple_key.possible = false ++ return false, true + } +- return true ++ return true, true + } + + // Check if a simple key may start at the current position and add it if +@@ -879,13 +862,14 @@ func yaml_parser_save_simple_key(parser *yaml_parser_t) bool { + possible: true, + required: required, + token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), ++ mark: parser.mark, + } +- simple_key.mark = parser.mark + + if !yaml_parser_remove_simple_key(parser) { + return false + } + parser.simple_keys[len(parser.simple_keys)-1] = simple_key ++ parser.simple_keys_by_tok[simple_key.token_number] = len(parser.simple_keys) - 1 + } + return true + } +@@ -900,9 +884,10 @@ func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool { + "while scanning a simple key", parser.simple_keys[i].mark, + "could not find expected ':'") + } ++ // Remove the key from the stack. ++ parser.simple_keys[i].possible = false ++ delete(parser.simple_keys_by_tok, parser.simple_keys[i].token_number) + } +- // Remove the key from the stack. +- parser.simple_keys[i].possible = false + return true + } + +@@ -912,7 +897,12 @@ const max_flow_level = 10000 + // Increase the flow level and resize the simple key list if needed. + func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { + // Reset the simple key on the next level. +- parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) ++ parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{ ++ possible: false, ++ required: false, ++ token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), ++ mark: parser.mark, ++ }) + + // Increase the flow level. + parser.flow_level++ +@@ -928,7 +918,9 @@ func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { + func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool { + if parser.flow_level > 0 { + parser.flow_level-- +- parser.simple_keys = parser.simple_keys[:len(parser.simple_keys)-1] ++ last := len(parser.simple_keys) - 1 ++ delete(parser.simple_keys_by_tok, parser.simple_keys[last].token_number) ++ parser.simple_keys = parser.simple_keys[:last] + } + return true + } +@@ -1005,6 +997,8 @@ func yaml_parser_fetch_stream_start(parser *yaml_parser_t) bool { + // Initialize the simple key stack. + parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) + ++ parser.simple_keys_by_tok = make(map[int]int) ++ + // A simple key is allowed at the beginning of the stream. + parser.simple_key_allowed = true + +@@ -1286,7 +1280,11 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { + simple_key := &parser.simple_keys[len(parser.simple_keys)-1] + + // Have we found a simple key? +- if simple_key.possible { ++ if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok { ++ return false ++ ++ } else if valid { ++ + // Create the KEY token and insert it into the queue. + token := yaml_token_t{ + typ: yaml_KEY_TOKEN, +@@ -1304,6 +1302,7 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { + + // Remove the simple key. + simple_key.possible = false ++ delete(parser.simple_keys_by_tok, simple_key.token_number) + + // A simple key cannot follow another simple key. + parser.simple_key_allowed = false +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yaml.go b/src/import/vendor/gopkg.in/yaml.v2/yaml.go +index de85aa4cdb7..89650e293ac 100644 +--- a/src/import/vendor/gopkg.in/yaml.v2/yaml.go ++++ b/src/import/vendor/gopkg.in/yaml.v2/yaml.go +@@ -89,7 +89,7 @@ func UnmarshalStrict(in []byte, out interface{}) (err error) { + return unmarshal(in, out, true) + } + +-// A Decorder reads and decodes YAML values from an input stream. ++// A Decoder reads and decodes YAML values from an input stream. + type Decoder struct { + strict bool + parser *parser +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go +index e25cee563be..f6a9c8e34b1 100644 +--- a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go ++++ b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go +@@ -579,6 +579,7 @@ type yaml_parser_t struct { + + simple_key_allowed bool // May a simple key occur at the current position? + simple_keys []yaml_simple_key_t // The stack of simple keys. ++ simple_keys_by_tok map[int]int // possible simple_key indexes indexed by token_number + + // Parser stuff + +diff --git a/src/import/vendor/modules.txt b/src/import/vendor/modules.txt +index 4585ca5ec0d..06a5d7fa5a0 100644 +--- a/src/import/vendor/modules.txt ++++ b/src/import/vendor/modules.txt +@@ -1069,7 +1069,7 @@ gopkg.in/square/go-jose.v2/jwt + gopkg.in/tomb.v1 + # gopkg.in/warnings.v0 v0.1.1 => gopkg.in/warnings.v0 v0.1.1 + gopkg.in/warnings.v0 +-# gopkg.in/yaml.v2 v2.2.4 => gopkg.in/yaml.v2 v2.2.4 ++# gopkg.in/yaml.v2 v2.2.8 => gopkg.in/yaml.v2 v2.2.8 + gopkg.in/yaml.v2 + # gotest.tools v2.2.0+incompatible => gotest.tools v2.2.0+incompatible + gotest.tools +-- +2.23.0 + diff --git a/recipes-containers/kubernetes/kubernetes_git.bb b/recipes-containers/kubernetes/kubernetes_git.bb index e96b7d6..941e0ca 100644 --- a/recipes-containers/kubernetes/kubernetes_git.bb +++ b/recipes-containers/kubernetes/kubernetes_git.bb @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/kubernetes/kubernetes.git;branch=release-1.16;name=k file://CVE-2020-8551.patch \ file://CVE-2020-8552.patch \ file://CVE-2020-8555.patch \ + file://CVE-2019-11254.patch \ " DEPENDS += "rsync-native \ -- 2.17.1 ^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 2020-06-18 7:34 [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 Zhixiong Chi @ 2020-06-18 12:49 ` Bruce Ashfield 2020-06-19 2:29 ` Zhixiong Chi [not found] ` <1619D0FBDD33F6B0.13914@lists.yoctoproject.org> 2020-06-22 13:35 ` Bruce Ashfield 1 sibling, 2 replies; 8+ messages in thread From: Bruce Ashfield @ 2020-06-18 12:49 UTC (permalink / raw) To: Zhixiong Chi; +Cc: yocto This should go to the meta-virt mailing list. But you still haven't answered my question from the last k8s CVE patch: "Can you confirm that the k8s versions in master/dunfell don't have this CVE ?" Bruce On Thu, Jun 18, 2020 at 3:34 AM Zhixiong Chi <zhixiong.chi@windriver.com> wrote: > > Backport the CVE patch from the upstream: > https://github.com/kubernetes/kubernetes.git > > Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> > --- > .../kubernetes/CVE-2019-11254.patch | 797 ++++++++++++++++++ > .../kubernetes/kubernetes_git.bb | 1 + > 2 files changed, 798 insertions(+) > create mode 100644 recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch > > diff --git a/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch > new file mode 100644 > index 0000000..2d991a9 > --- /dev/null > +++ b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch > @@ -0,0 +1,797 @@ > +From e9ba264d57d379d86dfbf3ae94e82eb0ead9c468 Mon Sep 17 00:00:00 2001 > +From: CJ Cullen <cjcullen@google.com> > +Date: Wed, 22 Jan 2020 11:32:39 -0800 > +Subject: [PATCH] update gopkg.in/yaml.v2 to v2.2.8 > + > +CVE: CVE-2019-11254 > +Upstream-Status: Backport [https://github.com/kubernetes/kubernetes.git branch: release-1.16] > +Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> > +--- > + src/import/go.mod | 4 +- > + src/import/go.sum | 4 +- > + src/import/staging/src/k8s.io/api/go.sum | 4 +- > + .../src/k8s.io/apiextensions-apiserver/go.mod | 2 +- > + .../src/k8s.io/apiextensions-apiserver/go.sum | 4 +- > + src/import/staging/src/k8s.io/apimachinery/go.mod | 2 +- > + src/import/staging/src/k8s.io/apimachinery/go.sum | 4 +- > + src/import/staging/src/k8s.io/apiserver/go.mod | 2 +- > + src/import/staging/src/k8s.io/apiserver/go.sum | 4 +- > + src/import/staging/src/k8s.io/cli-runtime/go.sum | 4 +- > + src/import/staging/src/k8s.io/client-go/go.sum | 4 +- > + src/import/staging/src/k8s.io/cloud-provider/go.sum | 4 +- > + src/import/staging/src/k8s.io/cluster-bootstrap/go.sum | 4 +- > + src/import/staging/src/k8s.io/code-generator/go.mod | 2 +- > + src/import/staging/src/k8s.io/code-generator/go.sum | 4 +- > + src/import/staging/src/k8s.io/component-base/go.sum | 4 +- > + src/import/staging/src/k8s.io/csi-translation-lib/go.sum | 4 +- > + src/import/staging/src/k8s.io/kube-aggregator/go.sum | 4 +- > + .../src/k8s.io/kube-controller-manager/go.sum | 4 +- > + src/import/staging/src/k8s.io/kube-proxy/go.sum | 4 +- > + src/import/staging/src/k8s.io/kube-scheduler/go.sum | 4 +- > + src/import/staging/src/k8s.io/kubectl/go.mod | 2 +- > + src/import/staging/src/k8s.io/kubectl/go.sum | 4 +- > + src/import/staging/src/k8s.io/kubelet/go.sum | 4 +- > + .../src/k8s.io/legacy-cloud-providers/go.sum | 4 +- > + src/import/staging/src/k8s.io/metrics/go.sum | 4 +- > + src/import/staging/src/k8s.io/node-api/go.sum | 4 +- > + src/import/staging/src/k8s.io/sample-apiserver/go.sum | 4 +- > + src/import/staging/src/k8s.io/sample-cli-plugin/go.sum | 4 +- > + src/import/staging/src/k8s.io/sample-controller/go.sum | 4 +- > + src/import/vendor/gopkg.in/yaml.v2/.travis.yml | 18 +-- > + src/import/vendor/gopkg.in/yaml.v2/decode.go | 14 ++- > + src/import/vendor/gopkg.in/yaml.v2/scannerc.go | 107 +++++++++--------- > + src/import/vendor/gopkg.in/yaml.v2/yaml.go | 2 +- > + src/import/vendor/gopkg.in/yaml.v2/yamlh.go | 1 + > + src/import/vendor/modules.txt | 2 +- > + 36 files changed, 130 insertions(+), 124 deletions(-) > + > +diff --git a/src/import/go.mod b/go.mod > +index cf8c9147e62..884870f8843 100644 > +--- a/src/import/go.mod > ++++ b/src/import/go.mod > +@@ -139,7 +139,7 @@ require ( > + google.golang.org/grpc v1.23.0 > + gopkg.in/gcfg.v1 v1.2.0 > + gopkg.in/square/go-jose.v2 v2.2.2 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + gotest.tools v2.2.0+incompatible > + gotest.tools/gotestsum v0.3.5 > + honnef.co/go/tools v0.0.1-2019.2.2 > +@@ -444,7 +444,7 @@ replace ( > + gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 > + gopkg.in/tomb.v1 => gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 > + gopkg.in/warnings.v0 => gopkg.in/warnings.v0 v0.1.1 > +- gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.8 > + gotest.tools => gotest.tools v2.2.0+incompatible > + gotest.tools/gotestsum => gotest.tools/gotestsum v0.3.5 > + honnef.co/go/tools => honnef.co/go/tools v0.0.1-2019.2.2 > +diff --git a/src/import/go.sum b/src/import/go.sum > +index b5e3f74686f..617081d2d9e 100644 > +--- a/src/import/go.sum > ++++ b/src/import/go.sum > +@@ -492,8 +492,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/warnings.v0 v0.1.1 h1:XM28wIgFzaBmeZ5dNHIpWLQpt/9DGKxk+rCg/22nnYE= > + gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + gotest.tools/gotestsum v0.3.5 h1:VePOWRsuWFYpfp/G8mbmOZKxO5T3501SEGQRUdvq7h0= > +diff --git a/src/import/staging/src/k8s.io/api/go.sum b/src/import/staging/src/k8s.io/api/go.sum > +index c162d16011e..8ac86891676 100644 > +--- a/src/import/staging/src/k8s.io/api/go.sum > ++++ b/src/import/staging/src/k8s.io/api/go.sum > +@@ -90,8 +90,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod > +index f2cc6ca100f..41289345ad7 100644 > +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod > ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod > +@@ -21,7 +21,7 @@ require ( > + github.com/spf13/pflag v1.0.3 > + github.com/stretchr/testify v1.3.0 > + google.golang.org/grpc v1.23.0 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + k8s.io/api v0.0.0 > + k8s.io/apimachinery v0.0.0 > + k8s.io/apiserver v0.0.0 > +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum > +index 853644fbe6d..1c4460fdc38 100644 > +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum > ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum > +@@ -349,8 +349,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.mod b/src/import/staging/src/k8s.io/apimachinery/go.mod > +index 5b49085be74..bdd9ed2f63d 100644 > +--- a/src/import/staging/src/k8s.io/apimachinery/go.mod > ++++ b/src/import/staging/src/k8s.io/apimachinery/go.mod > +@@ -30,7 +30,7 @@ require ( > + golang.org/x/text v0.3.2 // indirect > + gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect > + gopkg.in/inf.v0 v0.9.0 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + k8s.io/klog v0.4.0 > + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf > + sigs.k8s.io/yaml v1.1.0 > +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.sum b/src/import/staging/src/k8s.io/apimachinery/go.sum > +index 916261e42c0..636ef5751ea 100644 > +--- a/src/import/staging/src/k8s.io/apimachinery/go.sum > ++++ b/src/import/staging/src/k8s.io/apimachinery/go.sum > +@@ -106,8 +106,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/apiserver/go.mod b/src/import/staging/src/k8s.io/apiserver/go.mod > +index 8f97b49b06a..e1fdb94df10 100644 > +--- a/src/import/staging/src/k8s.io/apiserver/go.mod > ++++ b/src/import/staging/src/k8s.io/apiserver/go.mod > +@@ -47,7 +47,7 @@ require ( > + google.golang.org/grpc v1.23.0 > + gopkg.in/natefinch/lumberjack.v2 v2.0.0 > + gopkg.in/square/go-jose.v2 v2.2.2 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + gotest.tools v2.2.0+incompatible // indirect > + k8s.io/api v0.0.0 > + k8s.io/apimachinery v0.0.0 > +diff --git a/src/import/staging/src/k8s.io/apiserver/go.sum b/src/import/staging/src/k8s.io/apiserver/go.sum > +index 9658ae1784a..d055f0d08a2 100644 > +--- a/src/import/staging/src/k8s.io/apiserver/go.sum > ++++ b/src/import/staging/src/k8s.io/apiserver/go.sum > +@@ -268,8 +268,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/cli-runtime/go.sum b/src/import/staging/src/k8s.io/cli-runtime/go.sum > +index 71af2c05905..641ba432230 100644 > +--- a/src/import/staging/src/k8s.io/cli-runtime/go.sum > ++++ b/src/import/staging/src/k8s.io/cli-runtime/go.sum > +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/client-go/go.sum b/src/import/staging/src/k8s.io/client-go/go.sum > +index ec7d3780cad..315bfceda79 100644 > +--- a/src/import/staging/src/k8s.io/client-go/go.sum > ++++ b/src/import/staging/src/k8s.io/client-go/go.sum > +@@ -175,8 +175,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/cloud-provider/go.sum b/src/import/staging/src/k8s.io/cloud-provider/go.sum > +index e00d8e24a27..7d446c66231 100644 > +--- a/src/import/staging/src/k8s.io/cloud-provider/go.sum > ++++ b/src/import/staging/src/k8s.io/cloud-provider/go.sum > +@@ -158,8 +158,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum > +index 09c98a9ccd8..e148b9741de 100644 > +--- a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum > ++++ b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum > +@@ -91,8 +91,8 @@ gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76 > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/code-generator/go.mod b/src/import/staging/src/k8s.io/code-generator/go.mod > +index 7717cae18ba..0dc05a6c181 100644 > +--- a/src/import/staging/src/k8s.io/code-generator/go.mod > ++++ b/src/import/staging/src/k8s.io/code-generator/go.mod > +@@ -15,7 +15,7 @@ require ( > + golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac // indirect > + gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485 > + gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e // indirect > +- gopkg.in/yaml.v2 v2.2.4 // indirect > ++ gopkg.in/yaml.v2 v2.2.8 // indirect > + k8s.io/gengo v0.0.0-20190822140433-26a664648505 > + k8s.io/klog v0.4.0 > + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf > +diff --git a/src/import/staging/src/k8s.io/code-generator/go.sum b/src/import/staging/src/k8s.io/code-generator/go.sum > +index a34b8497afa..a3be7c382b8 100644 > +--- a/src/import/staging/src/k8s.io/code-generator/go.sum > ++++ b/src/import/staging/src/k8s.io/code-generator/go.sum > +@@ -103,8 +103,8 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/gengo v0.0.0-20190822140433-26a664648505 h1:ZY6yclUKVbZ+SdWnkfY+Je5vrMpKOxmGeKRbsXVmqYM= > +diff --git a/src/import/staging/src/k8s.io/component-base/go.sum b/src/import/staging/src/k8s.io/component-base/go.sum > +index 34151a5846d..155e3e420e9 100644 > +--- a/src/import/staging/src/k8s.io/component-base/go.sum > ++++ b/src/import/staging/src/k8s.io/component-base/go.sum > +@@ -171,8 +171,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum > +index 71646a53606..a4de3199c55 100644 > +--- a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum > ++++ b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum > +@@ -139,8 +139,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kube-aggregator/go.sum b/src/import/staging/src/k8s.io/kube-aggregator/go.sum > +index 306beb4d2c1..be07875a640 100644 > +--- a/src/import/staging/src/k8s.io/kube-aggregator/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-aggregator/go.sum > +@@ -303,8 +303,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum > +index 346871c01de..1653f3eca5a 100644 > +--- a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum > +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kube-proxy/go.sum b/src/import/staging/src/k8s.io/kube-proxy/go.sum > +index 346871c01de..1653f3eca5a 100644 > +--- a/src/import/staging/src/k8s.io/kube-proxy/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-proxy/go.sum > +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kube-scheduler/go.sum b/src/import/staging/src/k8s.io/kube-scheduler/go.sum > +index 346871c01de..1653f3eca5a 100644 > +--- a/src/import/staging/src/k8s.io/kube-scheduler/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-scheduler/go.sum > +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kubectl/go.mod b/src/import/staging/src/k8s.io/kubectl/go.mod > +index 5e5e4b2bbed..d1c8a52cbb4 100644 > +--- a/src/import/staging/src/k8s.io/kubectl/go.mod > ++++ b/src/import/staging/src/k8s.io/kubectl/go.mod > +@@ -33,7 +33,7 @@ require ( > + github.com/spf13/pflag v1.0.3 > + github.com/stretchr/testify v1.3.0 > + golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + gotest.tools v2.2.0+incompatible // indirect > + k8s.io/api v0.0.0 > + k8s.io/apimachinery v0.0.0 > +diff --git a/src/import/staging/src/k8s.io/kubectl/go.sum b/src/import/staging/src/k8s.io/kubectl/go.sum > +index b164ecd3dc3..17d56a30001 100644 > +--- a/src/import/staging/src/k8s.io/kubectl/go.sum > ++++ b/src/import/staging/src/k8s.io/kubectl/go.sum > +@@ -268,8 +268,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/kubelet/go.sum b/src/import/staging/src/k8s.io/kubelet/go.sum > +index 0635238e2ce..e12860540cd 100644 > +--- a/src/import/staging/src/k8s.io/kubelet/go.sum > ++++ b/src/import/staging/src/k8s.io/kubelet/go.sum > +@@ -87,8 +87,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum > +index 7da7d10f1b0..4affb42e698 100644 > +--- a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum > ++++ b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum > +@@ -271,8 +271,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/metrics/go.sum b/src/import/staging/src/k8s.io/metrics/go.sum > +index 4ba35f7c725..b820dfe346b 100644 > +--- a/src/import/staging/src/k8s.io/metrics/go.sum > ++++ b/src/import/staging/src/k8s.io/metrics/go.sum > +@@ -192,8 +192,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > +diff --git a/src/import/staging/src/k8s.io/node-api/go.sum b/src/import/staging/src/k8s.io/node-api/go.sum > +index eb2113416f4..df4095e8c53 100644 > +--- a/src/import/staging/src/k8s.io/node-api/go.sum > ++++ b/src/import/staging/src/k8s.io/node-api/go.sum > +@@ -195,8 +195,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > +diff --git a/src/import/staging/src/k8s.io/sample-apiserver/go.sum b/src/import/staging/src/k8s.io/sample-apiserver/go.sum > +index 6100b600021..c9af593485a 100644 > +--- a/src/import/staging/src/k8s.io/sample-apiserver/go.sum > ++++ b/src/import/staging/src/k8s.io/sample-apiserver/go.sum > +@@ -300,8 +300,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum > +index 71af2c05905..641ba432230 100644 > +--- a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum > ++++ b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum > +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/sample-controller/go.sum b/src/import/staging/src/k8s.io/sample-controller/go.sum > +index 2729443484f..9d360830a5a 100644 > +--- a/src/import/staging/src/k8s.io/sample-controller/go.sum > ++++ b/src/import/staging/src/k8s.io/sample-controller/go.sum > +@@ -196,8 +196,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml > +index 9f556934d8b..055480b9ef8 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml > ++++ b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml > +@@ -1,12 +1,16 @@ > + language: go > + > + go: > +- - 1.4 > +- - 1.5 > +- - 1.6 > +- - 1.7 > +- - 1.8 > +- - 1.9 > +- - tip > ++ - "1.4.x" > ++ - "1.5.x" > ++ - "1.6.x" > ++ - "1.7.x" > ++ - "1.8.x" > ++ - "1.9.x" > ++ - "1.10.x" > ++ - "1.11.x" > ++ - "1.12.x" > ++ - "1.13.x" > ++ - "tip" > + > + go_import_path: gopkg.in/yaml.v2 > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/decode.go b/src/import/vendor/gopkg.in/yaml.v2/decode.go > +index 53108765555..129bc2a97d3 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/decode.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/decode.go > +@@ -319,10 +319,14 @@ func (d *decoder) prepare(n *node, out reflect.Value) (newout reflect.Value, unm > + } > + > + const ( > +- // 400,000 decode operations is ~500kb of dense object declarations, or ~5kb of dense object declarations with 10000% alias expansion > ++ // 400,000 decode operations is ~500kb of dense object declarations, or > ++ // ~5kb of dense object declarations with 10000% alias expansion > + alias_ratio_range_low = 400000 > +- // 4,000,000 decode operations is ~5MB of dense object declarations, or ~4.5MB of dense object declarations with 10% alias expansion > ++ > ++ // 4,000,000 decode operations is ~5MB of dense object declarations, or > ++ // ~4.5MB of dense object declarations with 10% alias expansion > + alias_ratio_range_high = 4000000 > ++ > + // alias_ratio_range is the range over which we scale allowed alias ratios > + alias_ratio_range = float64(alias_ratio_range_high - alias_ratio_range_low) > + ) > +@@ -784,8 +788,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { > + case mappingNode: > + d.unmarshal(n, out) > + case aliasNode: > +- an, ok := d.doc.anchors[n.value] > +- if ok && an.kind != mappingNode { > ++ if n.alias != nil && n.alias.kind != mappingNode { > + failWantMap() > + } > + d.unmarshal(n, out) > +@@ -794,8 +797,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { > + for i := len(n.children) - 1; i >= 0; i-- { > + ni := n.children[i] > + if ni.kind == aliasNode { > +- an, ok := d.doc.anchors[ni.value] > +- if ok && an.kind != mappingNode { > ++ if ni.alias != nil && ni.alias.kind != mappingNode { > + failWantMap() > + } > + } else if ni.kind != mappingNode { > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go > +index 570b8ecd10f..0b9bb6030a0 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go > +@@ -626,31 +626,18 @@ func trace(args ...interface{}) func() { > + func yaml_parser_fetch_more_tokens(parser *yaml_parser_t) bool { > + // While we need more tokens to fetch, do it. > + for { > +- // Check if we really need to fetch more tokens. > +- need_more_tokens := false > +- > +- if parser.tokens_head == len(parser.tokens) { > +- // Queue is empty. > +- need_more_tokens = true > +- } else { > +- // Check if any potential simple key may occupy the head position. > +- if !yaml_parser_stale_simple_keys(parser) { > ++ if parser.tokens_head != len(parser.tokens) { > ++ // If queue is non-empty, check if any potential simple key may > ++ // occupy the head position. > ++ head_tok_idx, ok := parser.simple_keys_by_tok[parser.tokens_parsed] > ++ if !ok { > ++ break > ++ } else if valid, ok := yaml_simple_key_is_valid(parser, &parser.simple_keys[head_tok_idx]); !ok { > + return false > +- } > +- > +- for i := range parser.simple_keys { > +- simple_key := &parser.simple_keys[i] > +- if simple_key.possible && simple_key.token_number == parser.tokens_parsed { > +- need_more_tokens = true > +- break > +- } > ++ } else if !valid { > ++ break > + } > + } > +- > +- // We are finished. > +- if !need_more_tokens { > +- break > +- } > + // Fetch the next token. > + if !yaml_parser_fetch_next_token(parser) { > + return false > +@@ -678,11 +665,6 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { > + return false > + } > + > +- // Remove obsolete potential simple keys. > +- if !yaml_parser_stale_simple_keys(parser) { > +- return false > +- } > +- > + // Check the indentation level against the current column. > + if !yaml_parser_unroll_indent(parser, parser.mark.column) { > + return false > +@@ -837,29 +819,30 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { > + "found character that cannot start any token") > + } > + > +-// Check the list of potential simple keys and remove the positions that > +-// cannot contain simple keys anymore. > +-func yaml_parser_stale_simple_keys(parser *yaml_parser_t) bool { > +- // Check for a potential simple key for each flow level. > +- for i := range parser.simple_keys { > +- simple_key := &parser.simple_keys[i] > +- > +- // The specification requires that a simple key > +- // > +- // - is limited to a single line, > +- // - is shorter than 1024 characters. > +- if simple_key.possible && (simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index) { > +- > +- // Check if the potential simple key to be removed is required. > +- if simple_key.required { > +- return yaml_parser_set_scanner_error(parser, > +- "while scanning a simple key", simple_key.mark, > +- "could not find expected ':'") > +- } > +- simple_key.possible = false > ++func yaml_simple_key_is_valid(parser *yaml_parser_t, simple_key *yaml_simple_key_t) (valid, ok bool) { > ++ if !simple_key.possible { > ++ return false, true > ++ } > ++ > ++ // The 1.2 specification says: > ++ // > ++ // "If the ? indicator is omitted, parsing needs to see past the > ++ // implicit key to recognize it as such. To limit the amount of > ++ // lookahead required, the “:” indicator must appear at most 1024 > ++ // Unicode characters beyond the start of the key. In addition, the key > ++ // is restricted to a single line." > ++ // > ++ if simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index { > ++ // Check if the potential simple key to be removed is required. > ++ if simple_key.required { > ++ return false, yaml_parser_set_scanner_error(parser, > ++ "while scanning a simple key", simple_key.mark, > ++ "could not find expected ':'") > + } > ++ simple_key.possible = false > ++ return false, true > + } > +- return true > ++ return true, true > + } > + > + // Check if a simple key may start at the current position and add it if > +@@ -879,13 +862,14 @@ func yaml_parser_save_simple_key(parser *yaml_parser_t) bool { > + possible: true, > + required: required, > + token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), > ++ mark: parser.mark, > + } > +- simple_key.mark = parser.mark > + > + if !yaml_parser_remove_simple_key(parser) { > + return false > + } > + parser.simple_keys[len(parser.simple_keys)-1] = simple_key > ++ parser.simple_keys_by_tok[simple_key.token_number] = len(parser.simple_keys) - 1 > + } > + return true > + } > +@@ -900,9 +884,10 @@ func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool { > + "while scanning a simple key", parser.simple_keys[i].mark, > + "could not find expected ':'") > + } > ++ // Remove the key from the stack. > ++ parser.simple_keys[i].possible = false > ++ delete(parser.simple_keys_by_tok, parser.simple_keys[i].token_number) > + } > +- // Remove the key from the stack. > +- parser.simple_keys[i].possible = false > + return true > + } > + > +@@ -912,7 +897,12 @@ const max_flow_level = 10000 > + // Increase the flow level and resize the simple key list if needed. > + func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { > + // Reset the simple key on the next level. > +- parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) > ++ parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{ > ++ possible: false, > ++ required: false, > ++ token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), > ++ mark: parser.mark, > ++ }) > + > + // Increase the flow level. > + parser.flow_level++ > +@@ -928,7 +918,9 @@ func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { > + func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool { > + if parser.flow_level > 0 { > + parser.flow_level-- > +- parser.simple_keys = parser.simple_keys[:len(parser.simple_keys)-1] > ++ last := len(parser.simple_keys) - 1 > ++ delete(parser.simple_keys_by_tok, parser.simple_keys[last].token_number) > ++ parser.simple_keys = parser.simple_keys[:last] > + } > + return true > + } > +@@ -1005,6 +997,8 @@ func yaml_parser_fetch_stream_start(parser *yaml_parser_t) bool { > + // Initialize the simple key stack. > + parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) > + > ++ parser.simple_keys_by_tok = make(map[int]int) > ++ > + // A simple key is allowed at the beginning of the stream. > + parser.simple_key_allowed = true > + > +@@ -1286,7 +1280,11 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { > + simple_key := &parser.simple_keys[len(parser.simple_keys)-1] > + > + // Have we found a simple key? > +- if simple_key.possible { > ++ if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok { > ++ return false > ++ > ++ } else if valid { > ++ > + // Create the KEY token and insert it into the queue. > + token := yaml_token_t{ > + typ: yaml_KEY_TOKEN, > +@@ -1304,6 +1302,7 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { > + > + // Remove the simple key. > + simple_key.possible = false > ++ delete(parser.simple_keys_by_tok, simple_key.token_number) > + > + // A simple key cannot follow another simple key. > + parser.simple_key_allowed = false > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yaml.go b/src/import/vendor/gopkg.in/yaml.v2/yaml.go > +index de85aa4cdb7..89650e293ac 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/yaml.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/yaml.go > +@@ -89,7 +89,7 @@ func UnmarshalStrict(in []byte, out interface{}) (err error) { > + return unmarshal(in, out, true) > + } > + > +-// A Decorder reads and decodes YAML values from an input stream. > ++// A Decoder reads and decodes YAML values from an input stream. > + type Decoder struct { > + strict bool > + parser *parser > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go > +index e25cee563be..f6a9c8e34b1 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go > +@@ -579,6 +579,7 @@ type yaml_parser_t struct { > + > + simple_key_allowed bool // May a simple key occur at the current position? > + simple_keys []yaml_simple_key_t // The stack of simple keys. > ++ simple_keys_by_tok map[int]int // possible simple_key indexes indexed by token_number > + > + // Parser stuff > + > +diff --git a/src/import/vendor/modules.txt b/src/import/vendor/modules.txt > +index 4585ca5ec0d..06a5d7fa5a0 100644 > +--- a/src/import/vendor/modules.txt > ++++ b/src/import/vendor/modules.txt > +@@ -1069,7 +1069,7 @@ gopkg.in/square/go-jose.v2/jwt > + gopkg.in/tomb.v1 > + # gopkg.in/warnings.v0 v0.1.1 => gopkg.in/warnings.v0 v0.1.1 > + gopkg.in/warnings.v0 > +-# gopkg.in/yaml.v2 v2.2.4 => gopkg.in/yaml.v2 v2.2.4 > ++# gopkg.in/yaml.v2 v2.2.8 => gopkg.in/yaml.v2 v2.2.8 > + gopkg.in/yaml.v2 > + # gotest.tools v2.2.0+incompatible => gotest.tools v2.2.0+incompatible > + gotest.tools > +-- > +2.23.0 > + > diff --git a/recipes-containers/kubernetes/kubernetes_git.bb b/recipes-containers/kubernetes/kubernetes_git.bb > index e96b7d6..941e0ca 100644 > --- a/recipes-containers/kubernetes/kubernetes_git.bb > +++ b/recipes-containers/kubernetes/kubernetes_git.bb > @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/kubernetes/kubernetes.git;branch=release-1.16;name=k > file://CVE-2020-8551.patch \ > file://CVE-2020-8552.patch \ > file://CVE-2020-8555.patch \ > + file://CVE-2019-11254.patch \ > " > > DEPENDS += "rsync-native \ > -- > 2.17.1 > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 2020-06-18 12:49 ` Bruce Ashfield @ 2020-06-19 2:29 ` Zhixiong Chi 2020-06-19 12:54 ` Bruce Ashfield [not found] ` <1619D0FBDD33F6B0.13914@lists.yoctoproject.org> 1 sibling, 1 reply; 8+ messages in thread From: Zhixiong Chi @ 2020-06-19 2:29 UTC (permalink / raw) To: Bruce Ashfield; +Cc: yocto, meta-virtualization [-- Attachment #1: Type: text/plain, Size: 55875 bytes --] On 2020/6/18 下午8:49, Bruce Ashfield wrote: > This should go to the meta-virt mailing list. > > But you still haven't answered my question from the last k8s CVE patch: > > "Can you confirm that the k8s versions in master/dunfell don't have this > CVE ?" Hi Bruce, Sorry for that, it's possible that there is something wrong with our mail server. I just saw your response a few minute ago. For the master/dunfell branch, since we always upgrade the version to cover some issues, as a result some CVE patches will be droped after upgrading, so our yocto-team developer will focus on the CVE cases for master branch if the upstream haven't updated the version for a long time. And they will send the request review to the two branchs. As you known, the sustaining team just send the CVE patches to ZEUS LTS branch if our yoctocolleague work on the master branch, at the same time this rule of our team just applies to the CVE issues. For meta-virtualization mail-list, Do I need to send the request review again? Zhixiong > Bruce > > On Thu, Jun 18, 2020 at 3:34 AM Zhixiong Chi <zhixiong.chi@windriver.com> wrote: >> Backport the CVE patch from the upstream: >> https://github.com/kubernetes/kubernetes.git >> >> Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> >> --- >> .../kubernetes/CVE-2019-11254.patch | 797 ++++++++++++++++++ >> .../kubernetes/kubernetes_git.bb | 1 + >> 2 files changed, 798 insertions(+) >> create mode 100644 recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >> >> diff --git a/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >> new file mode 100644 >> index 0000000..2d991a9 >> --- /dev/null >> +++ b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >> @@ -0,0 +1,797 @@ >> +From e9ba264d57d379d86dfbf3ae94e82eb0ead9c468 Mon Sep 17 00:00:00 2001 >> +From: CJ Cullen <cjcullen@google.com> >> +Date: Wed, 22 Jan 2020 11:32:39 -0800 >> +Subject: [PATCH] update gopkg.in/yaml.v2 to v2.2.8 >> + >> +CVE: CVE-2019-11254 >> +Upstream-Status: Backport [https://github.com/kubernetes/kubernetes.git branch: release-1.16] >> +Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> >> +--- >> + src/import/go.mod | 4 +- >> + src/import/go.sum | 4 +- >> + src/import/staging/src/k8s.io/api/go.sum | 4 +- >> + .../src/k8s.io/apiextensions-apiserver/go.mod | 2 +- >> + .../src/k8s.io/apiextensions-apiserver/go.sum | 4 +- >> + src/import/staging/src/k8s.io/apimachinery/go.mod | 2 +- >> + src/import/staging/src/k8s.io/apimachinery/go.sum | 4 +- >> + src/import/staging/src/k8s.io/apiserver/go.mod | 2 +- >> + src/import/staging/src/k8s.io/apiserver/go.sum | 4 +- >> + src/import/staging/src/k8s.io/cli-runtime/go.sum | 4 +- >> + src/import/staging/src/k8s.io/client-go/go.sum | 4 +- >> + src/import/staging/src/k8s.io/cloud-provider/go.sum | 4 +- >> + src/import/staging/src/k8s.io/cluster-bootstrap/go.sum | 4 +- >> + src/import/staging/src/k8s.io/code-generator/go.mod | 2 +- >> + src/import/staging/src/k8s.io/code-generator/go.sum | 4 +- >> + src/import/staging/src/k8s.io/component-base/go.sum | 4 +- >> + src/import/staging/src/k8s.io/csi-translation-lib/go.sum | 4 +- >> + src/import/staging/src/k8s.io/kube-aggregator/go.sum | 4 +- >> + .../src/k8s.io/kube-controller-manager/go.sum | 4 +- >> + src/import/staging/src/k8s.io/kube-proxy/go.sum | 4 +- >> + src/import/staging/src/k8s.io/kube-scheduler/go.sum | 4 +- >> + src/import/staging/src/k8s.io/kubectl/go.mod | 2 +- >> + src/import/staging/src/k8s.io/kubectl/go.sum | 4 +- >> + src/import/staging/src/k8s.io/kubelet/go.sum | 4 +- >> + .../src/k8s.io/legacy-cloud-providers/go.sum | 4 +- >> + src/import/staging/src/k8s.io/metrics/go.sum | 4 +- >> + src/import/staging/src/k8s.io/node-api/go.sum | 4 +- >> + src/import/staging/src/k8s.io/sample-apiserver/go.sum | 4 +- >> + src/import/staging/src/k8s.io/sample-cli-plugin/go.sum | 4 +- >> + src/import/staging/src/k8s.io/sample-controller/go.sum | 4 +- >> + src/import/vendor/gopkg.in/yaml.v2/.travis.yml | 18 +-- >> + src/import/vendor/gopkg.in/yaml.v2/decode.go | 14 ++- >> + src/import/vendor/gopkg.in/yaml.v2/scannerc.go | 107 +++++++++--------- >> + src/import/vendor/gopkg.in/yaml.v2/yaml.go | 2 +- >> + src/import/vendor/gopkg.in/yaml.v2/yamlh.go | 1 + >> + src/import/vendor/modules.txt | 2 +- >> + 36 files changed, 130 insertions(+), 124 deletions(-) >> + >> +diff --git a/src/import/go.mod b/go.mod >> +index cf8c9147e62..884870f8843 100644 >> +--- a/src/import/go.mod >> ++++ b/src/import/go.mod >> +@@ -139,7 +139,7 @@ require ( >> + google.golang.org/grpc v1.23.0 >> + gopkg.in/gcfg.v1 v1.2.0 >> + gopkg.in/square/go-jose.v2 v2.2.2 >> +- gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 v2.2.8 >> + gotest.tools v2.2.0+incompatible >> + gotest.tools/gotestsum v0.3.5 >> + honnef.co/go/tools v0.0.1-2019.2.2 >> +@@ -444,7 +444,7 @@ replace ( >> + gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 >> + gopkg.in/tomb.v1 => gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 >> + gopkg.in/warnings.v0 => gopkg.in/warnings.v0 v0.1.1 >> +- gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.8 >> + gotest.tools => gotest.tools v2.2.0+incompatible >> + gotest.tools/gotestsum => gotest.tools/gotestsum v0.3.5 >> + honnef.co/go/tools => honnef.co/go/tools v0.0.1-2019.2.2 >> +diff --git a/src/import/go.sum b/src/import/go.sum >> +index b5e3f74686f..617081d2d9e 100644 >> +--- a/src/import/go.sum >> ++++ b/src/import/go.sum >> +@@ -492,8 +492,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep >> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >> + gopkg.in/warnings.v0 v0.1.1 h1:XM28wIgFzaBmeZ5dNHIpWLQpt/9DGKxk+rCg/22nnYE= >> + gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + gotest.tools/gotestsum v0.3.5 h1:VePOWRsuWFYpfp/G8mbmOZKxO5T3501SEGQRUdvq7h0= >> +diff --git a/src/import/staging/src/k8s.io/api/go.sum b/src/import/staging/src/k8s.io/api/go.sum >> +index c162d16011e..8ac86891676 100644 >> +--- a/src/import/staging/src/k8s.io/api/go.sum >> ++++ b/src/import/staging/src/k8s.io/api/go.sum >> +@@ -90,8 +90,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= >> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >> +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >> +index f2cc6ca100f..41289345ad7 100644 >> +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >> ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >> +@@ -21,7 +21,7 @@ require ( >> + github.com/spf13/pflag v1.0.3 >> + github.com/stretchr/testify v1.3.0 >> + google.golang.org/grpc v1.23.0 >> +- gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 v2.2.8 >> + k8s.io/api v0.0.0 >> + k8s.io/apimachinery v0.0.0 >> + k8s.io/apiserver v0.0.0 >> +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >> +index 853644fbe6d..1c4460fdc38 100644 >> +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >> ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >> +@@ -349,8 +349,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.mod b/src/import/staging/src/k8s.io/apimachinery/go.mod >> +index 5b49085be74..bdd9ed2f63d 100644 >> +--- a/src/import/staging/src/k8s.io/apimachinery/go.mod >> ++++ b/src/import/staging/src/k8s.io/apimachinery/go.mod >> +@@ -30,7 +30,7 @@ require ( >> + golang.org/x/text v0.3.2 // indirect >> + gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect >> + gopkg.in/inf.v0 v0.9.0 >> +- gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 v2.2.8 >> + k8s.io/klog v0.4.0 >> + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf >> + sigs.k8s.io/yaml v1.1.0 >> +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.sum b/src/import/staging/src/k8s.io/apimachinery/go.sum >> +index 916261e42c0..636ef5751ea 100644 >> +--- a/src/import/staging/src/k8s.io/apimachinery/go.sum >> ++++ b/src/import/staging/src/k8s.io/apimachinery/go.sum >> +@@ -106,8 +106,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep >> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >> +diff --git a/src/import/staging/src/k8s.io/apiserver/go.mod b/src/import/staging/src/k8s.io/apiserver/go.mod >> +index 8f97b49b06a..e1fdb94df10 100644 >> +--- a/src/import/staging/src/k8s.io/apiserver/go.mod >> ++++ b/src/import/staging/src/k8s.io/apiserver/go.mod >> +@@ -47,7 +47,7 @@ require ( >> + google.golang.org/grpc v1.23.0 >> + gopkg.in/natefinch/lumberjack.v2 v2.0.0 >> + gopkg.in/square/go-jose.v2 v2.2.2 >> +- gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 v2.2.8 >> + gotest.tools v2.2.0+incompatible // indirect >> + k8s.io/api v0.0.0 >> + k8s.io/apimachinery v0.0.0 >> +diff --git a/src/import/staging/src/k8s.io/apiserver/go.sum b/src/import/staging/src/k8s.io/apiserver/go.sum >> +index 9658ae1784a..d055f0d08a2 100644 >> +--- a/src/import/staging/src/k8s.io/apiserver/go.sum >> ++++ b/src/import/staging/src/k8s.io/apiserver/go.sum >> +@@ -268,8 +268,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/cli-runtime/go.sum b/src/import/staging/src/k8s.io/cli-runtime/go.sum >> +index 71af2c05905..641ba432230 100644 >> +--- a/src/import/staging/src/k8s.io/cli-runtime/go.sum >> ++++ b/src/import/staging/src/k8s.io/cli-runtime/go.sum >> +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/client-go/go.sum b/src/import/staging/src/k8s.io/client-go/go.sum >> +index ec7d3780cad..315bfceda79 100644 >> +--- a/src/import/staging/src/k8s.io/client-go/go.sum >> ++++ b/src/import/staging/src/k8s.io/client-go/go.sum >> +@@ -175,8 +175,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/cloud-provider/go.sum b/src/import/staging/src/k8s.io/cloud-provider/go.sum >> +index e00d8e24a27..7d446c66231 100644 >> +--- a/src/import/staging/src/k8s.io/cloud-provider/go.sum >> ++++ b/src/import/staging/src/k8s.io/cloud-provider/go.sum >> +@@ -158,8 +158,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >> +index 09c98a9ccd8..e148b9741de 100644 >> +--- a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >> ++++ b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >> +@@ -91,8 +91,8 @@ gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76 >> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >> +diff --git a/src/import/staging/src/k8s.io/code-generator/go.mod b/src/import/staging/src/k8s.io/code-generator/go.mod >> +index 7717cae18ba..0dc05a6c181 100644 >> +--- a/src/import/staging/src/k8s.io/code-generator/go.mod >> ++++ b/src/import/staging/src/k8s.io/code-generator/go.mod >> +@@ -15,7 +15,7 @@ require ( >> + golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac // indirect >> + gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485 >> + gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e // indirect >> +- gopkg.in/yaml.v2 v2.2.4 // indirect >> ++ gopkg.in/yaml.v2 v2.2.8 // indirect >> + k8s.io/gengo v0.0.0-20190822140433-26a664648505 >> + k8s.io/klog v0.4.0 >> + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf >> +diff --git a/src/import/staging/src/k8s.io/code-generator/go.sum b/src/import/staging/src/k8s.io/code-generator/go.sum >> +index a34b8497afa..a3be7c382b8 100644 >> +--- a/src/import/staging/src/k8s.io/code-generator/go.sum >> ++++ b/src/import/staging/src/k8s.io/code-generator/go.sum >> +@@ -103,8 +103,8 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> + k8s.io/gengo v0.0.0-20190822140433-26a664648505 h1:ZY6yclUKVbZ+SdWnkfY+Je5vrMpKOxmGeKRbsXVmqYM= >> +diff --git a/src/import/staging/src/k8s.io/component-base/go.sum b/src/import/staging/src/k8s.io/component-base/go.sum >> +index 34151a5846d..155e3e420e9 100644 >> +--- a/src/import/staging/src/k8s.io/component-base/go.sum >> ++++ b/src/import/staging/src/k8s.io/component-base/go.sum >> +@@ -171,8 +171,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >> +index 71646a53606..a4de3199c55 100644 >> +--- a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >> ++++ b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >> +@@ -139,8 +139,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/kube-aggregator/go.sum b/src/import/staging/src/k8s.io/kube-aggregator/go.sum >> +index 306beb4d2c1..be07875a640 100644 >> +--- a/src/import/staging/src/k8s.io/kube-aggregator/go.sum >> ++++ b/src/import/staging/src/k8s.io/kube-aggregator/go.sum >> +@@ -303,8 +303,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >> +index 346871c01de..1653f3eca5a 100644 >> +--- a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >> ++++ b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/kube-proxy/go.sum b/src/import/staging/src/k8s.io/kube-proxy/go.sum >> +index 346871c01de..1653f3eca5a 100644 >> +--- a/src/import/staging/src/k8s.io/kube-proxy/go.sum >> ++++ b/src/import/staging/src/k8s.io/kube-proxy/go.sum >> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/kube-scheduler/go.sum b/src/import/staging/src/k8s.io/kube-scheduler/go.sum >> +index 346871c01de..1653f3eca5a 100644 >> +--- a/src/import/staging/src/k8s.io/kube-scheduler/go.sum >> ++++ b/src/import/staging/src/k8s.io/kube-scheduler/go.sum >> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/kubectl/go.mod b/src/import/staging/src/k8s.io/kubectl/go.mod >> +index 5e5e4b2bbed..d1c8a52cbb4 100644 >> +--- a/src/import/staging/src/k8s.io/kubectl/go.mod >> ++++ b/src/import/staging/src/k8s.io/kubectl/go.mod >> +@@ -33,7 +33,7 @@ require ( >> + github.com/spf13/pflag v1.0.3 >> + github.com/stretchr/testify v1.3.0 >> + golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f >> +- gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 v2.2.8 >> + gotest.tools v2.2.0+incompatible // indirect >> + k8s.io/api v0.0.0 >> + k8s.io/apimachinery v0.0.0 >> +diff --git a/src/import/staging/src/k8s.io/kubectl/go.sum b/src/import/staging/src/k8s.io/kubectl/go.sum >> +index b164ecd3dc3..17d56a30001 100644 >> +--- a/src/import/staging/src/k8s.io/kubectl/go.sum >> ++++ b/src/import/staging/src/k8s.io/kubectl/go.sum >> +@@ -268,8 +268,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/kubelet/go.sum b/src/import/staging/src/k8s.io/kubelet/go.sum >> +index 0635238e2ce..e12860540cd 100644 >> +--- a/src/import/staging/src/k8s.io/kubelet/go.sum >> ++++ b/src/import/staging/src/k8s.io/kubelet/go.sum >> +@@ -87,8 +87,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= >> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >> +diff --git a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >> +index 7da7d10f1b0..4affb42e698 100644 >> +--- a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >> ++++ b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >> +@@ -271,8 +271,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/metrics/go.sum b/src/import/staging/src/k8s.io/metrics/go.sum >> +index 4ba35f7c725..b820dfe346b 100644 >> +--- a/src/import/staging/src/k8s.io/metrics/go.sum >> ++++ b/src/import/staging/src/k8s.io/metrics/go.sum >> +@@ -192,8 +192,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >> +diff --git a/src/import/staging/src/k8s.io/node-api/go.sum b/src/import/staging/src/k8s.io/node-api/go.sum >> +index eb2113416f4..df4095e8c53 100644 >> +--- a/src/import/staging/src/k8s.io/node-api/go.sum >> ++++ b/src/import/staging/src/k8s.io/node-api/go.sum >> +@@ -195,8 +195,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >> +diff --git a/src/import/staging/src/k8s.io/sample-apiserver/go.sum b/src/import/staging/src/k8s.io/sample-apiserver/go.sum >> +index 6100b600021..c9af593485a 100644 >> +--- a/src/import/staging/src/k8s.io/sample-apiserver/go.sum >> ++++ b/src/import/staging/src/k8s.io/sample-apiserver/go.sum >> +@@ -300,8 +300,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >> +index 71af2c05905..641ba432230 100644 >> +--- a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >> ++++ b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >> +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/sample-controller/go.sum b/src/import/staging/src/k8s.io/sample-controller/go.sum >> +index 2729443484f..9d360830a5a 100644 >> +--- a/src/import/staging/src/k8s.io/sample-controller/go.sum >> ++++ b/src/import/staging/src/k8s.io/sample-controller/go.sum >> +@@ -196,8 +196,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >> +index 9f556934d8b..055480b9ef8 100644 >> +--- a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >> ++++ b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >> +@@ -1,12 +1,16 @@ >> + language: go >> + >> + go: >> +- - 1.4 >> +- - 1.5 >> +- - 1.6 >> +- - 1.7 >> +- - 1.8 >> +- - 1.9 >> +- - tip >> ++ - "1.4.x" >> ++ - "1.5.x" >> ++ - "1.6.x" >> ++ - "1.7.x" >> ++ - "1.8.x" >> ++ - "1.9.x" >> ++ - "1.10.x" >> ++ - "1.11.x" >> ++ - "1.12.x" >> ++ - "1.13.x" >> ++ - "tip" >> + >> + go_import_path: gopkg.in/yaml.v2 >> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/decode.go b/src/import/vendor/gopkg.in/yaml.v2/decode.go >> +index 53108765555..129bc2a97d3 100644 >> +--- a/src/import/vendor/gopkg.in/yaml.v2/decode.go >> ++++ b/src/import/vendor/gopkg.in/yaml.v2/decode.go >> +@@ -319,10 +319,14 @@ func (d *decoder) prepare(n *node, out reflect.Value) (newout reflect.Value, unm >> + } >> + >> + const ( >> +- // 400,000 decode operations is ~500kb of dense object declarations, or ~5kb of dense object declarations with 10000% alias expansion >> ++ // 400,000 decode operations is ~500kb of dense object declarations, or >> ++ // ~5kb of dense object declarations with 10000% alias expansion >> + alias_ratio_range_low = 400000 >> +- // 4,000,000 decode operations is ~5MB of dense object declarations, or ~4.5MB of dense object declarations with 10% alias expansion >> ++ >> ++ // 4,000,000 decode operations is ~5MB of dense object declarations, or >> ++ // ~4.5MB of dense object declarations with 10% alias expansion >> + alias_ratio_range_high = 4000000 >> ++ >> + // alias_ratio_range is the range over which we scale allowed alias ratios >> + alias_ratio_range = float64(alias_ratio_range_high - alias_ratio_range_low) >> + ) >> +@@ -784,8 +788,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { >> + case mappingNode: >> + d.unmarshal(n, out) >> + case aliasNode: >> +- an, ok := d.doc.anchors[n.value] >> +- if ok && an.kind != mappingNode { >> ++ if n.alias != nil && n.alias.kind != mappingNode { >> + failWantMap() >> + } >> + d.unmarshal(n, out) >> +@@ -794,8 +797,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { >> + for i := len(n.children) - 1; i >= 0; i-- { >> + ni := n.children[i] >> + if ni.kind == aliasNode { >> +- an, ok := d.doc.anchors[ni.value] >> +- if ok && an.kind != mappingNode { >> ++ if ni.alias != nil && ni.alias.kind != mappingNode { >> + failWantMap() >> + } >> + } else if ni.kind != mappingNode { >> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >> +index 570b8ecd10f..0b9bb6030a0 100644 >> +--- a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >> ++++ b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >> +@@ -626,31 +626,18 @@ func trace(args ...interface{}) func() { >> + func yaml_parser_fetch_more_tokens(parser *yaml_parser_t) bool { >> + // While we need more tokens to fetch, do it. >> + for { >> +- // Check if we really need to fetch more tokens. >> +- need_more_tokens := false >> +- >> +- if parser.tokens_head == len(parser.tokens) { >> +- // Queue is empty. >> +- need_more_tokens = true >> +- } else { >> +- // Check if any potential simple key may occupy the head position. >> +- if !yaml_parser_stale_simple_keys(parser) { >> ++ if parser.tokens_head != len(parser.tokens) { >> ++ // If queue is non-empty, check if any potential simple key may >> ++ // occupy the head position. >> ++ head_tok_idx, ok := parser.simple_keys_by_tok[parser.tokens_parsed] >> ++ if !ok { >> ++ break >> ++ } else if valid, ok := yaml_simple_key_is_valid(parser, &parser.simple_keys[head_tok_idx]); !ok { >> + return false >> +- } >> +- >> +- for i := range parser.simple_keys { >> +- simple_key := &parser.simple_keys[i] >> +- if simple_key.possible && simple_key.token_number == parser.tokens_parsed { >> +- need_more_tokens = true >> +- break >> +- } >> ++ } else if !valid { >> ++ break >> + } >> + } >> +- >> +- // We are finished. >> +- if !need_more_tokens { >> +- break >> +- } >> + // Fetch the next token. >> + if !yaml_parser_fetch_next_token(parser) { >> + return false >> +@@ -678,11 +665,6 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { >> + return false >> + } >> + >> +- // Remove obsolete potential simple keys. >> +- if !yaml_parser_stale_simple_keys(parser) { >> +- return false >> +- } >> +- >> + // Check the indentation level against the current column. >> + if !yaml_parser_unroll_indent(parser, parser.mark.column) { >> + return false >> +@@ -837,29 +819,30 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { >> + "found character that cannot start any token") >> + } >> + >> +-// Check the list of potential simple keys and remove the positions that >> +-// cannot contain simple keys anymore. >> +-func yaml_parser_stale_simple_keys(parser *yaml_parser_t) bool { >> +- // Check for a potential simple key for each flow level. >> +- for i := range parser.simple_keys { >> +- simple_key := &parser.simple_keys[i] >> +- >> +- // The specification requires that a simple key >> +- // >> +- // - is limited to a single line, >> +- // - is shorter than 1024 characters. >> +- if simple_key.possible && (simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index) { >> +- >> +- // Check if the potential simple key to be removed is required. >> +- if simple_key.required { >> +- return yaml_parser_set_scanner_error(parser, >> +- "while scanning a simple key", simple_key.mark, >> +- "could not find expected ':'") >> +- } >> +- simple_key.possible = false >> ++func yaml_simple_key_is_valid(parser *yaml_parser_t, simple_key *yaml_simple_key_t) (valid, ok bool) { >> ++ if !simple_key.possible { >> ++ return false, true >> ++ } >> ++ >> ++ // The 1.2 specification says: >> ++ // >> ++ // "If the ? indicator is omitted, parsing needs to see past the >> ++ // implicit key to recognize it as such. To limit the amount of >> ++ // lookahead required, the “:” indicator must appear at most 1024 >> ++ // Unicode characters beyond the start of the key. In addition, the key >> ++ // is restricted to a single line." >> ++ // >> ++ if simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index { >> ++ // Check if the potential simple key to be removed is required. >> ++ if simple_key.required { >> ++ return false, yaml_parser_set_scanner_error(parser, >> ++ "while scanning a simple key", simple_key.mark, >> ++ "could not find expected ':'") >> + } >> ++ simple_key.possible = false >> ++ return false, true >> + } >> +- return true >> ++ return true, true >> + } >> + >> + // Check if a simple key may start at the current position and add it if >> +@@ -879,13 +862,14 @@ func yaml_parser_save_simple_key(parser *yaml_parser_t) bool { >> + possible: true, >> + required: required, >> + token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), >> ++ mark: parser.mark, >> + } >> +- simple_key.mark = parser.mark >> + >> + if !yaml_parser_remove_simple_key(parser) { >> + return false >> + } >> + parser.simple_keys[len(parser.simple_keys)-1] = simple_key >> ++ parser.simple_keys_by_tok[simple_key.token_number] = len(parser.simple_keys) - 1 >> + } >> + return true >> + } >> +@@ -900,9 +884,10 @@ func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool { >> + "while scanning a simple key", parser.simple_keys[i].mark, >> + "could not find expected ':'") >> + } >> ++ // Remove the key from the stack. >> ++ parser.simple_keys[i].possible = false >> ++ delete(parser.simple_keys_by_tok, parser.simple_keys[i].token_number) >> + } >> +- // Remove the key from the stack. >> +- parser.simple_keys[i].possible = false >> + return true >> + } >> + >> +@@ -912,7 +897,12 @@ const max_flow_level = 10000 >> + // Increase the flow level and resize the simple key list if needed. >> + func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { >> + // Reset the simple key on the next level. >> +- parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) >> ++ parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{ >> ++ possible: false, >> ++ required: false, >> ++ token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), >> ++ mark: parser.mark, >> ++ }) >> + >> + // Increase the flow level. >> + parser.flow_level++ >> +@@ -928,7 +918,9 @@ func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { >> + func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool { >> + if parser.flow_level > 0 { >> + parser.flow_level-- >> +- parser.simple_keys = parser.simple_keys[:len(parser.simple_keys)-1] >> ++ last := len(parser.simple_keys) - 1 >> ++ delete(parser.simple_keys_by_tok, parser.simple_keys[last].token_number) >> ++ parser.simple_keys = parser.simple_keys[:last] >> + } >> + return true >> + } >> +@@ -1005,6 +997,8 @@ func yaml_parser_fetch_stream_start(parser *yaml_parser_t) bool { >> + // Initialize the simple key stack. >> + parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) >> + >> ++ parser.simple_keys_by_tok = make(map[int]int) >> ++ >> + // A simple key is allowed at the beginning of the stream. >> + parser.simple_key_allowed = true >> + >> +@@ -1286,7 +1280,11 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { >> + simple_key := &parser.simple_keys[len(parser.simple_keys)-1] >> + >> + // Have we found a simple key? >> +- if simple_key.possible { >> ++ if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok { >> ++ return false >> ++ >> ++ } else if valid { >> ++ >> + // Create the KEY token and insert it into the queue. >> + token := yaml_token_t{ >> + typ: yaml_KEY_TOKEN, >> +@@ -1304,6 +1302,7 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { >> + >> + // Remove the simple key. >> + simple_key.possible = false >> ++ delete(parser.simple_keys_by_tok, simple_key.token_number) >> + >> + // A simple key cannot follow another simple key. >> + parser.simple_key_allowed = false >> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yaml.go b/src/import/vendor/gopkg.in/yaml.v2/yaml.go >> +index de85aa4cdb7..89650e293ac 100644 >> +--- a/src/import/vendor/gopkg.in/yaml.v2/yaml.go >> ++++ b/src/import/vendor/gopkg.in/yaml.v2/yaml.go >> +@@ -89,7 +89,7 @@ func UnmarshalStrict(in []byte, out interface{}) (err error) { >> + return unmarshal(in, out, true) >> + } >> + >> +-// A Decorder reads and decodes YAML values from an input stream. >> ++// A Decoder reads and decodes YAML values from an input stream. >> + type Decoder struct { >> + strict bool >> + parser *parser >> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >> +index e25cee563be..f6a9c8e34b1 100644 >> +--- a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >> ++++ b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >> +@@ -579,6 +579,7 @@ type yaml_parser_t struct { >> + >> + simple_key_allowed bool // May a simple key occur at the current position? >> + simple_keys []yaml_simple_key_t // The stack of simple keys. >> ++ simple_keys_by_tok map[int]int // possible simple_key indexes indexed by token_number >> + >> + // Parser stuff >> + >> +diff --git a/src/import/vendor/modules.txt b/src/import/vendor/modules.txt >> +index 4585ca5ec0d..06a5d7fa5a0 100644 >> +--- a/src/import/vendor/modules.txt >> ++++ b/src/import/vendor/modules.txt >> +@@ -1069,7 +1069,7 @@ gopkg.in/square/go-jose.v2/jwt >> + gopkg.in/tomb.v1 >> + # gopkg.in/warnings.v0 v0.1.1 => gopkg.in/warnings.v0 v0.1.1 >> + gopkg.in/warnings.v0 >> +-# gopkg.in/yaml.v2 v2.2.4 => gopkg.in/yaml.v2 v2.2.4 >> ++# gopkg.in/yaml.v2 v2.2.8 => gopkg.in/yaml.v2 v2.2.8 >> + gopkg.in/yaml.v2 >> + # gotest.tools v2.2.0+incompatible => gotest.tools v2.2.0+incompatible >> + gotest.tools >> +-- >> +2.23.0 >> + >> diff --git a/recipes-containers/kubernetes/kubernetes_git.bb b/recipes-containers/kubernetes/kubernetes_git.bb >> index e96b7d6..941e0ca 100644 >> --- a/recipes-containers/kubernetes/kubernetes_git.bb >> +++ b/recipes-containers/kubernetes/kubernetes_git.bb >> @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/kubernetes/kubernetes.git;branch=release-1.16;name=k >> file://CVE-2020-8551.patch \ >> file://CVE-2020-8552.patch \ >> file://CVE-2020-8555.patch \ >> + file://CVE-2019-11254.patch \ >> " >> >> DEPENDS += "rsync-native \ >> -- >> 2.17.1 >> > -- --------------------- Thanks, Zhixiong Chi Tel: +86-10-8477-7036 [-- Attachment #2: Type: text/html, Size: 56166 bytes --] ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 2020-06-19 2:29 ` Zhixiong Chi @ 2020-06-19 12:54 ` Bruce Ashfield 0 siblings, 0 replies; 8+ messages in thread From: Bruce Ashfield @ 2020-06-19 12:54 UTC (permalink / raw) To: Zhixiong Chi; +Cc: yocto, meta-virtualization On Thu, Jun 18, 2020 at 10:28 PM Zhixiong Chi <zhixiong.chi@windriver.com> wrote: > > > On 2020/6/18 下午8:49, Bruce Ashfield wrote: > > This should go to the meta-virt mailing list. > > But you still haven't answered my question from the last k8s CVE patch: > > "Can you confirm that the k8s versions in master/dunfell don't have this > CVE ?" > > > Hi Bruce, > > Sorry for that, it's possible that there is something wrong with our mail server. I just saw your response a few minute ago. > > For the master/dunfell branch, since we always upgrade the version to cover some issues, > > as a result some CVE patches will be droped after upgrading, so our yocto-team developer will > > focus on the CVE cases for master branch if the upstream haven't updated the version for a long time. > > And they will send the request review to the two branchs. > > As you known, the sustaining team just send the CVE patches to ZEUS LTS branch if our yocto colleague > > work on the master branch, at the same time this rule of our team just applies to the CVE issues. > Sounds good. And yes, in master I prefer to upgrade the version and I typically do those upgrades every 2 months. For the CVE patches, it is just helpful if we explicitly list the impacted versions, so I can easily check the version in master. Alternatively, just mentioning which branches are / are not impacted by an issue is enough. > > For meta-virtualization mail-list, Do I need to send the request review again? Nope. I have it in my queue and will take care of it shortly. Bruce > > > Zhixiong > > Bruce > > On Thu, Jun 18, 2020 at 3:34 AM Zhixiong Chi <zhixiong.chi@windriver.com> wrote: > > Backport the CVE patch from the upstream: > https://github.com/kubernetes/kubernetes.git > > Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> > --- > .../kubernetes/CVE-2019-11254.patch | 797 ++++++++++++++++++ > .../kubernetes/kubernetes_git.bb | 1 + > 2 files changed, 798 insertions(+) > create mode 100644 recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch > > diff --git a/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch > new file mode 100644 > index 0000000..2d991a9 > --- /dev/null > +++ b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch > @@ -0,0 +1,797 @@ > +From e9ba264d57d379d86dfbf3ae94e82eb0ead9c468 Mon Sep 17 00:00:00 2001 > +From: CJ Cullen <cjcullen@google.com> > +Date: Wed, 22 Jan 2020 11:32:39 -0800 > +Subject: [PATCH] update gopkg.in/yaml.v2 to v2.2.8 > + > +CVE: CVE-2019-11254 > +Upstream-Status: Backport [https://github.com/kubernetes/kubernetes.git branch: release-1.16] > +Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> > +--- > + src/import/go.mod | 4 +- > + src/import/go.sum | 4 +- > + src/import/staging/src/k8s.io/api/go.sum | 4 +- > + .../src/k8s.io/apiextensions-apiserver/go.mod | 2 +- > + .../src/k8s.io/apiextensions-apiserver/go.sum | 4 +- > + src/import/staging/src/k8s.io/apimachinery/go.mod | 2 +- > + src/import/staging/src/k8s.io/apimachinery/go.sum | 4 +- > + src/import/staging/src/k8s.io/apiserver/go.mod | 2 +- > + src/import/staging/src/k8s.io/apiserver/go.sum | 4 +- > + src/import/staging/src/k8s.io/cli-runtime/go.sum | 4 +- > + src/import/staging/src/k8s.io/client-go/go.sum | 4 +- > + src/import/staging/src/k8s.io/cloud-provider/go.sum | 4 +- > + src/import/staging/src/k8s.io/cluster-bootstrap/go.sum | 4 +- > + src/import/staging/src/k8s.io/code-generator/go.mod | 2 +- > + src/import/staging/src/k8s.io/code-generator/go.sum | 4 +- > + src/import/staging/src/k8s.io/component-base/go.sum | 4 +- > + src/import/staging/src/k8s.io/csi-translation-lib/go.sum | 4 +- > + src/import/staging/src/k8s.io/kube-aggregator/go.sum | 4 +- > + .../src/k8s.io/kube-controller-manager/go.sum | 4 +- > + src/import/staging/src/k8s.io/kube-proxy/go.sum | 4 +- > + src/import/staging/src/k8s.io/kube-scheduler/go.sum | 4 +- > + src/import/staging/src/k8s.io/kubectl/go.mod | 2 +- > + src/import/staging/src/k8s.io/kubectl/go.sum | 4 +- > + src/import/staging/src/k8s.io/kubelet/go.sum | 4 +- > + .../src/k8s.io/legacy-cloud-providers/go.sum | 4 +- > + src/import/staging/src/k8s.io/metrics/go.sum | 4 +- > + src/import/staging/src/k8s.io/node-api/go.sum | 4 +- > + src/import/staging/src/k8s.io/sample-apiserver/go.sum | 4 +- > + src/import/staging/src/k8s.io/sample-cli-plugin/go.sum | 4 +- > + src/import/staging/src/k8s.io/sample-controller/go.sum | 4 +- > + src/import/vendor/gopkg.in/yaml.v2/.travis.yml | 18 +-- > + src/import/vendor/gopkg.in/yaml.v2/decode.go | 14 ++- > + src/import/vendor/gopkg.in/yaml.v2/scannerc.go | 107 +++++++++--------- > + src/import/vendor/gopkg.in/yaml.v2/yaml.go | 2 +- > + src/import/vendor/gopkg.in/yaml.v2/yamlh.go | 1 + > + src/import/vendor/modules.txt | 2 +- > + 36 files changed, 130 insertions(+), 124 deletions(-) > + > +diff --git a/src/import/go.mod b/go.mod > +index cf8c9147e62..884870f8843 100644 > +--- a/src/import/go.mod > ++++ b/src/import/go.mod > +@@ -139,7 +139,7 @@ require ( > + google.golang.org/grpc v1.23.0 > + gopkg.in/gcfg.v1 v1.2.0 > + gopkg.in/square/go-jose.v2 v2.2.2 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + gotest.tools v2.2.0+incompatible > + gotest.tools/gotestsum v0.3.5 > + honnef.co/go/tools v0.0.1-2019.2.2 > +@@ -444,7 +444,7 @@ replace ( > + gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 > + gopkg.in/tomb.v1 => gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 > + gopkg.in/warnings.v0 => gopkg.in/warnings.v0 v0.1.1 > +- gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.8 > + gotest.tools => gotest.tools v2.2.0+incompatible > + gotest.tools/gotestsum => gotest.tools/gotestsum v0.3.5 > + honnef.co/go/tools => honnef.co/go/tools v0.0.1-2019.2.2 > +diff --git a/src/import/go.sum b/src/import/go.sum > +index b5e3f74686f..617081d2d9e 100644 > +--- a/src/import/go.sum > ++++ b/src/import/go.sum > +@@ -492,8 +492,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/warnings.v0 v0.1.1 h1:XM28wIgFzaBmeZ5dNHIpWLQpt/9DGKxk+rCg/22nnYE= > + gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + gotest.tools/gotestsum v0.3.5 h1:VePOWRsuWFYpfp/G8mbmOZKxO5T3501SEGQRUdvq7h0= > +diff --git a/src/import/staging/src/k8s.io/api/go.sum b/src/import/staging/src/k8s.io/api/go.sum > +index c162d16011e..8ac86891676 100644 > +--- a/src/import/staging/src/k8s.io/api/go.sum > ++++ b/src/import/staging/src/k8s.io/api/go.sum > +@@ -90,8 +90,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod > +index f2cc6ca100f..41289345ad7 100644 > +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod > ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod > +@@ -21,7 +21,7 @@ require ( > + github.com/spf13/pflag v1.0.3 > + github.com/stretchr/testify v1.3.0 > + google.golang.org/grpc v1.23.0 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + k8s.io/api v0.0.0 > + k8s.io/apimachinery v0.0.0 > + k8s.io/apiserver v0.0.0 > +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum > +index 853644fbe6d..1c4460fdc38 100644 > +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum > ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum > +@@ -349,8 +349,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.mod b/src/import/staging/src/k8s.io/apimachinery/go.mod > +index 5b49085be74..bdd9ed2f63d 100644 > +--- a/src/import/staging/src/k8s.io/apimachinery/go.mod > ++++ b/src/import/staging/src/k8s.io/apimachinery/go.mod > +@@ -30,7 +30,7 @@ require ( > + golang.org/x/text v0.3.2 // indirect > + gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect > + gopkg.in/inf.v0 v0.9.0 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + k8s.io/klog v0.4.0 > + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf > + sigs.k8s.io/yaml v1.1.0 > +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.sum b/src/import/staging/src/k8s.io/apimachinery/go.sum > +index 916261e42c0..636ef5751ea 100644 > +--- a/src/import/staging/src/k8s.io/apimachinery/go.sum > ++++ b/src/import/staging/src/k8s.io/apimachinery/go.sum > +@@ -106,8 +106,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/apiserver/go.mod b/src/import/staging/src/k8s.io/apiserver/go.mod > +index 8f97b49b06a..e1fdb94df10 100644 > +--- a/src/import/staging/src/k8s.io/apiserver/go.mod > ++++ b/src/import/staging/src/k8s.io/apiserver/go.mod > +@@ -47,7 +47,7 @@ require ( > + google.golang.org/grpc v1.23.0 > + gopkg.in/natefinch/lumberjack.v2 v2.0.0 > + gopkg.in/square/go-jose.v2 v2.2.2 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + gotest.tools v2.2.0+incompatible // indirect > + k8s.io/api v0.0.0 > + k8s.io/apimachinery v0.0.0 > +diff --git a/src/import/staging/src/k8s.io/apiserver/go.sum b/src/import/staging/src/k8s.io/apiserver/go.sum > +index 9658ae1784a..d055f0d08a2 100644 > +--- a/src/import/staging/src/k8s.io/apiserver/go.sum > ++++ b/src/import/staging/src/k8s.io/apiserver/go.sum > +@@ -268,8 +268,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/cli-runtime/go.sum b/src/import/staging/src/k8s.io/cli-runtime/go.sum > +index 71af2c05905..641ba432230 100644 > +--- a/src/import/staging/src/k8s.io/cli-runtime/go.sum > ++++ b/src/import/staging/src/k8s.io/cli-runtime/go.sum > +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/client-go/go.sum b/src/import/staging/src/k8s.io/client-go/go.sum > +index ec7d3780cad..315bfceda79 100644 > +--- a/src/import/staging/src/k8s.io/client-go/go.sum > ++++ b/src/import/staging/src/k8s.io/client-go/go.sum > +@@ -175,8 +175,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/cloud-provider/go.sum b/src/import/staging/src/k8s.io/cloud-provider/go.sum > +index e00d8e24a27..7d446c66231 100644 > +--- a/src/import/staging/src/k8s.io/cloud-provider/go.sum > ++++ b/src/import/staging/src/k8s.io/cloud-provider/go.sum > +@@ -158,8 +158,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum > +index 09c98a9ccd8..e148b9741de 100644 > +--- a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum > ++++ b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum > +@@ -91,8 +91,8 @@ gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76 > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/code-generator/go.mod b/src/import/staging/src/k8s.io/code-generator/go.mod > +index 7717cae18ba..0dc05a6c181 100644 > +--- a/src/import/staging/src/k8s.io/code-generator/go.mod > ++++ b/src/import/staging/src/k8s.io/code-generator/go.mod > +@@ -15,7 +15,7 @@ require ( > + golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac // indirect > + gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485 > + gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e // indirect > +- gopkg.in/yaml.v2 v2.2.4 // indirect > ++ gopkg.in/yaml.v2 v2.2.8 // indirect > + k8s.io/gengo v0.0.0-20190822140433-26a664648505 > + k8s.io/klog v0.4.0 > + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf > +diff --git a/src/import/staging/src/k8s.io/code-generator/go.sum b/src/import/staging/src/k8s.io/code-generator/go.sum > +index a34b8497afa..a3be7c382b8 100644 > +--- a/src/import/staging/src/k8s.io/code-generator/go.sum > ++++ b/src/import/staging/src/k8s.io/code-generator/go.sum > +@@ -103,8 +103,8 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/gengo v0.0.0-20190822140433-26a664648505 h1:ZY6yclUKVbZ+SdWnkfY+Je5vrMpKOxmGeKRbsXVmqYM= > +diff --git a/src/import/staging/src/k8s.io/component-base/go.sum b/src/import/staging/src/k8s.io/component-base/go.sum > +index 34151a5846d..155e3e420e9 100644 > +--- a/src/import/staging/src/k8s.io/component-base/go.sum > ++++ b/src/import/staging/src/k8s.io/component-base/go.sum > +@@ -171,8 +171,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum > +index 71646a53606..a4de3199c55 100644 > +--- a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum > ++++ b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum > +@@ -139,8 +139,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kube-aggregator/go.sum b/src/import/staging/src/k8s.io/kube-aggregator/go.sum > +index 306beb4d2c1..be07875a640 100644 > +--- a/src/import/staging/src/k8s.io/kube-aggregator/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-aggregator/go.sum > +@@ -303,8 +303,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum > +index 346871c01de..1653f3eca5a 100644 > +--- a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum > +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kube-proxy/go.sum b/src/import/staging/src/k8s.io/kube-proxy/go.sum > +index 346871c01de..1653f3eca5a 100644 > +--- a/src/import/staging/src/k8s.io/kube-proxy/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-proxy/go.sum > +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kube-scheduler/go.sum b/src/import/staging/src/k8s.io/kube-scheduler/go.sum > +index 346871c01de..1653f3eca5a 100644 > +--- a/src/import/staging/src/k8s.io/kube-scheduler/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-scheduler/go.sum > +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kubectl/go.mod b/src/import/staging/src/k8s.io/kubectl/go.mod > +index 5e5e4b2bbed..d1c8a52cbb4 100644 > +--- a/src/import/staging/src/k8s.io/kubectl/go.mod > ++++ b/src/import/staging/src/k8s.io/kubectl/go.mod > +@@ -33,7 +33,7 @@ require ( > + github.com/spf13/pflag v1.0.3 > + github.com/stretchr/testify v1.3.0 > + golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + gotest.tools v2.2.0+incompatible // indirect > + k8s.io/api v0.0.0 > + k8s.io/apimachinery v0.0.0 > +diff --git a/src/import/staging/src/k8s.io/kubectl/go.sum b/src/import/staging/src/k8s.io/kubectl/go.sum > +index b164ecd3dc3..17d56a30001 100644 > +--- a/src/import/staging/src/k8s.io/kubectl/go.sum > ++++ b/src/import/staging/src/k8s.io/kubectl/go.sum > +@@ -268,8 +268,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/kubelet/go.sum b/src/import/staging/src/k8s.io/kubelet/go.sum > +index 0635238e2ce..e12860540cd 100644 > +--- a/src/import/staging/src/k8s.io/kubelet/go.sum > ++++ b/src/import/staging/src/k8s.io/kubelet/go.sum > +@@ -87,8 +87,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum > +index 7da7d10f1b0..4affb42e698 100644 > +--- a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum > ++++ b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum > +@@ -271,8 +271,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/metrics/go.sum b/src/import/staging/src/k8s.io/metrics/go.sum > +index 4ba35f7c725..b820dfe346b 100644 > +--- a/src/import/staging/src/k8s.io/metrics/go.sum > ++++ b/src/import/staging/src/k8s.io/metrics/go.sum > +@@ -192,8 +192,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > +diff --git a/src/import/staging/src/k8s.io/node-api/go.sum b/src/import/staging/src/k8s.io/node-api/go.sum > +index eb2113416f4..df4095e8c53 100644 > +--- a/src/import/staging/src/k8s.io/node-api/go.sum > ++++ b/src/import/staging/src/k8s.io/node-api/go.sum > +@@ -195,8 +195,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > +diff --git a/src/import/staging/src/k8s.io/sample-apiserver/go.sum b/src/import/staging/src/k8s.io/sample-apiserver/go.sum > +index 6100b600021..c9af593485a 100644 > +--- a/src/import/staging/src/k8s.io/sample-apiserver/go.sum > ++++ b/src/import/staging/src/k8s.io/sample-apiserver/go.sum > +@@ -300,8 +300,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum > +index 71af2c05905..641ba432230 100644 > +--- a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum > ++++ b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum > +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/sample-controller/go.sum b/src/import/staging/src/k8s.io/sample-controller/go.sum > +index 2729443484f..9d360830a5a 100644 > +--- a/src/import/staging/src/k8s.io/sample-controller/go.sum > ++++ b/src/import/staging/src/k8s.io/sample-controller/go.sum > +@@ -196,8 +196,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml > +index 9f556934d8b..055480b9ef8 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml > ++++ b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml > +@@ -1,12 +1,16 @@ > + language: go > + > + go: > +- - 1.4 > +- - 1.5 > +- - 1.6 > +- - 1.7 > +- - 1.8 > +- - 1.9 > +- - tip > ++ - "1.4.x" > ++ - "1.5.x" > ++ - "1.6.x" > ++ - "1.7.x" > ++ - "1.8.x" > ++ - "1.9.x" > ++ - "1.10.x" > ++ - "1.11.x" > ++ - "1.12.x" > ++ - "1.13.x" > ++ - "tip" > + > + go_import_path: gopkg.in/yaml.v2 > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/decode.go b/src/import/vendor/gopkg.in/yaml.v2/decode.go > +index 53108765555..129bc2a97d3 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/decode.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/decode.go > +@@ -319,10 +319,14 @@ func (d *decoder) prepare(n *node, out reflect.Value) (newout reflect.Value, unm > + } > + > + const ( > +- // 400,000 decode operations is ~500kb of dense object declarations, or ~5kb of dense object declarations with 10000% alias expansion > ++ // 400,000 decode operations is ~500kb of dense object declarations, or > ++ // ~5kb of dense object declarations with 10000% alias expansion > + alias_ratio_range_low = 400000 > +- // 4,000,000 decode operations is ~5MB of dense object declarations, or ~4.5MB of dense object declarations with 10% alias expansion > ++ > ++ // 4,000,000 decode operations is ~5MB of dense object declarations, or > ++ // ~4.5MB of dense object declarations with 10% alias expansion > + alias_ratio_range_high = 4000000 > ++ > + // alias_ratio_range is the range over which we scale allowed alias ratios > + alias_ratio_range = float64(alias_ratio_range_high - alias_ratio_range_low) > + ) > +@@ -784,8 +788,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { > + case mappingNode: > + d.unmarshal(n, out) > + case aliasNode: > +- an, ok := d.doc.anchors[n.value] > +- if ok && an.kind != mappingNode { > ++ if n.alias != nil && n.alias.kind != mappingNode { > + failWantMap() > + } > + d.unmarshal(n, out) > +@@ -794,8 +797,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { > + for i := len(n.children) - 1; i >= 0; i-- { > + ni := n.children[i] > + if ni.kind == aliasNode { > +- an, ok := d.doc.anchors[ni.value] > +- if ok && an.kind != mappingNode { > ++ if ni.alias != nil && ni.alias.kind != mappingNode { > + failWantMap() > + } > + } else if ni.kind != mappingNode { > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go > +index 570b8ecd10f..0b9bb6030a0 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go > +@@ -626,31 +626,18 @@ func trace(args ...interface{}) func() { > + func yaml_parser_fetch_more_tokens(parser *yaml_parser_t) bool { > + // While we need more tokens to fetch, do it. > + for { > +- // Check if we really need to fetch more tokens. > +- need_more_tokens := false > +- > +- if parser.tokens_head == len(parser.tokens) { > +- // Queue is empty. > +- need_more_tokens = true > +- } else { > +- // Check if any potential simple key may occupy the head position. > +- if !yaml_parser_stale_simple_keys(parser) { > ++ if parser.tokens_head != len(parser.tokens) { > ++ // If queue is non-empty, check if any potential simple key may > ++ // occupy the head position. > ++ head_tok_idx, ok := parser.simple_keys_by_tok[parser.tokens_parsed] > ++ if !ok { > ++ break > ++ } else if valid, ok := yaml_simple_key_is_valid(parser, &parser.simple_keys[head_tok_idx]); !ok { > + return false > +- } > +- > +- for i := range parser.simple_keys { > +- simple_key := &parser.simple_keys[i] > +- if simple_key.possible && simple_key.token_number == parser.tokens_parsed { > +- need_more_tokens = true > +- break > +- } > ++ } else if !valid { > ++ break > + } > + } > +- > +- // We are finished. > +- if !need_more_tokens { > +- break > +- } > + // Fetch the next token. > + if !yaml_parser_fetch_next_token(parser) { > + return false > +@@ -678,11 +665,6 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { > + return false > + } > + > +- // Remove obsolete potential simple keys. > +- if !yaml_parser_stale_simple_keys(parser) { > +- return false > +- } > +- > + // Check the indentation level against the current column. > + if !yaml_parser_unroll_indent(parser, parser.mark.column) { > + return false > +@@ -837,29 +819,30 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { > + "found character that cannot start any token") > + } > + > +-// Check the list of potential simple keys and remove the positions that > +-// cannot contain simple keys anymore. > +-func yaml_parser_stale_simple_keys(parser *yaml_parser_t) bool { > +- // Check for a potential simple key for each flow level. > +- for i := range parser.simple_keys { > +- simple_key := &parser.simple_keys[i] > +- > +- // The specification requires that a simple key > +- // > +- // - is limited to a single line, > +- // - is shorter than 1024 characters. > +- if simple_key.possible && (simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index) { > +- > +- // Check if the potential simple key to be removed is required. > +- if simple_key.required { > +- return yaml_parser_set_scanner_error(parser, > +- "while scanning a simple key", simple_key.mark, > +- "could not find expected ':'") > +- } > +- simple_key.possible = false > ++func yaml_simple_key_is_valid(parser *yaml_parser_t, simple_key *yaml_simple_key_t) (valid, ok bool) { > ++ if !simple_key.possible { > ++ return false, true > ++ } > ++ > ++ // The 1.2 specification says: > ++ // > ++ // "If the ? indicator is omitted, parsing needs to see past the > ++ // implicit key to recognize it as such. To limit the amount of > ++ // lookahead required, the “:” indicator must appear at most 1024 > ++ // Unicode characters beyond the start of the key. In addition, the key > ++ // is restricted to a single line." > ++ // > ++ if simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index { > ++ // Check if the potential simple key to be removed is required. > ++ if simple_key.required { > ++ return false, yaml_parser_set_scanner_error(parser, > ++ "while scanning a simple key", simple_key.mark, > ++ "could not find expected ':'") > + } > ++ simple_key.possible = false > ++ return false, true > + } > +- return true > ++ return true, true > + } > + > + // Check if a simple key may start at the current position and add it if > +@@ -879,13 +862,14 @@ func yaml_parser_save_simple_key(parser *yaml_parser_t) bool { > + possible: true, > + required: required, > + token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), > ++ mark: parser.mark, > + } > +- simple_key.mark = parser.mark > + > + if !yaml_parser_remove_simple_key(parser) { > + return false > + } > + parser.simple_keys[len(parser.simple_keys)-1] = simple_key > ++ parser.simple_keys_by_tok[simple_key.token_number] = len(parser.simple_keys) - 1 > + } > + return true > + } > +@@ -900,9 +884,10 @@ func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool { > + "while scanning a simple key", parser.simple_keys[i].mark, > + "could not find expected ':'") > + } > ++ // Remove the key from the stack. > ++ parser.simple_keys[i].possible = false > ++ delete(parser.simple_keys_by_tok, parser.simple_keys[i].token_number) > + } > +- // Remove the key from the stack. > +- parser.simple_keys[i].possible = false > + return true > + } > + > +@@ -912,7 +897,12 @@ const max_flow_level = 10000 > + // Increase the flow level and resize the simple key list if needed. > + func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { > + // Reset the simple key on the next level. > +- parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) > ++ parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{ > ++ possible: false, > ++ required: false, > ++ token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), > ++ mark: parser.mark, > ++ }) > + > + // Increase the flow level. > + parser.flow_level++ > +@@ -928,7 +918,9 @@ func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { > + func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool { > + if parser.flow_level > 0 { > + parser.flow_level-- > +- parser.simple_keys = parser.simple_keys[:len(parser.simple_keys)-1] > ++ last := len(parser.simple_keys) - 1 > ++ delete(parser.simple_keys_by_tok, parser.simple_keys[last].token_number) > ++ parser.simple_keys = parser.simple_keys[:last] > + } > + return true > + } > +@@ -1005,6 +997,8 @@ func yaml_parser_fetch_stream_start(parser *yaml_parser_t) bool { > + // Initialize the simple key stack. > + parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) > + > ++ parser.simple_keys_by_tok = make(map[int]int) > ++ > + // A simple key is allowed at the beginning of the stream. > + parser.simple_key_allowed = true > + > +@@ -1286,7 +1280,11 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { > + simple_key := &parser.simple_keys[len(parser.simple_keys)-1] > + > + // Have we found a simple key? > +- if simple_key.possible { > ++ if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok { > ++ return false > ++ > ++ } else if valid { > ++ > + // Create the KEY token and insert it into the queue. > + token := yaml_token_t{ > + typ: yaml_KEY_TOKEN, > +@@ -1304,6 +1302,7 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { > + > + // Remove the simple key. > + simple_key.possible = false > ++ delete(parser.simple_keys_by_tok, simple_key.token_number) > + > + // A simple key cannot follow another simple key. > + parser.simple_key_allowed = false > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yaml.go b/src/import/vendor/gopkg.in/yaml.v2/yaml.go > +index de85aa4cdb7..89650e293ac 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/yaml.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/yaml.go > +@@ -89,7 +89,7 @@ func UnmarshalStrict(in []byte, out interface{}) (err error) { > + return unmarshal(in, out, true) > + } > + > +-// A Decorder reads and decodes YAML values from an input stream. > ++// A Decoder reads and decodes YAML values from an input stream. > + type Decoder struct { > + strict bool > + parser *parser > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go > +index e25cee563be..f6a9c8e34b1 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go > +@@ -579,6 +579,7 @@ type yaml_parser_t struct { > + > + simple_key_allowed bool // May a simple key occur at the current position? > + simple_keys []yaml_simple_key_t // The stack of simple keys. > ++ simple_keys_by_tok map[int]int // possible simple_key indexes indexed by token_number > + > + // Parser stuff > + > +diff --git a/src/import/vendor/modules.txt b/src/import/vendor/modules.txt > +index 4585ca5ec0d..06a5d7fa5a0 100644 > +--- a/src/import/vendor/modules.txt > ++++ b/src/import/vendor/modules.txt > +@@ -1069,7 +1069,7 @@ gopkg.in/square/go-jose.v2/jwt > + gopkg.in/tomb.v1 > + # gopkg.in/warnings.v0 v0.1.1 => gopkg.in/warnings.v0 v0.1.1 > + gopkg.in/warnings.v0 > +-# gopkg.in/yaml.v2 v2.2.4 => gopkg.in/yaml.v2 v2.2.4 > ++# gopkg.in/yaml.v2 v2.2.8 => gopkg.in/yaml.v2 v2.2.8 > + gopkg.in/yaml.v2 > + # gotest.tools v2.2.0+incompatible => gotest.tools v2.2.0+incompatible > + gotest.tools > +-- > +2.23.0 > + > diff --git a/recipes-containers/kubernetes/kubernetes_git.bb b/recipes-containers/kubernetes/kubernetes_git.bb > index e96b7d6..941e0ca 100644 > --- a/recipes-containers/kubernetes/kubernetes_git.bb > +++ b/recipes-containers/kubernetes/kubernetes_git.bb > @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/kubernetes/kubernetes.git;branch=release-1.16;name=k > file://CVE-2020-8551.patch \ > file://CVE-2020-8552.patch \ > file://CVE-2020-8555.patch \ > + file://CVE-2019-11254.patch \ > " > > DEPENDS += "rsync-native \ > -- > 2.17.1 > > > -- > --------------------- > Thanks, > Zhixiong Chi > Tel: +86-10-8477-7036 -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II ^ permalink raw reply [flat|nested] 8+ messages in thread
[parent not found: <1619D0FBDD33F6B0.13914@lists.yoctoproject.org>]
* Re: [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 [not found] ` <1619D0FBDD33F6B0.13914@lists.yoctoproject.org> @ 2020-06-19 3:19 ` Zhixiong Chi [not found] ` <1619D3B5F684DBB7.13914@lists.yoctoproject.org> 1 sibling, 0 replies; 8+ messages in thread From: Zhixiong Chi @ 2020-06-19 3:19 UTC (permalink / raw) To: Bruce Ashfield; +Cc: yocto, meta-virtualization [-- Attachment #1: Type: text/plain, Size: 57070 bytes --] On 2020/6/19 上午10:29, Zhixiong Chi wrote: > > On 2020/6/18 下午8:49, Bruce Ashfield wrote: >> This should go to the meta-virt mailing list. >> >> But you still haven't answered my question from the last k8s CVE patch: >> >> "Can you confirm that the k8s versions in master/dunfell don't have this >> CVE ?" > > Hi Bruce, > > Sorry for that, it's possible that there is something wrong with our > mail server. I just saw your response a few minute ago. > > For the master/dunfell branch, since we always upgrade the version to > cover some issues, > > as a result some CVE patches will be droped after upgrading, so our > yocto-team developer will > > focus on the CVE cases for master branch if the upstream haven't > updated the version for a long time. > > And they will send the request review to the two branchs. > > As you known, the sustaining team just send the CVE patches to ZEUS > LTS branch if our yoctocolleague > > work on the master branch, at the same time this rule of our team just > applies to the CVE issues. > > > For meta-virtualization mail-list, Do I need to send the request > review again? > > > Zhixiong > I have checked the master/dunfell branch, the CVE-2020-8555 and CVE-2019-11254 isse don't affect master branch, but the two affect the fundell branch. Thanks, >> Bruce >> >> On Thu, Jun 18, 2020 at 3:34 AM Zhixiong Chi <zhixiong.chi@windriver.com> wrote: >>> Backport the CVE patch from the upstream: >>> https://github.com/kubernetes/kubernetes.git >>> >>> Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> >>> --- >>> .../kubernetes/CVE-2019-11254.patch | 797 ++++++++++++++++++ >>> .../kubernetes/kubernetes_git.bb | 1 + >>> 2 files changed, 798 insertions(+) >>> create mode 100644 recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >>> >>> diff --git a/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >>> new file mode 100644 >>> index 0000000..2d991a9 >>> --- /dev/null >>> +++ b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >>> @@ -0,0 +1,797 @@ >>> +From e9ba264d57d379d86dfbf3ae94e82eb0ead9c468 Mon Sep 17 00:00:00 2001 >>> +From: CJ Cullen <cjcullen@google.com> >>> +Date: Wed, 22 Jan 2020 11:32:39 -0800 >>> +Subject: [PATCH] update gopkg.in/yaml.v2 to v2.2.8 >>> + >>> +CVE: CVE-2019-11254 >>> +Upstream-Status: Backport [https://github.com/kubernetes/kubernetes.git branch: release-1.16] >>> +Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> >>> +--- >>> + src/import/go.mod | 4 +- >>> + src/import/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/api/go.sum | 4 +- >>> + .../src/k8s.io/apiextensions-apiserver/go.mod | 2 +- >>> + .../src/k8s.io/apiextensions-apiserver/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/apimachinery/go.mod | 2 +- >>> + src/import/staging/src/k8s.io/apimachinery/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/apiserver/go.mod | 2 +- >>> + src/import/staging/src/k8s.io/apiserver/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/cli-runtime/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/client-go/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/cloud-provider/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/cluster-bootstrap/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/code-generator/go.mod | 2 +- >>> + src/import/staging/src/k8s.io/code-generator/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/component-base/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/csi-translation-lib/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/kube-aggregator/go.sum | 4 +- >>> + .../src/k8s.io/kube-controller-manager/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/kube-proxy/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/kube-scheduler/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/kubectl/go.mod | 2 +- >>> + src/import/staging/src/k8s.io/kubectl/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/kubelet/go.sum | 4 +- >>> + .../src/k8s.io/legacy-cloud-providers/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/metrics/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/node-api/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/sample-apiserver/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/sample-cli-plugin/go.sum | 4 +- >>> + src/import/staging/src/k8s.io/sample-controller/go.sum | 4 +- >>> + src/import/vendor/gopkg.in/yaml.v2/.travis.yml | 18 +-- >>> + src/import/vendor/gopkg.in/yaml.v2/decode.go | 14 ++- >>> + src/import/vendor/gopkg.in/yaml.v2/scannerc.go | 107 +++++++++--------- >>> + src/import/vendor/gopkg.in/yaml.v2/yaml.go | 2 +- >>> + src/import/vendor/gopkg.in/yaml.v2/yamlh.go | 1 + >>> + src/import/vendor/modules.txt | 2 +- >>> + 36 files changed, 130 insertions(+), 124 deletions(-) >>> + >>> +diff --git a/src/import/go.mod b/go.mod >>> +index cf8c9147e62..884870f8843 100644 >>> +--- a/src/import/go.mod >>> ++++ b/src/import/go.mod >>> +@@ -139,7 +139,7 @@ require ( >>> + google.golang.org/grpc v1.23.0 >>> + gopkg.in/gcfg.v1 v1.2.0 >>> + gopkg.in/square/go-jose.v2 v2.2.2 >>> +- gopkg.in/yaml.v2 v2.2.4 >>> ++ gopkg.in/yaml.v2 v2.2.8 >>> + gotest.tools v2.2.0+incompatible >>> + gotest.tools/gotestsum v0.3.5 >>> + honnef.co/go/tools v0.0.1-2019.2.2 >>> +@@ -444,7 +444,7 @@ replace ( >>> + gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 >>> + gopkg.in/tomb.v1 => gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 >>> + gopkg.in/warnings.v0 => gopkg.in/warnings.v0 v0.1.1 >>> +- gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.4 >>> ++ gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.8 >>> + gotest.tools => gotest.tools v2.2.0+incompatible >>> + gotest.tools/gotestsum => gotest.tools/gotestsum v0.3.5 >>> + honnef.co/go/tools => honnef.co/go/tools v0.0.1-2019.2.2 >>> +diff --git a/src/import/go.sum b/src/import/go.sum >>> +index b5e3f74686f..617081d2d9e 100644 >>> +--- a/src/import/go.sum >>> ++++ b/src/import/go.sum >>> +@@ -492,8 +492,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep >>> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >>> + gopkg.in/warnings.v0 v0.1.1 h1:XM28wIgFzaBmeZ5dNHIpWLQpt/9DGKxk+rCg/22nnYE= >>> + gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>> + gotest.tools/gotestsum v0.3.5 h1:VePOWRsuWFYpfp/G8mbmOZKxO5T3501SEGQRUdvq7h0= >>> +diff --git a/src/import/staging/src/k8s.io/api/go.sum b/src/import/staging/src/k8s.io/api/go.sum >>> +index c162d16011e..8ac86891676 100644 >>> +--- a/src/import/staging/src/k8s.io/api/go.sum >>> ++++ b/src/import/staging/src/k8s.io/api/go.sum >>> +@@ -90,8 +90,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= >>> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >>> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >>> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >>> +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >>> +index f2cc6ca100f..41289345ad7 100644 >>> +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >>> ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >>> +@@ -21,7 +21,7 @@ require ( >>> + github.com/spf13/pflag v1.0.3 >>> + github.com/stretchr/testify v1.3.0 >>> + google.golang.org/grpc v1.23.0 >>> +- gopkg.in/yaml.v2 v2.2.4 >>> ++ gopkg.in/yaml.v2 v2.2.8 >>> + k8s.io/api v0.0.0 >>> + k8s.io/apimachinery v0.0.0 >>> + k8s.io/apiserver v0.0.0 >>> +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >>> +index 853644fbe6d..1c4460fdc38 100644 >>> +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >>> ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >>> +@@ -349,8 +349,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.mod b/src/import/staging/src/k8s.io/apimachinery/go.mod >>> +index 5b49085be74..bdd9ed2f63d 100644 >>> +--- a/src/import/staging/src/k8s.io/apimachinery/go.mod >>> ++++ b/src/import/staging/src/k8s.io/apimachinery/go.mod >>> +@@ -30,7 +30,7 @@ require ( >>> + golang.org/x/text v0.3.2 // indirect >>> + gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect >>> + gopkg.in/inf.v0 v0.9.0 >>> +- gopkg.in/yaml.v2 v2.2.4 >>> ++ gopkg.in/yaml.v2 v2.2.8 >>> + k8s.io/klog v0.4.0 >>> + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf >>> + sigs.k8s.io/yaml v1.1.0 >>> +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.sum b/src/import/staging/src/k8s.io/apimachinery/go.sum >>> +index 916261e42c0..636ef5751ea 100644 >>> +--- a/src/import/staging/src/k8s.io/apimachinery/go.sum >>> ++++ b/src/import/staging/src/k8s.io/apimachinery/go.sum >>> +@@ -106,8 +106,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep >>> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >>> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >>> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >>> +diff --git a/src/import/staging/src/k8s.io/apiserver/go.mod b/src/import/staging/src/k8s.io/apiserver/go.mod >>> +index 8f97b49b06a..e1fdb94df10 100644 >>> +--- a/src/import/staging/src/k8s.io/apiserver/go.mod >>> ++++ b/src/import/staging/src/k8s.io/apiserver/go.mod >>> +@@ -47,7 +47,7 @@ require ( >>> + google.golang.org/grpc v1.23.0 >>> + gopkg.in/natefinch/lumberjack.v2 v2.0.0 >>> + gopkg.in/square/go-jose.v2 v2.2.2 >>> +- gopkg.in/yaml.v2 v2.2.4 >>> ++ gopkg.in/yaml.v2 v2.2.8 >>> + gotest.tools v2.2.0+incompatible // indirect >>> + k8s.io/api v0.0.0 >>> + k8s.io/apimachinery v0.0.0 >>> +diff --git a/src/import/staging/src/k8s.io/apiserver/go.sum b/src/import/staging/src/k8s.io/apiserver/go.sum >>> +index 9658ae1784a..d055f0d08a2 100644 >>> +--- a/src/import/staging/src/k8s.io/apiserver/go.sum >>> ++++ b/src/import/staging/src/k8s.io/apiserver/go.sum >>> +@@ -268,8 +268,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> +diff --git a/src/import/staging/src/k8s.io/cli-runtime/go.sum b/src/import/staging/src/k8s.io/cli-runtime/go.sum >>> +index 71af2c05905..641ba432230 100644 >>> +--- a/src/import/staging/src/k8s.io/cli-runtime/go.sum >>> ++++ b/src/import/staging/src/k8s.io/cli-runtime/go.sum >>> +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> +diff --git a/src/import/staging/src/k8s.io/client-go/go.sum b/src/import/staging/src/k8s.io/client-go/go.sum >>> +index ec7d3780cad..315bfceda79 100644 >>> +--- a/src/import/staging/src/k8s.io/client-go/go.sum >>> ++++ b/src/import/staging/src/k8s.io/client-go/go.sum >>> +@@ -175,8 +175,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> +diff --git a/src/import/staging/src/k8s.io/cloud-provider/go.sum b/src/import/staging/src/k8s.io/cloud-provider/go.sum >>> +index e00d8e24a27..7d446c66231 100644 >>> +--- a/src/import/staging/src/k8s.io/cloud-provider/go.sum >>> ++++ b/src/import/staging/src/k8s.io/cloud-provider/go.sum >>> +@@ -158,8 +158,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> +diff --git a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >>> +index 09c98a9ccd8..e148b9741de 100644 >>> +--- a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >>> ++++ b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >>> +@@ -91,8 +91,8 @@ gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76 >>> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >>> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >>> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >>> +diff --git a/src/import/staging/src/k8s.io/code-generator/go.mod b/src/import/staging/src/k8s.io/code-generator/go.mod >>> +index 7717cae18ba..0dc05a6c181 100644 >>> +--- a/src/import/staging/src/k8s.io/code-generator/go.mod >>> ++++ b/src/import/staging/src/k8s.io/code-generator/go.mod >>> +@@ -15,7 +15,7 @@ require ( >>> + golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac // indirect >>> + gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485 >>> + gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e // indirect >>> +- gopkg.in/yaml.v2 v2.2.4 // indirect >>> ++ gopkg.in/yaml.v2 v2.2.8 // indirect >>> + k8s.io/gengo v0.0.0-20190822140433-26a664648505 >>> + k8s.io/klog v0.4.0 >>> + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf >>> +diff --git a/src/import/staging/src/k8s.io/code-generator/go.sum b/src/import/staging/src/k8s.io/code-generator/go.sum >>> +index a34b8497afa..a3be7c382b8 100644 >>> +--- a/src/import/staging/src/k8s.io/code-generator/go.sum >>> ++++ b/src/import/staging/src/k8s.io/code-generator/go.sum >>> +@@ -103,8 +103,8 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> + k8s.io/gengo v0.0.0-20190822140433-26a664648505 h1:ZY6yclUKVbZ+SdWnkfY+Je5vrMpKOxmGeKRbsXVmqYM= >>> +diff --git a/src/import/staging/src/k8s.io/component-base/go.sum b/src/import/staging/src/k8s.io/component-base/go.sum >>> +index 34151a5846d..155e3e420e9 100644 >>> +--- a/src/import/staging/src/k8s.io/component-base/go.sum >>> ++++ b/src/import/staging/src/k8s.io/component-base/go.sum >>> +@@ -171,8 +171,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> +diff --git a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >>> +index 71646a53606..a4de3199c55 100644 >>> +--- a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >>> ++++ b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >>> +@@ -139,8 +139,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> +diff --git a/src/import/staging/src/k8s.io/kube-aggregator/go.sum b/src/import/staging/src/k8s.io/kube-aggregator/go.sum >>> +index 306beb4d2c1..be07875a640 100644 >>> +--- a/src/import/staging/src/k8s.io/kube-aggregator/go.sum >>> ++++ b/src/import/staging/src/k8s.io/kube-aggregator/go.sum >>> +@@ -303,8 +303,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> +diff --git a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >>> +index 346871c01de..1653f3eca5a 100644 >>> +--- a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >>> ++++ b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >>> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> +diff --git a/src/import/staging/src/k8s.io/kube-proxy/go.sum b/src/import/staging/src/k8s.io/kube-proxy/go.sum >>> +index 346871c01de..1653f3eca5a 100644 >>> +--- a/src/import/staging/src/k8s.io/kube-proxy/go.sum >>> ++++ b/src/import/staging/src/k8s.io/kube-proxy/go.sum >>> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> +diff --git a/src/import/staging/src/k8s.io/kube-scheduler/go.sum b/src/import/staging/src/k8s.io/kube-scheduler/go.sum >>> +index 346871c01de..1653f3eca5a 100644 >>> +--- a/src/import/staging/src/k8s.io/kube-scheduler/go.sum >>> ++++ b/src/import/staging/src/k8s.io/kube-scheduler/go.sum >>> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> +diff --git a/src/import/staging/src/k8s.io/kubectl/go.mod b/src/import/staging/src/k8s.io/kubectl/go.mod >>> +index 5e5e4b2bbed..d1c8a52cbb4 100644 >>> +--- a/src/import/staging/src/k8s.io/kubectl/go.mod >>> ++++ b/src/import/staging/src/k8s.io/kubectl/go.mod >>> +@@ -33,7 +33,7 @@ require ( >>> + github.com/spf13/pflag v1.0.3 >>> + github.com/stretchr/testify v1.3.0 >>> + golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f >>> +- gopkg.in/yaml.v2 v2.2.4 >>> ++ gopkg.in/yaml.v2 v2.2.8 >>> + gotest.tools v2.2.0+incompatible // indirect >>> + k8s.io/api v0.0.0 >>> + k8s.io/apimachinery v0.0.0 >>> +diff --git a/src/import/staging/src/k8s.io/kubectl/go.sum b/src/import/staging/src/k8s.io/kubectl/go.sum >>> +index b164ecd3dc3..17d56a30001 100644 >>> +--- a/src/import/staging/src/k8s.io/kubectl/go.sum >>> ++++ b/src/import/staging/src/k8s.io/kubectl/go.sum >>> +@@ -268,8 +268,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> +diff --git a/src/import/staging/src/k8s.io/kubelet/go.sum b/src/import/staging/src/k8s.io/kubelet/go.sum >>> +index 0635238e2ce..e12860540cd 100644 >>> +--- a/src/import/staging/src/k8s.io/kubelet/go.sum >>> ++++ b/src/import/staging/src/k8s.io/kubelet/go.sum >>> +@@ -87,8 +87,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= >>> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >>> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >>> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >>> +diff --git a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >>> +index 7da7d10f1b0..4affb42e698 100644 >>> +--- a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >>> ++++ b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >>> +@@ -271,8 +271,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> +diff --git a/src/import/staging/src/k8s.io/metrics/go.sum b/src/import/staging/src/k8s.io/metrics/go.sum >>> +index 4ba35f7c725..b820dfe346b 100644 >>> +--- a/src/import/staging/src/k8s.io/metrics/go.sum >>> ++++ b/src/import/staging/src/k8s.io/metrics/go.sum >>> +@@ -192,8 +192,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >>> +diff --git a/src/import/staging/src/k8s.io/node-api/go.sum b/src/import/staging/src/k8s.io/node-api/go.sum >>> +index eb2113416f4..df4095e8c53 100644 >>> +--- a/src/import/staging/src/k8s.io/node-api/go.sum >>> ++++ b/src/import/staging/src/k8s.io/node-api/go.sum >>> +@@ -195,8 +195,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >>> +diff --git a/src/import/staging/src/k8s.io/sample-apiserver/go.sum b/src/import/staging/src/k8s.io/sample-apiserver/go.sum >>> +index 6100b600021..c9af593485a 100644 >>> +--- a/src/import/staging/src/k8s.io/sample-apiserver/go.sum >>> ++++ b/src/import/staging/src/k8s.io/sample-apiserver/go.sum >>> +@@ -300,8 +300,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> +diff --git a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >>> +index 71af2c05905..641ba432230 100644 >>> +--- a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >>> ++++ b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >>> +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>> +diff --git a/src/import/staging/src/k8s.io/sample-controller/go.sum b/src/import/staging/src/k8s.io/sample-controller/go.sum >>> +index 2729443484f..9d360830a5a 100644 >>> +--- a/src/import/staging/src/k8s.io/sample-controller/go.sum >>> ++++ b/src/import/staging/src/k8s.io/sample-controller/go.sum >>> +@@ -196,8 +196,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >>> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >>> +index 9f556934d8b..055480b9ef8 100644 >>> +--- a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >>> ++++ b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >>> +@@ -1,12 +1,16 @@ >>> + language: go >>> + >>> + go: >>> +- - 1.4 >>> +- - 1.5 >>> +- - 1.6 >>> +- - 1.7 >>> +- - 1.8 >>> +- - 1.9 >>> +- - tip >>> ++ - "1.4.x" >>> ++ - "1.5.x" >>> ++ - "1.6.x" >>> ++ - "1.7.x" >>> ++ - "1.8.x" >>> ++ - "1.9.x" >>> ++ - "1.10.x" >>> ++ - "1.11.x" >>> ++ - "1.12.x" >>> ++ - "1.13.x" >>> ++ - "tip" >>> + >>> + go_import_path: gopkg.in/yaml.v2 >>> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/decode.go b/src/import/vendor/gopkg.in/yaml.v2/decode.go >>> +index 53108765555..129bc2a97d3 100644 >>> +--- a/src/import/vendor/gopkg.in/yaml.v2/decode.go >>> ++++ b/src/import/vendor/gopkg.in/yaml.v2/decode.go >>> +@@ -319,10 +319,14 @@ func (d *decoder) prepare(n *node, out reflect.Value) (newout reflect.Value, unm >>> + } >>> + >>> + const ( >>> +- // 400,000 decode operations is ~500kb of dense object declarations, or ~5kb of dense object declarations with 10000% alias expansion >>> ++ // 400,000 decode operations is ~500kb of dense object declarations, or >>> ++ // ~5kb of dense object declarations with 10000% alias expansion >>> + alias_ratio_range_low = 400000 >>> +- // 4,000,000 decode operations is ~5MB of dense object declarations, or ~4.5MB of dense object declarations with 10% alias expansion >>> ++ >>> ++ // 4,000,000 decode operations is ~5MB of dense object declarations, or >>> ++ // ~4.5MB of dense object declarations with 10% alias expansion >>> + alias_ratio_range_high = 4000000 >>> ++ >>> + // alias_ratio_range is the range over which we scale allowed alias ratios >>> + alias_ratio_range = float64(alias_ratio_range_high - alias_ratio_range_low) >>> + ) >>> +@@ -784,8 +788,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { >>> + case mappingNode: >>> + d.unmarshal(n, out) >>> + case aliasNode: >>> +- an, ok := d.doc.anchors[n.value] >>> +- if ok && an.kind != mappingNode { >>> ++ if n.alias != nil && n.alias.kind != mappingNode { >>> + failWantMap() >>> + } >>> + d.unmarshal(n, out) >>> +@@ -794,8 +797,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { >>> + for i := len(n.children) - 1; i >= 0; i-- { >>> + ni := n.children[i] >>> + if ni.kind == aliasNode { >>> +- an, ok := d.doc.anchors[ni.value] >>> +- if ok && an.kind != mappingNode { >>> ++ if ni.alias != nil && ni.alias.kind != mappingNode { >>> + failWantMap() >>> + } >>> + } else if ni.kind != mappingNode { >>> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >>> +index 570b8ecd10f..0b9bb6030a0 100644 >>> +--- a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >>> ++++ b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >>> +@@ -626,31 +626,18 @@ func trace(args ...interface{}) func() { >>> + func yaml_parser_fetch_more_tokens(parser *yaml_parser_t) bool { >>> + // While we need more tokens to fetch, do it. >>> + for { >>> +- // Check if we really need to fetch more tokens. >>> +- need_more_tokens := false >>> +- >>> +- if parser.tokens_head == len(parser.tokens) { >>> +- // Queue is empty. >>> +- need_more_tokens = true >>> +- } else { >>> +- // Check if any potential simple key may occupy the head position. >>> +- if !yaml_parser_stale_simple_keys(parser) { >>> ++ if parser.tokens_head != len(parser.tokens) { >>> ++ // If queue is non-empty, check if any potential simple key may >>> ++ // occupy the head position. >>> ++ head_tok_idx, ok := parser.simple_keys_by_tok[parser.tokens_parsed] >>> ++ if !ok { >>> ++ break >>> ++ } else if valid, ok := yaml_simple_key_is_valid(parser, &parser.simple_keys[head_tok_idx]); !ok { >>> + return false >>> +- } >>> +- >>> +- for i := range parser.simple_keys { >>> +- simple_key := &parser.simple_keys[i] >>> +- if simple_key.possible && simple_key.token_number == parser.tokens_parsed { >>> +- need_more_tokens = true >>> +- break >>> +- } >>> ++ } else if !valid { >>> ++ break >>> + } >>> + } >>> +- >>> +- // We are finished. >>> +- if !need_more_tokens { >>> +- break >>> +- } >>> + // Fetch the next token. >>> + if !yaml_parser_fetch_next_token(parser) { >>> + return false >>> +@@ -678,11 +665,6 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { >>> + return false >>> + } >>> + >>> +- // Remove obsolete potential simple keys. >>> +- if !yaml_parser_stale_simple_keys(parser) { >>> +- return false >>> +- } >>> +- >>> + // Check the indentation level against the current column. >>> + if !yaml_parser_unroll_indent(parser, parser.mark.column) { >>> + return false >>> +@@ -837,29 +819,30 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { >>> + "found character that cannot start any token") >>> + } >>> + >>> +-// Check the list of potential simple keys and remove the positions that >>> +-// cannot contain simple keys anymore. >>> +-func yaml_parser_stale_simple_keys(parser *yaml_parser_t) bool { >>> +- // Check for a potential simple key for each flow level. >>> +- for i := range parser.simple_keys { >>> +- simple_key := &parser.simple_keys[i] >>> +- >>> +- // The specification requires that a simple key >>> +- // >>> +- // - is limited to a single line, >>> +- // - is shorter than 1024 characters. >>> +- if simple_key.possible && (simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index) { >>> +- >>> +- // Check if the potential simple key to be removed is required. >>> +- if simple_key.required { >>> +- return yaml_parser_set_scanner_error(parser, >>> +- "while scanning a simple key", simple_key.mark, >>> +- "could not find expected ':'") >>> +- } >>> +- simple_key.possible = false >>> ++func yaml_simple_key_is_valid(parser *yaml_parser_t, simple_key *yaml_simple_key_t) (valid, ok bool) { >>> ++ if !simple_key.possible { >>> ++ return false, true >>> ++ } >>> ++ >>> ++ // The 1.2 specification says: >>> ++ // >>> ++ // "If the ? indicator is omitted, parsing needs to see past the >>> ++ // implicit key to recognize it as such. To limit the amount of >>> ++ // lookahead required, the “:” indicator must appear at most 1024 >>> ++ // Unicode characters beyond the start of the key. In addition, the key >>> ++ // is restricted to a single line." >>> ++ // >>> ++ if simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index { >>> ++ // Check if the potential simple key to be removed is required. >>> ++ if simple_key.required { >>> ++ return false, yaml_parser_set_scanner_error(parser, >>> ++ "while scanning a simple key", simple_key.mark, >>> ++ "could not find expected ':'") >>> + } >>> ++ simple_key.possible = false >>> ++ return false, true >>> + } >>> +- return true >>> ++ return true, true >>> + } >>> + >>> + // Check if a simple key may start at the current position and add it if >>> +@@ -879,13 +862,14 @@ func yaml_parser_save_simple_key(parser *yaml_parser_t) bool { >>> + possible: true, >>> + required: required, >>> + token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), >>> ++ mark: parser.mark, >>> + } >>> +- simple_key.mark = parser.mark >>> + >>> + if !yaml_parser_remove_simple_key(parser) { >>> + return false >>> + } >>> + parser.simple_keys[len(parser.simple_keys)-1] = simple_key >>> ++ parser.simple_keys_by_tok[simple_key.token_number] = len(parser.simple_keys) - 1 >>> + } >>> + return true >>> + } >>> +@@ -900,9 +884,10 @@ func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool { >>> + "while scanning a simple key", parser.simple_keys[i].mark, >>> + "could not find expected ':'") >>> + } >>> ++ // Remove the key from the stack. >>> ++ parser.simple_keys[i].possible = false >>> ++ delete(parser.simple_keys_by_tok, parser.simple_keys[i].token_number) >>> + } >>> +- // Remove the key from the stack. >>> +- parser.simple_keys[i].possible = false >>> + return true >>> + } >>> + >>> +@@ -912,7 +897,12 @@ const max_flow_level = 10000 >>> + // Increase the flow level and resize the simple key list if needed. >>> + func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { >>> + // Reset the simple key on the next level. >>> +- parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) >>> ++ parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{ >>> ++ possible: false, >>> ++ required: false, >>> ++ token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), >>> ++ mark: parser.mark, >>> ++ }) >>> + >>> + // Increase the flow level. >>> + parser.flow_level++ >>> +@@ -928,7 +918,9 @@ func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { >>> + func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool { >>> + if parser.flow_level > 0 { >>> + parser.flow_level-- >>> +- parser.simple_keys = parser.simple_keys[:len(parser.simple_keys)-1] >>> ++ last := len(parser.simple_keys) - 1 >>> ++ delete(parser.simple_keys_by_tok, parser.simple_keys[last].token_number) >>> ++ parser.simple_keys = parser.simple_keys[:last] >>> + } >>> + return true >>> + } >>> +@@ -1005,6 +997,8 @@ func yaml_parser_fetch_stream_start(parser *yaml_parser_t) bool { >>> + // Initialize the simple key stack. >>> + parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) >>> + >>> ++ parser.simple_keys_by_tok = make(map[int]int) >>> ++ >>> + // A simple key is allowed at the beginning of the stream. >>> + parser.simple_key_allowed = true >>> + >>> +@@ -1286,7 +1280,11 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { >>> + simple_key := &parser.simple_keys[len(parser.simple_keys)-1] >>> + >>> + // Have we found a simple key? >>> +- if simple_key.possible { >>> ++ if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok { >>> ++ return false >>> ++ >>> ++ } else if valid { >>> ++ >>> + // Create the KEY token and insert it into the queue. >>> + token := yaml_token_t{ >>> + typ: yaml_KEY_TOKEN, >>> +@@ -1304,6 +1302,7 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { >>> + >>> + // Remove the simple key. >>> + simple_key.possible = false >>> ++ delete(parser.simple_keys_by_tok, simple_key.token_number) >>> + >>> + // A simple key cannot follow another simple key. >>> + parser.simple_key_allowed = false >>> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yaml.go b/src/import/vendor/gopkg.in/yaml.v2/yaml.go >>> +index de85aa4cdb7..89650e293ac 100644 >>> +--- a/src/import/vendor/gopkg.in/yaml.v2/yaml.go >>> ++++ b/src/import/vendor/gopkg.in/yaml.v2/yaml.go >>> +@@ -89,7 +89,7 @@ func UnmarshalStrict(in []byte, out interface{}) (err error) { >>> + return unmarshal(in, out, true) >>> + } >>> + >>> +-// A Decorder reads and decodes YAML values from an input stream. >>> ++// A Decoder reads and decodes YAML values from an input stream. >>> + type Decoder struct { >>> + strict bool >>> + parser *parser >>> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >>> +index e25cee563be..f6a9c8e34b1 100644 >>> +--- a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >>> ++++ b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >>> +@@ -579,6 +579,7 @@ type yaml_parser_t struct { >>> + >>> + simple_key_allowed bool // May a simple key occur at the current position? >>> + simple_keys []yaml_simple_key_t // The stack of simple keys. >>> ++ simple_keys_by_tok map[int]int // possible simple_key indexes indexed by token_number >>> + >>> + // Parser stuff >>> + >>> +diff --git a/src/import/vendor/modules.txt b/src/import/vendor/modules.txt >>> +index 4585ca5ec0d..06a5d7fa5a0 100644 >>> +--- a/src/import/vendor/modules.txt >>> ++++ b/src/import/vendor/modules.txt >>> +@@ -1069,7 +1069,7 @@ gopkg.in/square/go-jose.v2/jwt >>> + gopkg.in/tomb.v1 >>> + # gopkg.in/warnings.v0 v0.1.1 => gopkg.in/warnings.v0 v0.1.1 >>> + gopkg.in/warnings.v0 >>> +-# gopkg.in/yaml.v2 v2.2.4 => gopkg.in/yaml.v2 v2.2.4 >>> ++# gopkg.in/yaml.v2 v2.2.8 => gopkg.in/yaml.v2 v2.2.8 >>> + gopkg.in/yaml.v2 >>> + # gotest.tools v2.2.0+incompatible => gotest.tools v2.2.0+incompatible >>> + gotest.tools >>> +-- >>> +2.23.0 >>> + >>> diff --git a/recipes-containers/kubernetes/kubernetes_git.bb b/recipes-containers/kubernetes/kubernetes_git.bb >>> index e96b7d6..941e0ca 100644 >>> --- a/recipes-containers/kubernetes/kubernetes_git.bb >>> +++ b/recipes-containers/kubernetes/kubernetes_git.bb >>> @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/kubernetes/kubernetes.git;branch=release-1.16;name=k >>> file://CVE-2020-8551.patch \ >>> file://CVE-2020-8552.patch \ >>> file://CVE-2020-8555.patch \ >>> + file://CVE-2019-11254.patch \ >>> " >>> >>> DEPENDS += "rsync-native \ >>> -- >>> 2.17.1 >>> > -- > --------------------- > Thanks, > Zhixiong Chi > Tel: +86-10-8477-7036 > > -- --------------------- Thanks, Zhixiong Chi Tel: +86-10-8477-7036 [-- Attachment #2: Type: text/html, Size: 57462 bytes --] ^ permalink raw reply [flat|nested] 8+ messages in thread
[parent not found: <1619D3B5F684DBB7.13914@lists.yoctoproject.org>]
* Re: [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 [not found] ` <1619D3B5F684DBB7.13914@lists.yoctoproject.org> @ 2020-06-19 3:21 ` Zhixiong Chi 0 siblings, 0 replies; 8+ messages in thread From: Zhixiong Chi @ 2020-06-19 3:21 UTC (permalink / raw) To: Bruce Ashfield; +Cc: yocto, meta-virtualization [-- Attachment #1: Type: text/plain, Size: 58122 bytes --] On 2020/6/19 上午11:19, Zhixiong Chi wrote: > > > On 2020/6/19 上午10:29, Zhixiong Chi wrote: >> >> On 2020/6/18 下午8:49, Bruce Ashfield wrote: >>> This should go to the meta-virt mailing list. >>> >>> But you still haven't answered my question from the last k8s CVE patch: >>> >>> "Can you confirm that the k8s versions in master/dunfell don't have this >>> CVE ?" >> >> Hi Bruce, >> >> Sorry for that, it's possible that there is something wrong with our >> mail server. I just saw your response a few minute ago. >> >> For the master/dunfell branch, since we always upgrade the version to >> cover some issues, >> >> as a result some CVE patches will be droped after upgrading, so our >> yocto-team developer will >> >> focus on the CVE cases for master branch if the upstream haven't >> updated the version for a long time. >> >> And they will send the request review to the two branchs. >> >> As you known, the sustaining team just send the CVE patches to ZEUS >> LTS branch if our yoctocolleague >> >> work on the master branch, at the same time this rule of our team >> just applies to the CVE issues. >> >> >> For meta-virtualization mail-list, Do I need to send the request >> review again? >> >> >> Zhixiong >> > > I have checked the master/dunfell branch, the CVE-2020-8555 and > CVE-2019-11254 isse don't affect master branch, but the two affect the > fundell branch. > s/fundell/dunfell/g > > Thanks, > >>> Bruce >>> >>> On Thu, Jun 18, 2020 at 3:34 AM Zhixiong Chi <zhixiong.chi@windriver.com> wrote: >>>> Backport the CVE patch from the upstream: >>>> https://github.com/kubernetes/kubernetes.git >>>> >>>> Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> >>>> --- >>>> .../kubernetes/CVE-2019-11254.patch | 797 ++++++++++++++++++ >>>> .../kubernetes/kubernetes_git.bb | 1 + >>>> 2 files changed, 798 insertions(+) >>>> create mode 100644 recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >>>> >>>> diff --git a/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >>>> new file mode 100644 >>>> index 0000000..2d991a9 >>>> --- /dev/null >>>> +++ b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >>>> @@ -0,0 +1,797 @@ >>>> +From e9ba264d57d379d86dfbf3ae94e82eb0ead9c468 Mon Sep 17 00:00:00 2001 >>>> +From: CJ Cullen <cjcullen@google.com> >>>> +Date: Wed, 22 Jan 2020 11:32:39 -0800 >>>> +Subject: [PATCH] update gopkg.in/yaml.v2 to v2.2.8 >>>> + >>>> +CVE: CVE-2019-11254 >>>> +Upstream-Status: Backport [https://github.com/kubernetes/kubernetes.git branch: release-1.16] >>>> +Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> >>>> +--- >>>> + src/import/go.mod | 4 +- >>>> + src/import/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/api/go.sum | 4 +- >>>> + .../src/k8s.io/apiextensions-apiserver/go.mod | 2 +- >>>> + .../src/k8s.io/apiextensions-apiserver/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/apimachinery/go.mod | 2 +- >>>> + src/import/staging/src/k8s.io/apimachinery/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/apiserver/go.mod | 2 +- >>>> + src/import/staging/src/k8s.io/apiserver/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/cli-runtime/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/client-go/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/cloud-provider/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/cluster-bootstrap/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/code-generator/go.mod | 2 +- >>>> + src/import/staging/src/k8s.io/code-generator/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/component-base/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/csi-translation-lib/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/kube-aggregator/go.sum | 4 +- >>>> + .../src/k8s.io/kube-controller-manager/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/kube-proxy/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/kube-scheduler/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/kubectl/go.mod | 2 +- >>>> + src/import/staging/src/k8s.io/kubectl/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/kubelet/go.sum | 4 +- >>>> + .../src/k8s.io/legacy-cloud-providers/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/metrics/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/node-api/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/sample-apiserver/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/sample-cli-plugin/go.sum | 4 +- >>>> + src/import/staging/src/k8s.io/sample-controller/go.sum | 4 +- >>>> + src/import/vendor/gopkg.in/yaml.v2/.travis.yml | 18 +-- >>>> + src/import/vendor/gopkg.in/yaml.v2/decode.go | 14 ++- >>>> + src/import/vendor/gopkg.in/yaml.v2/scannerc.go | 107 +++++++++--------- >>>> + src/import/vendor/gopkg.in/yaml.v2/yaml.go | 2 +- >>>> + src/import/vendor/gopkg.in/yaml.v2/yamlh.go | 1 + >>>> + src/import/vendor/modules.txt | 2 +- >>>> + 36 files changed, 130 insertions(+), 124 deletions(-) >>>> + >>>> +diff --git a/src/import/go.mod b/go.mod >>>> +index cf8c9147e62..884870f8843 100644 >>>> +--- a/src/import/go.mod >>>> ++++ b/src/import/go.mod >>>> +@@ -139,7 +139,7 @@ require ( >>>> + google.golang.org/grpc v1.23.0 >>>> + gopkg.in/gcfg.v1 v1.2.0 >>>> + gopkg.in/square/go-jose.v2 v2.2.2 >>>> +- gopkg.in/yaml.v2 v2.2.4 >>>> ++ gopkg.in/yaml.v2 v2.2.8 >>>> + gotest.tools v2.2.0+incompatible >>>> + gotest.tools/gotestsum v0.3.5 >>>> + honnef.co/go/tools v0.0.1-2019.2.2 >>>> +@@ -444,7 +444,7 @@ replace ( >>>> + gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 >>>> + gopkg.in/tomb.v1 => gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 >>>> + gopkg.in/warnings.v0 => gopkg.in/warnings.v0 v0.1.1 >>>> +- gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.4 >>>> ++ gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.8 >>>> + gotest.tools => gotest.tools v2.2.0+incompatible >>>> + gotest.tools/gotestsum => gotest.tools/gotestsum v0.3.5 >>>> + honnef.co/go/tools => honnef.co/go/tools v0.0.1-2019.2.2 >>>> +diff --git a/src/import/go.sum b/src/import/go.sum >>>> +index b5e3f74686f..617081d2d9e 100644 >>>> +--- a/src/import/go.sum >>>> ++++ b/src/import/go.sum >>>> +@@ -492,8 +492,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep >>>> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >>>> + gopkg.in/warnings.v0 v0.1.1 h1:XM28wIgFzaBmeZ5dNHIpWLQpt/9DGKxk+rCg/22nnYE= >>>> + gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >>>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>>> + gotest.tools/gotestsum v0.3.5 h1:VePOWRsuWFYpfp/G8mbmOZKxO5T3501SEGQRUdvq7h0= >>>> +diff --git a/src/import/staging/src/k8s.io/api/go.sum b/src/import/staging/src/k8s.io/api/go.sum >>>> +index c162d16011e..8ac86891676 100644 >>>> +--- a/src/import/staging/src/k8s.io/api/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/api/go.sum >>>> +@@ -90,8 +90,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= >>>> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >>>> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >>>> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >>>> +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >>>> +index f2cc6ca100f..41289345ad7 100644 >>>> +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >>>> ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >>>> +@@ -21,7 +21,7 @@ require ( >>>> + github.com/spf13/pflag v1.0.3 >>>> + github.com/stretchr/testify v1.3.0 >>>> + google.golang.org/grpc v1.23.0 >>>> +- gopkg.in/yaml.v2 v2.2.4 >>>> ++ gopkg.in/yaml.v2 v2.2.8 >>>> + k8s.io/api v0.0.0 >>>> + k8s.io/apimachinery v0.0.0 >>>> + k8s.io/apiserver v0.0.0 >>>> +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >>>> +index 853644fbe6d..1c4460fdc38 100644 >>>> +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >>>> +@@ -349,8 +349,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.mod b/src/import/staging/src/k8s.io/apimachinery/go.mod >>>> +index 5b49085be74..bdd9ed2f63d 100644 >>>> +--- a/src/import/staging/src/k8s.io/apimachinery/go.mod >>>> ++++ b/src/import/staging/src/k8s.io/apimachinery/go.mod >>>> +@@ -30,7 +30,7 @@ require ( >>>> + golang.org/x/text v0.3.2 // indirect >>>> + gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect >>>> + gopkg.in/inf.v0 v0.9.0 >>>> +- gopkg.in/yaml.v2 v2.2.4 >>>> ++ gopkg.in/yaml.v2 v2.2.8 >>>> + k8s.io/klog v0.4.0 >>>> + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf >>>> + sigs.k8s.io/yaml v1.1.0 >>>> +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.sum b/src/import/staging/src/k8s.io/apimachinery/go.sum >>>> +index 916261e42c0..636ef5751ea 100644 >>>> +--- a/src/import/staging/src/k8s.io/apimachinery/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/apimachinery/go.sum >>>> +@@ -106,8 +106,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep >>>> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >>>> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >>>> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >>>> +diff --git a/src/import/staging/src/k8s.io/apiserver/go.mod b/src/import/staging/src/k8s.io/apiserver/go.mod >>>> +index 8f97b49b06a..e1fdb94df10 100644 >>>> +--- a/src/import/staging/src/k8s.io/apiserver/go.mod >>>> ++++ b/src/import/staging/src/k8s.io/apiserver/go.mod >>>> +@@ -47,7 +47,7 @@ require ( >>>> + google.golang.org/grpc v1.23.0 >>>> + gopkg.in/natefinch/lumberjack.v2 v2.0.0 >>>> + gopkg.in/square/go-jose.v2 v2.2.2 >>>> +- gopkg.in/yaml.v2 v2.2.4 >>>> ++ gopkg.in/yaml.v2 v2.2.8 >>>> + gotest.tools v2.2.0+incompatible // indirect >>>> + k8s.io/api v0.0.0 >>>> + k8s.io/apimachinery v0.0.0 >>>> +diff --git a/src/import/staging/src/k8s.io/apiserver/go.sum b/src/import/staging/src/k8s.io/apiserver/go.sum >>>> +index 9658ae1784a..d055f0d08a2 100644 >>>> +--- a/src/import/staging/src/k8s.io/apiserver/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/apiserver/go.sum >>>> +@@ -268,8 +268,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >>>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> +diff --git a/src/import/staging/src/k8s.io/cli-runtime/go.sum b/src/import/staging/src/k8s.io/cli-runtime/go.sum >>>> +index 71af2c05905..641ba432230 100644 >>>> +--- a/src/import/staging/src/k8s.io/cli-runtime/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/cli-runtime/go.sum >>>> +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> +diff --git a/src/import/staging/src/k8s.io/client-go/go.sum b/src/import/staging/src/k8s.io/client-go/go.sum >>>> +index ec7d3780cad..315bfceda79 100644 >>>> +--- a/src/import/staging/src/k8s.io/client-go/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/client-go/go.sum >>>> +@@ -175,8 +175,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> +diff --git a/src/import/staging/src/k8s.io/cloud-provider/go.sum b/src/import/staging/src/k8s.io/cloud-provider/go.sum >>>> +index e00d8e24a27..7d446c66231 100644 >>>> +--- a/src/import/staging/src/k8s.io/cloud-provider/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/cloud-provider/go.sum >>>> +@@ -158,8 +158,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> +diff --git a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >>>> +index 09c98a9ccd8..e148b9741de 100644 >>>> +--- a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >>>> +@@ -91,8 +91,8 @@ gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76 >>>> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >>>> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >>>> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >>>> +diff --git a/src/import/staging/src/k8s.io/code-generator/go.mod b/src/import/staging/src/k8s.io/code-generator/go.mod >>>> +index 7717cae18ba..0dc05a6c181 100644 >>>> +--- a/src/import/staging/src/k8s.io/code-generator/go.mod >>>> ++++ b/src/import/staging/src/k8s.io/code-generator/go.mod >>>> +@@ -15,7 +15,7 @@ require ( >>>> + golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac // indirect >>>> + gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485 >>>> + gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e // indirect >>>> +- gopkg.in/yaml.v2 v2.2.4 // indirect >>>> ++ gopkg.in/yaml.v2 v2.2.8 // indirect >>>> + k8s.io/gengo v0.0.0-20190822140433-26a664648505 >>>> + k8s.io/klog v0.4.0 >>>> + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf >>>> +diff --git a/src/import/staging/src/k8s.io/code-generator/go.sum b/src/import/staging/src/k8s.io/code-generator/go.sum >>>> +index a34b8497afa..a3be7c382b8 100644 >>>> +--- a/src/import/staging/src/k8s.io/code-generator/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/code-generator/go.sum >>>> +@@ -103,8 +103,8 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> + k8s.io/gengo v0.0.0-20190822140433-26a664648505 h1:ZY6yclUKVbZ+SdWnkfY+Je5vrMpKOxmGeKRbsXVmqYM= >>>> +diff --git a/src/import/staging/src/k8s.io/component-base/go.sum b/src/import/staging/src/k8s.io/component-base/go.sum >>>> +index 34151a5846d..155e3e420e9 100644 >>>> +--- a/src/import/staging/src/k8s.io/component-base/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/component-base/go.sum >>>> +@@ -171,8 +171,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> +diff --git a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >>>> +index 71646a53606..a4de3199c55 100644 >>>> +--- a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >>>> +@@ -139,8 +139,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> +diff --git a/src/import/staging/src/k8s.io/kube-aggregator/go.sum b/src/import/staging/src/k8s.io/kube-aggregator/go.sum >>>> +index 306beb4d2c1..be07875a640 100644 >>>> +--- a/src/import/staging/src/k8s.io/kube-aggregator/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/kube-aggregator/go.sum >>>> +@@ -303,8 +303,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> +diff --git a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >>>> +index 346871c01de..1653f3eca5a 100644 >>>> +--- a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >>>> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> +diff --git a/src/import/staging/src/k8s.io/kube-proxy/go.sum b/src/import/staging/src/k8s.io/kube-proxy/go.sum >>>> +index 346871c01de..1653f3eca5a 100644 >>>> +--- a/src/import/staging/src/k8s.io/kube-proxy/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/kube-proxy/go.sum >>>> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> +diff --git a/src/import/staging/src/k8s.io/kube-scheduler/go.sum b/src/import/staging/src/k8s.io/kube-scheduler/go.sum >>>> +index 346871c01de..1653f3eca5a 100644 >>>> +--- a/src/import/staging/src/k8s.io/kube-scheduler/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/kube-scheduler/go.sum >>>> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> +diff --git a/src/import/staging/src/k8s.io/kubectl/go.mod b/src/import/staging/src/k8s.io/kubectl/go.mod >>>> +index 5e5e4b2bbed..d1c8a52cbb4 100644 >>>> +--- a/src/import/staging/src/k8s.io/kubectl/go.mod >>>> ++++ b/src/import/staging/src/k8s.io/kubectl/go.mod >>>> +@@ -33,7 +33,7 @@ require ( >>>> + github.com/spf13/pflag v1.0.3 >>>> + github.com/stretchr/testify v1.3.0 >>>> + golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f >>>> +- gopkg.in/yaml.v2 v2.2.4 >>>> ++ gopkg.in/yaml.v2 v2.2.8 >>>> + gotest.tools v2.2.0+incompatible // indirect >>>> + k8s.io/api v0.0.0 >>>> + k8s.io/apimachinery v0.0.0 >>>> +diff --git a/src/import/staging/src/k8s.io/kubectl/go.sum b/src/import/staging/src/k8s.io/kubectl/go.sum >>>> +index b164ecd3dc3..17d56a30001 100644 >>>> +--- a/src/import/staging/src/k8s.io/kubectl/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/kubectl/go.sum >>>> +@@ -268,8 +268,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >>>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> +diff --git a/src/import/staging/src/k8s.io/kubelet/go.sum b/src/import/staging/src/k8s.io/kubelet/go.sum >>>> +index 0635238e2ce..e12860540cd 100644 >>>> +--- a/src/import/staging/src/k8s.io/kubelet/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/kubelet/go.sum >>>> +@@ -87,8 +87,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= >>>> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >>>> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >>>> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >>>> +diff --git a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >>>> +index 7da7d10f1b0..4affb42e698 100644 >>>> +--- a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >>>> +@@ -271,8 +271,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> +diff --git a/src/import/staging/src/k8s.io/metrics/go.sum b/src/import/staging/src/k8s.io/metrics/go.sum >>>> +index 4ba35f7c725..b820dfe346b 100644 >>>> +--- a/src/import/staging/src/k8s.io/metrics/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/metrics/go.sum >>>> +@@ -192,8 +192,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >>>> +diff --git a/src/import/staging/src/k8s.io/node-api/go.sum b/src/import/staging/src/k8s.io/node-api/go.sum >>>> +index eb2113416f4..df4095e8c53 100644 >>>> +--- a/src/import/staging/src/k8s.io/node-api/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/node-api/go.sum >>>> +@@ -195,8 +195,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >>>> +diff --git a/src/import/staging/src/k8s.io/sample-apiserver/go.sum b/src/import/staging/src/k8s.io/sample-apiserver/go.sum >>>> +index 6100b600021..c9af593485a 100644 >>>> +--- a/src/import/staging/src/k8s.io/sample-apiserver/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/sample-apiserver/go.sum >>>> +@@ -300,8 +300,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> +diff --git a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >>>> +index 71af2c05905..641ba432230 100644 >>>> +--- a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >>>> +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >>>> +diff --git a/src/import/staging/src/k8s.io/sample-controller/go.sum b/src/import/staging/src/k8s.io/sample-controller/go.sum >>>> +index 2729443484f..9d360830a5a 100644 >>>> +--- a/src/import/staging/src/k8s.io/sample-controller/go.sum >>>> ++++ b/src/import/staging/src/k8s.io/sample-controller/go.sum >>>> +@@ -196,8 +196,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >>>> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >>>> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >>>> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >>>> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >>>> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >>>> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >>>> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >>>> +index 9f556934d8b..055480b9ef8 100644 >>>> +--- a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >>>> ++++ b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >>>> +@@ -1,12 +1,16 @@ >>>> + language: go >>>> + >>>> + go: >>>> +- - 1.4 >>>> +- - 1.5 >>>> +- - 1.6 >>>> +- - 1.7 >>>> +- - 1.8 >>>> +- - 1.9 >>>> +- - tip >>>> ++ - "1.4.x" >>>> ++ - "1.5.x" >>>> ++ - "1.6.x" >>>> ++ - "1.7.x" >>>> ++ - "1.8.x" >>>> ++ - "1.9.x" >>>> ++ - "1.10.x" >>>> ++ - "1.11.x" >>>> ++ - "1.12.x" >>>> ++ - "1.13.x" >>>> ++ - "tip" >>>> + >>>> + go_import_path: gopkg.in/yaml.v2 >>>> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/decode.go b/src/import/vendor/gopkg.in/yaml.v2/decode.go >>>> +index 53108765555..129bc2a97d3 100644 >>>> +--- a/src/import/vendor/gopkg.in/yaml.v2/decode.go >>>> ++++ b/src/import/vendor/gopkg.in/yaml.v2/decode.go >>>> +@@ -319,10 +319,14 @@ func (d *decoder) prepare(n *node, out reflect.Value) (newout reflect.Value, unm >>>> + } >>>> + >>>> + const ( >>>> +- // 400,000 decode operations is ~500kb of dense object declarations, or ~5kb of dense object declarations with 10000% alias expansion >>>> ++ // 400,000 decode operations is ~500kb of dense object declarations, or >>>> ++ // ~5kb of dense object declarations with 10000% alias expansion >>>> + alias_ratio_range_low = 400000 >>>> +- // 4,000,000 decode operations is ~5MB of dense object declarations, or ~4.5MB of dense object declarations with 10% alias expansion >>>> ++ >>>> ++ // 4,000,000 decode operations is ~5MB of dense object declarations, or >>>> ++ // ~4.5MB of dense object declarations with 10% alias expansion >>>> + alias_ratio_range_high = 4000000 >>>> ++ >>>> + // alias_ratio_range is the range over which we scale allowed alias ratios >>>> + alias_ratio_range = float64(alias_ratio_range_high - alias_ratio_range_low) >>>> + ) >>>> +@@ -784,8 +788,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { >>>> + case mappingNode: >>>> + d.unmarshal(n, out) >>>> + case aliasNode: >>>> +- an, ok := d.doc.anchors[n.value] >>>> +- if ok && an.kind != mappingNode { >>>> ++ if n.alias != nil && n.alias.kind != mappingNode { >>>> + failWantMap() >>>> + } >>>> + d.unmarshal(n, out) >>>> +@@ -794,8 +797,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { >>>> + for i := len(n.children) - 1; i >= 0; i-- { >>>> + ni := n.children[i] >>>> + if ni.kind == aliasNode { >>>> +- an, ok := d.doc.anchors[ni.value] >>>> +- if ok && an.kind != mappingNode { >>>> ++ if ni.alias != nil && ni.alias.kind != mappingNode { >>>> + failWantMap() >>>> + } >>>> + } else if ni.kind != mappingNode { >>>> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >>>> +index 570b8ecd10f..0b9bb6030a0 100644 >>>> +--- a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >>>> ++++ b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >>>> +@@ -626,31 +626,18 @@ func trace(args ...interface{}) func() { >>>> + func yaml_parser_fetch_more_tokens(parser *yaml_parser_t) bool { >>>> + // While we need more tokens to fetch, do it. >>>> + for { >>>> +- // Check if we really need to fetch more tokens. >>>> +- need_more_tokens := false >>>> +- >>>> +- if parser.tokens_head == len(parser.tokens) { >>>> +- // Queue is empty. >>>> +- need_more_tokens = true >>>> +- } else { >>>> +- // Check if any potential simple key may occupy the head position. >>>> +- if !yaml_parser_stale_simple_keys(parser) { >>>> ++ if parser.tokens_head != len(parser.tokens) { >>>> ++ // If queue is non-empty, check if any potential simple key may >>>> ++ // occupy the head position. >>>> ++ head_tok_idx, ok := parser.simple_keys_by_tok[parser.tokens_parsed] >>>> ++ if !ok { >>>> ++ break >>>> ++ } else if valid, ok := yaml_simple_key_is_valid(parser, &parser.simple_keys[head_tok_idx]); !ok { >>>> + return false >>>> +- } >>>> +- >>>> +- for i := range parser.simple_keys { >>>> +- simple_key := &parser.simple_keys[i] >>>> +- if simple_key.possible && simple_key.token_number == parser.tokens_parsed { >>>> +- need_more_tokens = true >>>> +- break >>>> +- } >>>> ++ } else if !valid { >>>> ++ break >>>> + } >>>> + } >>>> +- >>>> +- // We are finished. >>>> +- if !need_more_tokens { >>>> +- break >>>> +- } >>>> + // Fetch the next token. >>>> + if !yaml_parser_fetch_next_token(parser) { >>>> + return false >>>> +@@ -678,11 +665,6 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { >>>> + return false >>>> + } >>>> + >>>> +- // Remove obsolete potential simple keys. >>>> +- if !yaml_parser_stale_simple_keys(parser) { >>>> +- return false >>>> +- } >>>> +- >>>> + // Check the indentation level against the current column. >>>> + if !yaml_parser_unroll_indent(parser, parser.mark.column) { >>>> + return false >>>> +@@ -837,29 +819,30 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { >>>> + "found character that cannot start any token") >>>> + } >>>> + >>>> +-// Check the list of potential simple keys and remove the positions that >>>> +-// cannot contain simple keys anymore. >>>> +-func yaml_parser_stale_simple_keys(parser *yaml_parser_t) bool { >>>> +- // Check for a potential simple key for each flow level. >>>> +- for i := range parser.simple_keys { >>>> +- simple_key := &parser.simple_keys[i] >>>> +- >>>> +- // The specification requires that a simple key >>>> +- // >>>> +- // - is limited to a single line, >>>> +- // - is shorter than 1024 characters. >>>> +- if simple_key.possible && (simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index) { >>>> +- >>>> +- // Check if the potential simple key to be removed is required. >>>> +- if simple_key.required { >>>> +- return yaml_parser_set_scanner_error(parser, >>>> +- "while scanning a simple key", simple_key.mark, >>>> +- "could not find expected ':'") >>>> +- } >>>> +- simple_key.possible = false >>>> ++func yaml_simple_key_is_valid(parser *yaml_parser_t, simple_key *yaml_simple_key_t) (valid, ok bool) { >>>> ++ if !simple_key.possible { >>>> ++ return false, true >>>> ++ } >>>> ++ >>>> ++ // The 1.2 specification says: >>>> ++ // >>>> ++ // "If the ? indicator is omitted, parsing needs to see past the >>>> ++ // implicit key to recognize it as such. To limit the amount of >>>> ++ // lookahead required, the “:” indicator must appear at most 1024 >>>> ++ // Unicode characters beyond the start of the key. In addition, the key >>>> ++ // is restricted to a single line." >>>> ++ // >>>> ++ if simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index { >>>> ++ // Check if the potential simple key to be removed is required. >>>> ++ if simple_key.required { >>>> ++ return false, yaml_parser_set_scanner_error(parser, >>>> ++ "while scanning a simple key", simple_key.mark, >>>> ++ "could not find expected ':'") >>>> + } >>>> ++ simple_key.possible = false >>>> ++ return false, true >>>> + } >>>> +- return true >>>> ++ return true, true >>>> + } >>>> + >>>> + // Check if a simple key may start at the current position and add it if >>>> +@@ -879,13 +862,14 @@ func yaml_parser_save_simple_key(parser *yaml_parser_t) bool { >>>> + possible: true, >>>> + required: required, >>>> + token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), >>>> ++ mark: parser.mark, >>>> + } >>>> +- simple_key.mark = parser.mark >>>> + >>>> + if !yaml_parser_remove_simple_key(parser) { >>>> + return false >>>> + } >>>> + parser.simple_keys[len(parser.simple_keys)-1] = simple_key >>>> ++ parser.simple_keys_by_tok[simple_key.token_number] = len(parser.simple_keys) - 1 >>>> + } >>>> + return true >>>> + } >>>> +@@ -900,9 +884,10 @@ func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool { >>>> + "while scanning a simple key", parser.simple_keys[i].mark, >>>> + "could not find expected ':'") >>>> + } >>>> ++ // Remove the key from the stack. >>>> ++ parser.simple_keys[i].possible = false >>>> ++ delete(parser.simple_keys_by_tok, parser.simple_keys[i].token_number) >>>> + } >>>> +- // Remove the key from the stack. >>>> +- parser.simple_keys[i].possible = false >>>> + return true >>>> + } >>>> + >>>> +@@ -912,7 +897,12 @@ const max_flow_level = 10000 >>>> + // Increase the flow level and resize the simple key list if needed. >>>> + func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { >>>> + // Reset the simple key on the next level. >>>> +- parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) >>>> ++ parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{ >>>> ++ possible: false, >>>> ++ required: false, >>>> ++ token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), >>>> ++ mark: parser.mark, >>>> ++ }) >>>> + >>>> + // Increase the flow level. >>>> + parser.flow_level++ >>>> +@@ -928,7 +918,9 @@ func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { >>>> + func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool { >>>> + if parser.flow_level > 0 { >>>> + parser.flow_level-- >>>> +- parser.simple_keys = parser.simple_keys[:len(parser.simple_keys)-1] >>>> ++ last := len(parser.simple_keys) - 1 >>>> ++ delete(parser.simple_keys_by_tok, parser.simple_keys[last].token_number) >>>> ++ parser.simple_keys = parser.simple_keys[:last] >>>> + } >>>> + return true >>>> + } >>>> +@@ -1005,6 +997,8 @@ func yaml_parser_fetch_stream_start(parser *yaml_parser_t) bool { >>>> + // Initialize the simple key stack. >>>> + parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) >>>> + >>>> ++ parser.simple_keys_by_tok = make(map[int]int) >>>> ++ >>>> + // A simple key is allowed at the beginning of the stream. >>>> + parser.simple_key_allowed = true >>>> + >>>> +@@ -1286,7 +1280,11 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { >>>> + simple_key := &parser.simple_keys[len(parser.simple_keys)-1] >>>> + >>>> + // Have we found a simple key? >>>> +- if simple_key.possible { >>>> ++ if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok { >>>> ++ return false >>>> ++ >>>> ++ } else if valid { >>>> ++ >>>> + // Create the KEY token and insert it into the queue. >>>> + token := yaml_token_t{ >>>> + typ: yaml_KEY_TOKEN, >>>> +@@ -1304,6 +1302,7 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { >>>> + >>>> + // Remove the simple key. >>>> + simple_key.possible = false >>>> ++ delete(parser.simple_keys_by_tok, simple_key.token_number) >>>> + >>>> + // A simple key cannot follow another simple key. >>>> + parser.simple_key_allowed = false >>>> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yaml.go b/src/import/vendor/gopkg.in/yaml.v2/yaml.go >>>> +index de85aa4cdb7..89650e293ac 100644 >>>> +--- a/src/import/vendor/gopkg.in/yaml.v2/yaml.go >>>> ++++ b/src/import/vendor/gopkg.in/yaml.v2/yaml.go >>>> +@@ -89,7 +89,7 @@ func UnmarshalStrict(in []byte, out interface{}) (err error) { >>>> + return unmarshal(in, out, true) >>>> + } >>>> + >>>> +-// A Decorder reads and decodes YAML values from an input stream. >>>> ++// A Decoder reads and decodes YAML values from an input stream. >>>> + type Decoder struct { >>>> + strict bool >>>> + parser *parser >>>> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >>>> +index e25cee563be..f6a9c8e34b1 100644 >>>> +--- a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >>>> ++++ b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >>>> +@@ -579,6 +579,7 @@ type yaml_parser_t struct { >>>> + >>>> + simple_key_allowed bool // May a simple key occur at the current position? >>>> + simple_keys []yaml_simple_key_t // The stack of simple keys. >>>> ++ simple_keys_by_tok map[int]int // possible simple_key indexes indexed by token_number >>>> + >>>> + // Parser stuff >>>> + >>>> +diff --git a/src/import/vendor/modules.txt b/src/import/vendor/modules.txt >>>> +index 4585ca5ec0d..06a5d7fa5a0 100644 >>>> +--- a/src/import/vendor/modules.txt >>>> ++++ b/src/import/vendor/modules.txt >>>> +@@ -1069,7 +1069,7 @@ gopkg.in/square/go-jose.v2/jwt >>>> + gopkg.in/tomb.v1 >>>> + # gopkg.in/warnings.v0 v0.1.1 => gopkg.in/warnings.v0 v0.1.1 >>>> + gopkg.in/warnings.v0 >>>> +-# gopkg.in/yaml.v2 v2.2.4 => gopkg.in/yaml.v2 v2.2.4 >>>> ++# gopkg.in/yaml.v2 v2.2.8 => gopkg.in/yaml.v2 v2.2.8 >>>> + gopkg.in/yaml.v2 >>>> + # gotest.tools v2.2.0+incompatible => gotest.tools v2.2.0+incompatible >>>> + gotest.tools >>>> +-- >>>> +2.23.0 >>>> + >>>> diff --git a/recipes-containers/kubernetes/kubernetes_git.bb b/recipes-containers/kubernetes/kubernetes_git.bb >>>> index e96b7d6..941e0ca 100644 >>>> --- a/recipes-containers/kubernetes/kubernetes_git.bb >>>> +++ b/recipes-containers/kubernetes/kubernetes_git.bb >>>> @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/kubernetes/kubernetes.git;branch=release-1.16;name=k >>>> file://CVE-2020-8551.patch \ >>>> file://CVE-2020-8552.patch \ >>>> file://CVE-2020-8555.patch \ >>>> + file://CVE-2019-11254.patch \ >>>> " >>>> >>>> DEPENDS += "rsync-native \ >>>> -- >>>> 2.17.1 >>>> >> -- >> --------------------- >> Thanks, >> Zhixiong Chi >> Tel: +86-10-8477-7036 >> > -- > --------------------- > Thanks, > Zhixiong Chi > Tel: +86-10-8477-7036 > > -- --------------------- Thanks, Zhixiong Chi Tel: +86-10-8477-7036 [-- Attachment #2: Type: text/html, Size: 58182 bytes --] ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 2020-06-18 7:34 [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 Zhixiong Chi 2020-06-18 12:49 ` Bruce Ashfield @ 2020-06-22 13:35 ` Bruce Ashfield 2020-07-30 7:37 ` Zhixiong Chi 1 sibling, 1 reply; 8+ messages in thread From: Bruce Ashfield @ 2020-06-22 13:35 UTC (permalink / raw) To: Zhixiong Chi; +Cc: yocto This patch doesn't apply to zeus. Can you rebase and resubmit ? Cheers, Bruce In message: [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 on 18/06/2020 Zhixiong Chi wrote: > Backport the CVE patch from the upstream: > https://github.com/kubernetes/kubernetes.git > > Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> > --- > .../kubernetes/CVE-2019-11254.patch | 797 ++++++++++++++++++ > .../kubernetes/kubernetes_git.bb | 1 + > 2 files changed, 798 insertions(+) > create mode 100644 recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch > > diff --git a/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch > new file mode 100644 > index 0000000..2d991a9 > --- /dev/null > +++ b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch > @@ -0,0 +1,797 @@ > +From e9ba264d57d379d86dfbf3ae94e82eb0ead9c468 Mon Sep 17 00:00:00 2001 > +From: CJ Cullen <cjcullen@google.com> > +Date: Wed, 22 Jan 2020 11:32:39 -0800 > +Subject: [PATCH] update gopkg.in/yaml.v2 to v2.2.8 > + > +CVE: CVE-2019-11254 > +Upstream-Status: Backport [https://github.com/kubernetes/kubernetes.git branch: release-1.16] > +Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> > +--- > + src/import/go.mod | 4 +- > + src/import/go.sum | 4 +- > + src/import/staging/src/k8s.io/api/go.sum | 4 +- > + .../src/k8s.io/apiextensions-apiserver/go.mod | 2 +- > + .../src/k8s.io/apiextensions-apiserver/go.sum | 4 +- > + src/import/staging/src/k8s.io/apimachinery/go.mod | 2 +- > + src/import/staging/src/k8s.io/apimachinery/go.sum | 4 +- > + src/import/staging/src/k8s.io/apiserver/go.mod | 2 +- > + src/import/staging/src/k8s.io/apiserver/go.sum | 4 +- > + src/import/staging/src/k8s.io/cli-runtime/go.sum | 4 +- > + src/import/staging/src/k8s.io/client-go/go.sum | 4 +- > + src/import/staging/src/k8s.io/cloud-provider/go.sum | 4 +- > + src/import/staging/src/k8s.io/cluster-bootstrap/go.sum | 4 +- > + src/import/staging/src/k8s.io/code-generator/go.mod | 2 +- > + src/import/staging/src/k8s.io/code-generator/go.sum | 4 +- > + src/import/staging/src/k8s.io/component-base/go.sum | 4 +- > + src/import/staging/src/k8s.io/csi-translation-lib/go.sum | 4 +- > + src/import/staging/src/k8s.io/kube-aggregator/go.sum | 4 +- > + .../src/k8s.io/kube-controller-manager/go.sum | 4 +- > + src/import/staging/src/k8s.io/kube-proxy/go.sum | 4 +- > + src/import/staging/src/k8s.io/kube-scheduler/go.sum | 4 +- > + src/import/staging/src/k8s.io/kubectl/go.mod | 2 +- > + src/import/staging/src/k8s.io/kubectl/go.sum | 4 +- > + src/import/staging/src/k8s.io/kubelet/go.sum | 4 +- > + .../src/k8s.io/legacy-cloud-providers/go.sum | 4 +- > + src/import/staging/src/k8s.io/metrics/go.sum | 4 +- > + src/import/staging/src/k8s.io/node-api/go.sum | 4 +- > + src/import/staging/src/k8s.io/sample-apiserver/go.sum | 4 +- > + src/import/staging/src/k8s.io/sample-cli-plugin/go.sum | 4 +- > + src/import/staging/src/k8s.io/sample-controller/go.sum | 4 +- > + src/import/vendor/gopkg.in/yaml.v2/.travis.yml | 18 +-- > + src/import/vendor/gopkg.in/yaml.v2/decode.go | 14 ++- > + src/import/vendor/gopkg.in/yaml.v2/scannerc.go | 107 +++++++++--------- > + src/import/vendor/gopkg.in/yaml.v2/yaml.go | 2 +- > + src/import/vendor/gopkg.in/yaml.v2/yamlh.go | 1 + > + src/import/vendor/modules.txt | 2 +- > + 36 files changed, 130 insertions(+), 124 deletions(-) > + > +diff --git a/src/import/go.mod b/go.mod > +index cf8c9147e62..884870f8843 100644 > +--- a/src/import/go.mod > ++++ b/src/import/go.mod > +@@ -139,7 +139,7 @@ require ( > + google.golang.org/grpc v1.23.0 > + gopkg.in/gcfg.v1 v1.2.0 > + gopkg.in/square/go-jose.v2 v2.2.2 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + gotest.tools v2.2.0+incompatible > + gotest.tools/gotestsum v0.3.5 > + honnef.co/go/tools v0.0.1-2019.2.2 > +@@ -444,7 +444,7 @@ replace ( > + gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 > + gopkg.in/tomb.v1 => gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 > + gopkg.in/warnings.v0 => gopkg.in/warnings.v0 v0.1.1 > +- gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.8 > + gotest.tools => gotest.tools v2.2.0+incompatible > + gotest.tools/gotestsum => gotest.tools/gotestsum v0.3.5 > + honnef.co/go/tools => honnef.co/go/tools v0.0.1-2019.2.2 > +diff --git a/src/import/go.sum b/src/import/go.sum > +index b5e3f74686f..617081d2d9e 100644 > +--- a/src/import/go.sum > ++++ b/src/import/go.sum > +@@ -492,8 +492,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/warnings.v0 v0.1.1 h1:XM28wIgFzaBmeZ5dNHIpWLQpt/9DGKxk+rCg/22nnYE= > + gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + gotest.tools/gotestsum v0.3.5 h1:VePOWRsuWFYpfp/G8mbmOZKxO5T3501SEGQRUdvq7h0= > +diff --git a/src/import/staging/src/k8s.io/api/go.sum b/src/import/staging/src/k8s.io/api/go.sum > +index c162d16011e..8ac86891676 100644 > +--- a/src/import/staging/src/k8s.io/api/go.sum > ++++ b/src/import/staging/src/k8s.io/api/go.sum > +@@ -90,8 +90,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod > +index f2cc6ca100f..41289345ad7 100644 > +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod > ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod > +@@ -21,7 +21,7 @@ require ( > + github.com/spf13/pflag v1.0.3 > + github.com/stretchr/testify v1.3.0 > + google.golang.org/grpc v1.23.0 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + k8s.io/api v0.0.0 > + k8s.io/apimachinery v0.0.0 > + k8s.io/apiserver v0.0.0 > +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum > +index 853644fbe6d..1c4460fdc38 100644 > +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum > ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum > +@@ -349,8 +349,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.mod b/src/import/staging/src/k8s.io/apimachinery/go.mod > +index 5b49085be74..bdd9ed2f63d 100644 > +--- a/src/import/staging/src/k8s.io/apimachinery/go.mod > ++++ b/src/import/staging/src/k8s.io/apimachinery/go.mod > +@@ -30,7 +30,7 @@ require ( > + golang.org/x/text v0.3.2 // indirect > + gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect > + gopkg.in/inf.v0 v0.9.0 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + k8s.io/klog v0.4.0 > + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf > + sigs.k8s.io/yaml v1.1.0 > +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.sum b/src/import/staging/src/k8s.io/apimachinery/go.sum > +index 916261e42c0..636ef5751ea 100644 > +--- a/src/import/staging/src/k8s.io/apimachinery/go.sum > ++++ b/src/import/staging/src/k8s.io/apimachinery/go.sum > +@@ -106,8 +106,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/apiserver/go.mod b/src/import/staging/src/k8s.io/apiserver/go.mod > +index 8f97b49b06a..e1fdb94df10 100644 > +--- a/src/import/staging/src/k8s.io/apiserver/go.mod > ++++ b/src/import/staging/src/k8s.io/apiserver/go.mod > +@@ -47,7 +47,7 @@ require ( > + google.golang.org/grpc v1.23.0 > + gopkg.in/natefinch/lumberjack.v2 v2.0.0 > + gopkg.in/square/go-jose.v2 v2.2.2 > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + gotest.tools v2.2.0+incompatible // indirect > + k8s.io/api v0.0.0 > + k8s.io/apimachinery v0.0.0 > +diff --git a/src/import/staging/src/k8s.io/apiserver/go.sum b/src/import/staging/src/k8s.io/apiserver/go.sum > +index 9658ae1784a..d055f0d08a2 100644 > +--- a/src/import/staging/src/k8s.io/apiserver/go.sum > ++++ b/src/import/staging/src/k8s.io/apiserver/go.sum > +@@ -268,8 +268,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/cli-runtime/go.sum b/src/import/staging/src/k8s.io/cli-runtime/go.sum > +index 71af2c05905..641ba432230 100644 > +--- a/src/import/staging/src/k8s.io/cli-runtime/go.sum > ++++ b/src/import/staging/src/k8s.io/cli-runtime/go.sum > +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/client-go/go.sum b/src/import/staging/src/k8s.io/client-go/go.sum > +index ec7d3780cad..315bfceda79 100644 > +--- a/src/import/staging/src/k8s.io/client-go/go.sum > ++++ b/src/import/staging/src/k8s.io/client-go/go.sum > +@@ -175,8 +175,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/cloud-provider/go.sum b/src/import/staging/src/k8s.io/cloud-provider/go.sum > +index e00d8e24a27..7d446c66231 100644 > +--- a/src/import/staging/src/k8s.io/cloud-provider/go.sum > ++++ b/src/import/staging/src/k8s.io/cloud-provider/go.sum > +@@ -158,8 +158,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum > +index 09c98a9ccd8..e148b9741de 100644 > +--- a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum > ++++ b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum > +@@ -91,8 +91,8 @@ gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76 > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/code-generator/go.mod b/src/import/staging/src/k8s.io/code-generator/go.mod > +index 7717cae18ba..0dc05a6c181 100644 > +--- a/src/import/staging/src/k8s.io/code-generator/go.mod > ++++ b/src/import/staging/src/k8s.io/code-generator/go.mod > +@@ -15,7 +15,7 @@ require ( > + golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac // indirect > + gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485 > + gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e // indirect > +- gopkg.in/yaml.v2 v2.2.4 // indirect > ++ gopkg.in/yaml.v2 v2.2.8 // indirect > + k8s.io/gengo v0.0.0-20190822140433-26a664648505 > + k8s.io/klog v0.4.0 > + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf > +diff --git a/src/import/staging/src/k8s.io/code-generator/go.sum b/src/import/staging/src/k8s.io/code-generator/go.sum > +index a34b8497afa..a3be7c382b8 100644 > +--- a/src/import/staging/src/k8s.io/code-generator/go.sum > ++++ b/src/import/staging/src/k8s.io/code-generator/go.sum > +@@ -103,8 +103,8 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/gengo v0.0.0-20190822140433-26a664648505 h1:ZY6yclUKVbZ+SdWnkfY+Je5vrMpKOxmGeKRbsXVmqYM= > +diff --git a/src/import/staging/src/k8s.io/component-base/go.sum b/src/import/staging/src/k8s.io/component-base/go.sum > +index 34151a5846d..155e3e420e9 100644 > +--- a/src/import/staging/src/k8s.io/component-base/go.sum > ++++ b/src/import/staging/src/k8s.io/component-base/go.sum > +@@ -171,8 +171,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum > +index 71646a53606..a4de3199c55 100644 > +--- a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum > ++++ b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum > +@@ -139,8 +139,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kube-aggregator/go.sum b/src/import/staging/src/k8s.io/kube-aggregator/go.sum > +index 306beb4d2c1..be07875a640 100644 > +--- a/src/import/staging/src/k8s.io/kube-aggregator/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-aggregator/go.sum > +@@ -303,8 +303,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum > +index 346871c01de..1653f3eca5a 100644 > +--- a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum > +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kube-proxy/go.sum b/src/import/staging/src/k8s.io/kube-proxy/go.sum > +index 346871c01de..1653f3eca5a 100644 > +--- a/src/import/staging/src/k8s.io/kube-proxy/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-proxy/go.sum > +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kube-scheduler/go.sum b/src/import/staging/src/k8s.io/kube-scheduler/go.sum > +index 346871c01de..1653f3eca5a 100644 > +--- a/src/import/staging/src/k8s.io/kube-scheduler/go.sum > ++++ b/src/import/staging/src/k8s.io/kube-scheduler/go.sum > +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/kubectl/go.mod b/src/import/staging/src/k8s.io/kubectl/go.mod > +index 5e5e4b2bbed..d1c8a52cbb4 100644 > +--- a/src/import/staging/src/k8s.io/kubectl/go.mod > ++++ b/src/import/staging/src/k8s.io/kubectl/go.mod > +@@ -33,7 +33,7 @@ require ( > + github.com/spf13/pflag v1.0.3 > + github.com/stretchr/testify v1.3.0 > + golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f > +- gopkg.in/yaml.v2 v2.2.4 > ++ gopkg.in/yaml.v2 v2.2.8 > + gotest.tools v2.2.0+incompatible // indirect > + k8s.io/api v0.0.0 > + k8s.io/apimachinery v0.0.0 > +diff --git a/src/import/staging/src/k8s.io/kubectl/go.sum b/src/import/staging/src/k8s.io/kubectl/go.sum > +index b164ecd3dc3..17d56a30001 100644 > +--- a/src/import/staging/src/k8s.io/kubectl/go.sum > ++++ b/src/import/staging/src/k8s.io/kubectl/go.sum > +@@ -268,8 +268,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/kubelet/go.sum b/src/import/staging/src/k8s.io/kubelet/go.sum > +index 0635238e2ce..e12860540cd 100644 > +--- a/src/import/staging/src/k8s.io/kubelet/go.sum > ++++ b/src/import/staging/src/k8s.io/kubelet/go.sum > +@@ -87,8 +87,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= > + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= > + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= > + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= > +diff --git a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum > +index 7da7d10f1b0..4affb42e698 100644 > +--- a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum > ++++ b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum > +@@ -271,8 +271,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/metrics/go.sum b/src/import/staging/src/k8s.io/metrics/go.sum > +index 4ba35f7c725..b820dfe346b 100644 > +--- a/src/import/staging/src/k8s.io/metrics/go.sum > ++++ b/src/import/staging/src/k8s.io/metrics/go.sum > +@@ -192,8 +192,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > +diff --git a/src/import/staging/src/k8s.io/node-api/go.sum b/src/import/staging/src/k8s.io/node-api/go.sum > +index eb2113416f4..df4095e8c53 100644 > +--- a/src/import/staging/src/k8s.io/node-api/go.sum > ++++ b/src/import/staging/src/k8s.io/node-api/go.sum > +@@ -195,8 +195,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > +diff --git a/src/import/staging/src/k8s.io/sample-apiserver/go.sum b/src/import/staging/src/k8s.io/sample-apiserver/go.sum > +index 6100b600021..c9af593485a 100644 > +--- a/src/import/staging/src/k8s.io/sample-apiserver/go.sum > ++++ b/src/import/staging/src/k8s.io/sample-apiserver/go.sum > +@@ -300,8 +300,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > +diff --git a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum > +index 71af2c05905..641ba432230 100644 > +--- a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum > ++++ b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum > +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= > +diff --git a/src/import/staging/src/k8s.io/sample-controller/go.sum b/src/import/staging/src/k8s.io/sample-controller/go.sum > +index 2729443484f..9d360830a5a 100644 > +--- a/src/import/staging/src/k8s.io/sample-controller/go.sum > ++++ b/src/import/staging/src/k8s.io/sample-controller/go.sum > +@@ -196,8 +196,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= > + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= > + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= > +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= > ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= > + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= > + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml > +index 9f556934d8b..055480b9ef8 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml > ++++ b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml > +@@ -1,12 +1,16 @@ > + language: go > + > + go: > +- - 1.4 > +- - 1.5 > +- - 1.6 > +- - 1.7 > +- - 1.8 > +- - 1.9 > +- - tip > ++ - "1.4.x" > ++ - "1.5.x" > ++ - "1.6.x" > ++ - "1.7.x" > ++ - "1.8.x" > ++ - "1.9.x" > ++ - "1.10.x" > ++ - "1.11.x" > ++ - "1.12.x" > ++ - "1.13.x" > ++ - "tip" > + > + go_import_path: gopkg.in/yaml.v2 > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/decode.go b/src/import/vendor/gopkg.in/yaml.v2/decode.go > +index 53108765555..129bc2a97d3 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/decode.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/decode.go > +@@ -319,10 +319,14 @@ func (d *decoder) prepare(n *node, out reflect.Value) (newout reflect.Value, unm > + } > + > + const ( > +- // 400,000 decode operations is ~500kb of dense object declarations, or ~5kb of dense object declarations with 10000% alias expansion > ++ // 400,000 decode operations is ~500kb of dense object declarations, or > ++ // ~5kb of dense object declarations with 10000% alias expansion > + alias_ratio_range_low = 400000 > +- // 4,000,000 decode operations is ~5MB of dense object declarations, or ~4.5MB of dense object declarations with 10% alias expansion > ++ > ++ // 4,000,000 decode operations is ~5MB of dense object declarations, or > ++ // ~4.5MB of dense object declarations with 10% alias expansion > + alias_ratio_range_high = 4000000 > ++ > + // alias_ratio_range is the range over which we scale allowed alias ratios > + alias_ratio_range = float64(alias_ratio_range_high - alias_ratio_range_low) > + ) > +@@ -784,8 +788,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { > + case mappingNode: > + d.unmarshal(n, out) > + case aliasNode: > +- an, ok := d.doc.anchors[n.value] > +- if ok && an.kind != mappingNode { > ++ if n.alias != nil && n.alias.kind != mappingNode { > + failWantMap() > + } > + d.unmarshal(n, out) > +@@ -794,8 +797,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { > + for i := len(n.children) - 1; i >= 0; i-- { > + ni := n.children[i] > + if ni.kind == aliasNode { > +- an, ok := d.doc.anchors[ni.value] > +- if ok && an.kind != mappingNode { > ++ if ni.alias != nil && ni.alias.kind != mappingNode { > + failWantMap() > + } > + } else if ni.kind != mappingNode { > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go > +index 570b8ecd10f..0b9bb6030a0 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go > +@@ -626,31 +626,18 @@ func trace(args ...interface{}) func() { > + func yaml_parser_fetch_more_tokens(parser *yaml_parser_t) bool { > + // While we need more tokens to fetch, do it. > + for { > +- // Check if we really need to fetch more tokens. > +- need_more_tokens := false > +- > +- if parser.tokens_head == len(parser.tokens) { > +- // Queue is empty. > +- need_more_tokens = true > +- } else { > +- // Check if any potential simple key may occupy the head position. > +- if !yaml_parser_stale_simple_keys(parser) { > ++ if parser.tokens_head != len(parser.tokens) { > ++ // If queue is non-empty, check if any potential simple key may > ++ // occupy the head position. > ++ head_tok_idx, ok := parser.simple_keys_by_tok[parser.tokens_parsed] > ++ if !ok { > ++ break > ++ } else if valid, ok := yaml_simple_key_is_valid(parser, &parser.simple_keys[head_tok_idx]); !ok { > + return false > +- } > +- > +- for i := range parser.simple_keys { > +- simple_key := &parser.simple_keys[i] > +- if simple_key.possible && simple_key.token_number == parser.tokens_parsed { > +- need_more_tokens = true > +- break > +- } > ++ } else if !valid { > ++ break > + } > + } > +- > +- // We are finished. > +- if !need_more_tokens { > +- break > +- } > + // Fetch the next token. > + if !yaml_parser_fetch_next_token(parser) { > + return false > +@@ -678,11 +665,6 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { > + return false > + } > + > +- // Remove obsolete potential simple keys. > +- if !yaml_parser_stale_simple_keys(parser) { > +- return false > +- } > +- > + // Check the indentation level against the current column. > + if !yaml_parser_unroll_indent(parser, parser.mark.column) { > + return false > +@@ -837,29 +819,30 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { > + "found character that cannot start any token") > + } > + > +-// Check the list of potential simple keys and remove the positions that > +-// cannot contain simple keys anymore. > +-func yaml_parser_stale_simple_keys(parser *yaml_parser_t) bool { > +- // Check for a potential simple key for each flow level. > +- for i := range parser.simple_keys { > +- simple_key := &parser.simple_keys[i] > +- > +- // The specification requires that a simple key > +- // > +- // - is limited to a single line, > +- // - is shorter than 1024 characters. > +- if simple_key.possible && (simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index) { > +- > +- // Check if the potential simple key to be removed is required. > +- if simple_key.required { > +- return yaml_parser_set_scanner_error(parser, > +- "while scanning a simple key", simple_key.mark, > +- "could not find expected ':'") > +- } > +- simple_key.possible = false > ++func yaml_simple_key_is_valid(parser *yaml_parser_t, simple_key *yaml_simple_key_t) (valid, ok bool) { > ++ if !simple_key.possible { > ++ return false, true > ++ } > ++ > ++ // The 1.2 specification says: > ++ // > ++ // "If the ? indicator is omitted, parsing needs to see past the > ++ // implicit key to recognize it as such. To limit the amount of > ++ // lookahead required, the “:” indicator must appear at most 1024 > ++ // Unicode characters beyond the start of the key. In addition, the key > ++ // is restricted to a single line." > ++ // > ++ if simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index { > ++ // Check if the potential simple key to be removed is required. > ++ if simple_key.required { > ++ return false, yaml_parser_set_scanner_error(parser, > ++ "while scanning a simple key", simple_key.mark, > ++ "could not find expected ':'") > + } > ++ simple_key.possible = false > ++ return false, true > + } > +- return true > ++ return true, true > + } > + > + // Check if a simple key may start at the current position and add it if > +@@ -879,13 +862,14 @@ func yaml_parser_save_simple_key(parser *yaml_parser_t) bool { > + possible: true, > + required: required, > + token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), > ++ mark: parser.mark, > + } > +- simple_key.mark = parser.mark > + > + if !yaml_parser_remove_simple_key(parser) { > + return false > + } > + parser.simple_keys[len(parser.simple_keys)-1] = simple_key > ++ parser.simple_keys_by_tok[simple_key.token_number] = len(parser.simple_keys) - 1 > + } > + return true > + } > +@@ -900,9 +884,10 @@ func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool { > + "while scanning a simple key", parser.simple_keys[i].mark, > + "could not find expected ':'") > + } > ++ // Remove the key from the stack. > ++ parser.simple_keys[i].possible = false > ++ delete(parser.simple_keys_by_tok, parser.simple_keys[i].token_number) > + } > +- // Remove the key from the stack. > +- parser.simple_keys[i].possible = false > + return true > + } > + > +@@ -912,7 +897,12 @@ const max_flow_level = 10000 > + // Increase the flow level and resize the simple key list if needed. > + func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { > + // Reset the simple key on the next level. > +- parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) > ++ parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{ > ++ possible: false, > ++ required: false, > ++ token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), > ++ mark: parser.mark, > ++ }) > + > + // Increase the flow level. > + parser.flow_level++ > +@@ -928,7 +918,9 @@ func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { > + func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool { > + if parser.flow_level > 0 { > + parser.flow_level-- > +- parser.simple_keys = parser.simple_keys[:len(parser.simple_keys)-1] > ++ last := len(parser.simple_keys) - 1 > ++ delete(parser.simple_keys_by_tok, parser.simple_keys[last].token_number) > ++ parser.simple_keys = parser.simple_keys[:last] > + } > + return true > + } > +@@ -1005,6 +997,8 @@ func yaml_parser_fetch_stream_start(parser *yaml_parser_t) bool { > + // Initialize the simple key stack. > + parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) > + > ++ parser.simple_keys_by_tok = make(map[int]int) > ++ > + // A simple key is allowed at the beginning of the stream. > + parser.simple_key_allowed = true > + > +@@ -1286,7 +1280,11 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { > + simple_key := &parser.simple_keys[len(parser.simple_keys)-1] > + > + // Have we found a simple key? > +- if simple_key.possible { > ++ if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok { > ++ return false > ++ > ++ } else if valid { > ++ > + // Create the KEY token and insert it into the queue. > + token := yaml_token_t{ > + typ: yaml_KEY_TOKEN, > +@@ -1304,6 +1302,7 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { > + > + // Remove the simple key. > + simple_key.possible = false > ++ delete(parser.simple_keys_by_tok, simple_key.token_number) > + > + // A simple key cannot follow another simple key. > + parser.simple_key_allowed = false > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yaml.go b/src/import/vendor/gopkg.in/yaml.v2/yaml.go > +index de85aa4cdb7..89650e293ac 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/yaml.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/yaml.go > +@@ -89,7 +89,7 @@ func UnmarshalStrict(in []byte, out interface{}) (err error) { > + return unmarshal(in, out, true) > + } > + > +-// A Decorder reads and decodes YAML values from an input stream. > ++// A Decoder reads and decodes YAML values from an input stream. > + type Decoder struct { > + strict bool > + parser *parser > +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go > +index e25cee563be..f6a9c8e34b1 100644 > +--- a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go > ++++ b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go > +@@ -579,6 +579,7 @@ type yaml_parser_t struct { > + > + simple_key_allowed bool // May a simple key occur at the current position? > + simple_keys []yaml_simple_key_t // The stack of simple keys. > ++ simple_keys_by_tok map[int]int // possible simple_key indexes indexed by token_number > + > + // Parser stuff > + > +diff --git a/src/import/vendor/modules.txt b/src/import/vendor/modules.txt > +index 4585ca5ec0d..06a5d7fa5a0 100644 > +--- a/src/import/vendor/modules.txt > ++++ b/src/import/vendor/modules.txt > +@@ -1069,7 +1069,7 @@ gopkg.in/square/go-jose.v2/jwt > + gopkg.in/tomb.v1 > + # gopkg.in/warnings.v0 v0.1.1 => gopkg.in/warnings.v0 v0.1.1 > + gopkg.in/warnings.v0 > +-# gopkg.in/yaml.v2 v2.2.4 => gopkg.in/yaml.v2 v2.2.4 > ++# gopkg.in/yaml.v2 v2.2.8 => gopkg.in/yaml.v2 v2.2.8 > + gopkg.in/yaml.v2 > + # gotest.tools v2.2.0+incompatible => gotest.tools v2.2.0+incompatible > + gotest.tools > +-- > +2.23.0 > + > diff --git a/recipes-containers/kubernetes/kubernetes_git.bb b/recipes-containers/kubernetes/kubernetes_git.bb > index e96b7d6..941e0ca 100644 > --- a/recipes-containers/kubernetes/kubernetes_git.bb > +++ b/recipes-containers/kubernetes/kubernetes_git.bb > @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/kubernetes/kubernetes.git;branch=release-1.16;name=k > file://CVE-2020-8551.patch \ > file://CVE-2020-8552.patch \ > file://CVE-2020-8555.patch \ > + file://CVE-2019-11254.patch \ > " > > DEPENDS += "rsync-native \ > -- > 2.17.1 > ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 2020-06-22 13:35 ` Bruce Ashfield @ 2020-07-30 7:37 ` Zhixiong Chi 0 siblings, 0 replies; 8+ messages in thread From: Zhixiong Chi @ 2020-07-30 7:37 UTC (permalink / raw) To: Bruce Ashfield; +Cc: yocto Hi Bruce, Sorry for late response. Due to something wrong of the mail server, I just see your email. I believe it can be applied successfully now. I find the file://CVE-2020-8551.patch \ file://CVE-2020-8552.patch \ file://CVE-2020-8555.patch \ these three patches had been merged into zeus. So I try to apply this patch again, and it works well. Thanks. On 2020/6/22 下午9:35, Bruce Ashfield wrote: > This patch doesn't apply to zeus. > > Can you rebase and resubmit ? > > Cheers, > > Bruce > > In message: [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 > on 18/06/2020 Zhixiong Chi wrote: > >> Backport the CVE patch from the upstream: >> https://github.com/kubernetes/kubernetes.git >> >> Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> >> --- >> .../kubernetes/CVE-2019-11254.patch | 797 ++++++++++++++++++ >> .../kubernetes/kubernetes_git.bb | 1 + >> 2 files changed, 798 insertions(+) >> create mode 100644 recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >> >> diff --git a/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >> new file mode 100644 >> index 0000000..2d991a9 >> --- /dev/null >> +++ b/recipes-containers/kubernetes/kubernetes/CVE-2019-11254.patch >> @@ -0,0 +1,797 @@ >> +From e9ba264d57d379d86dfbf3ae94e82eb0ead9c468 Mon Sep 17 00:00:00 2001 >> +From: CJ Cullen <cjcullen@google.com> >> +Date: Wed, 22 Jan 2020 11:32:39 -0800 >> +Subject: [PATCH] update gopkg.in/yaml.v2 to v2.2.8 >> + >> +CVE: CVE-2019-11254 >> +Upstream-Status: Backport [https://github.com/kubernetes/kubernetes.git branch: release-1.16] >> +Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> >> +--- >> + src/import/go.mod | 4 +- >> + src/import/go.sum | 4 +- >> + src/import/staging/src/k8s.io/api/go.sum | 4 +- >> + .../src/k8s.io/apiextensions-apiserver/go.mod | 2 +- >> + .../src/k8s.io/apiextensions-apiserver/go.sum | 4 +- >> + src/import/staging/src/k8s.io/apimachinery/go.mod | 2 +- >> + src/import/staging/src/k8s.io/apimachinery/go.sum | 4 +- >> + src/import/staging/src/k8s.io/apiserver/go.mod | 2 +- >> + src/import/staging/src/k8s.io/apiserver/go.sum | 4 +- >> + src/import/staging/src/k8s.io/cli-runtime/go.sum | 4 +- >> + src/import/staging/src/k8s.io/client-go/go.sum | 4 +- >> + src/import/staging/src/k8s.io/cloud-provider/go.sum | 4 +- >> + src/import/staging/src/k8s.io/cluster-bootstrap/go.sum | 4 +- >> + src/import/staging/src/k8s.io/code-generator/go.mod | 2 +- >> + src/import/staging/src/k8s.io/code-generator/go.sum | 4 +- >> + src/import/staging/src/k8s.io/component-base/go.sum | 4 +- >> + src/import/staging/src/k8s.io/csi-translation-lib/go.sum | 4 +- >> + src/import/staging/src/k8s.io/kube-aggregator/go.sum | 4 +- >> + .../src/k8s.io/kube-controller-manager/go.sum | 4 +- >> + src/import/staging/src/k8s.io/kube-proxy/go.sum | 4 +- >> + src/import/staging/src/k8s.io/kube-scheduler/go.sum | 4 +- >> + src/import/staging/src/k8s.io/kubectl/go.mod | 2 +- >> + src/import/staging/src/k8s.io/kubectl/go.sum | 4 +- >> + src/import/staging/src/k8s.io/kubelet/go.sum | 4 +- >> + .../src/k8s.io/legacy-cloud-providers/go.sum | 4 +- >> + src/import/staging/src/k8s.io/metrics/go.sum | 4 +- >> + src/import/staging/src/k8s.io/node-api/go.sum | 4 +- >> + src/import/staging/src/k8s.io/sample-apiserver/go.sum | 4 +- >> + src/import/staging/src/k8s.io/sample-cli-plugin/go.sum | 4 +- >> + src/import/staging/src/k8s.io/sample-controller/go.sum | 4 +- >> + src/import/vendor/gopkg.in/yaml.v2/.travis.yml | 18 +-- >> + src/import/vendor/gopkg.in/yaml.v2/decode.go | 14 ++- >> + src/import/vendor/gopkg.in/yaml.v2/scannerc.go | 107 +++++++++--------- >> + src/import/vendor/gopkg.in/yaml.v2/yaml.go | 2 +- >> + src/import/vendor/gopkg.in/yaml.v2/yamlh.go | 1 + >> + src/import/vendor/modules.txt | 2 +- >> + 36 files changed, 130 insertions(+), 124 deletions(-) >> + >> +diff --git a/src/import/go.mod b/go.mod >> +index cf8c9147e62..884870f8843 100644 >> +--- a/src/import/go.mod >> ++++ b/src/import/go.mod >> +@@ -139,7 +139,7 @@ require ( >> + google.golang.org/grpc v1.23.0 >> + gopkg.in/gcfg.v1 v1.2.0 >> + gopkg.in/square/go-jose.v2 v2.2.2 >> +- gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 v2.2.8 >> + gotest.tools v2.2.0+incompatible >> + gotest.tools/gotestsum v0.3.5 >> + honnef.co/go/tools v0.0.1-2019.2.2 >> +@@ -444,7 +444,7 @@ replace ( >> + gopkg.in/square/go-jose.v2 => gopkg.in/square/go-jose.v2 v2.2.2 >> + gopkg.in/tomb.v1 => gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 >> + gopkg.in/warnings.v0 => gopkg.in/warnings.v0 v0.1.1 >> +- gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.8 >> + gotest.tools => gotest.tools v2.2.0+incompatible >> + gotest.tools/gotestsum => gotest.tools/gotestsum v0.3.5 >> + honnef.co/go/tools => honnef.co/go/tools v0.0.1-2019.2.2 >> +diff --git a/src/import/go.sum b/src/import/go.sum >> +index b5e3f74686f..617081d2d9e 100644 >> +--- a/src/import/go.sum >> ++++ b/src/import/go.sum >> +@@ -492,8 +492,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep >> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >> + gopkg.in/warnings.v0 v0.1.1 h1:XM28wIgFzaBmeZ5dNHIpWLQpt/9DGKxk+rCg/22nnYE= >> + gopkg.in/warnings.v0 v0.1.1/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + gotest.tools/gotestsum v0.3.5 h1:VePOWRsuWFYpfp/G8mbmOZKxO5T3501SEGQRUdvq7h0= >> +diff --git a/src/import/staging/src/k8s.io/api/go.sum b/src/import/staging/src/k8s.io/api/go.sum >> +index c162d16011e..8ac86891676 100644 >> +--- a/src/import/staging/src/k8s.io/api/go.sum >> ++++ b/src/import/staging/src/k8s.io/api/go.sum >> +@@ -90,8 +90,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= >> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >> +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >> +index f2cc6ca100f..41289345ad7 100644 >> +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >> ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.mod >> +@@ -21,7 +21,7 @@ require ( >> + github.com/spf13/pflag v1.0.3 >> + github.com/stretchr/testify v1.3.0 >> + google.golang.org/grpc v1.23.0 >> +- gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 v2.2.8 >> + k8s.io/api v0.0.0 >> + k8s.io/apimachinery v0.0.0 >> + k8s.io/apiserver v0.0.0 >> +diff --git a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >> +index 853644fbe6d..1c4460fdc38 100644 >> +--- a/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >> ++++ b/src/import/staging/src/k8s.io/apiextensions-apiserver/go.sum >> +@@ -349,8 +349,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.mod b/src/import/staging/src/k8s.io/apimachinery/go.mod >> +index 5b49085be74..bdd9ed2f63d 100644 >> +--- a/src/import/staging/src/k8s.io/apimachinery/go.mod >> ++++ b/src/import/staging/src/k8s.io/apimachinery/go.mod >> +@@ -30,7 +30,7 @@ require ( >> + golang.org/x/text v0.3.2 // indirect >> + gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect >> + gopkg.in/inf.v0 v0.9.0 >> +- gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 v2.2.8 >> + k8s.io/klog v0.4.0 >> + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf >> + sigs.k8s.io/yaml v1.1.0 >> +diff --git a/src/import/staging/src/k8s.io/apimachinery/go.sum b/src/import/staging/src/k8s.io/apimachinery/go.sum >> +index 916261e42c0..636ef5751ea 100644 >> +--- a/src/import/staging/src/k8s.io/apimachinery/go.sum >> ++++ b/src/import/staging/src/k8s.io/apimachinery/go.sum >> +@@ -106,8 +106,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep >> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >> +diff --git a/src/import/staging/src/k8s.io/apiserver/go.mod b/src/import/staging/src/k8s.io/apiserver/go.mod >> +index 8f97b49b06a..e1fdb94df10 100644 >> +--- a/src/import/staging/src/k8s.io/apiserver/go.mod >> ++++ b/src/import/staging/src/k8s.io/apiserver/go.mod >> +@@ -47,7 +47,7 @@ require ( >> + google.golang.org/grpc v1.23.0 >> + gopkg.in/natefinch/lumberjack.v2 v2.0.0 >> + gopkg.in/square/go-jose.v2 v2.2.2 >> +- gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 v2.2.8 >> + gotest.tools v2.2.0+incompatible // indirect >> + k8s.io/api v0.0.0 >> + k8s.io/apimachinery v0.0.0 >> +diff --git a/src/import/staging/src/k8s.io/apiserver/go.sum b/src/import/staging/src/k8s.io/apiserver/go.sum >> +index 9658ae1784a..d055f0d08a2 100644 >> +--- a/src/import/staging/src/k8s.io/apiserver/go.sum >> ++++ b/src/import/staging/src/k8s.io/apiserver/go.sum >> +@@ -268,8 +268,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/cli-runtime/go.sum b/src/import/staging/src/k8s.io/cli-runtime/go.sum >> +index 71af2c05905..641ba432230 100644 >> +--- a/src/import/staging/src/k8s.io/cli-runtime/go.sum >> ++++ b/src/import/staging/src/k8s.io/cli-runtime/go.sum >> +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/client-go/go.sum b/src/import/staging/src/k8s.io/client-go/go.sum >> +index ec7d3780cad..315bfceda79 100644 >> +--- a/src/import/staging/src/k8s.io/client-go/go.sum >> ++++ b/src/import/staging/src/k8s.io/client-go/go.sum >> +@@ -175,8 +175,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/cloud-provider/go.sum b/src/import/staging/src/k8s.io/cloud-provider/go.sum >> +index e00d8e24a27..7d446c66231 100644 >> +--- a/src/import/staging/src/k8s.io/cloud-provider/go.sum >> ++++ b/src/import/staging/src/k8s.io/cloud-provider/go.sum >> +@@ -158,8 +158,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >> +index 09c98a9ccd8..e148b9741de 100644 >> +--- a/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >> ++++ b/src/import/staging/src/k8s.io/cluster-bootstrap/go.sum >> +@@ -91,8 +91,8 @@ gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76 >> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >> +diff --git a/src/import/staging/src/k8s.io/code-generator/go.mod b/src/import/staging/src/k8s.io/code-generator/go.mod >> +index 7717cae18ba..0dc05a6c181 100644 >> +--- a/src/import/staging/src/k8s.io/code-generator/go.mod >> ++++ b/src/import/staging/src/k8s.io/code-generator/go.mod >> +@@ -15,7 +15,7 @@ require ( >> + golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac // indirect >> + gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485 >> + gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e // indirect >> +- gopkg.in/yaml.v2 v2.2.4 // indirect >> ++ gopkg.in/yaml.v2 v2.2.8 // indirect >> + k8s.io/gengo v0.0.0-20190822140433-26a664648505 >> + k8s.io/klog v0.4.0 >> + k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf >> +diff --git a/src/import/staging/src/k8s.io/code-generator/go.sum b/src/import/staging/src/k8s.io/code-generator/go.sum >> +index a34b8497afa..a3be7c382b8 100644 >> +--- a/src/import/staging/src/k8s.io/code-generator/go.sum >> ++++ b/src/import/staging/src/k8s.io/code-generator/go.sum >> +@@ -103,8 +103,8 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8 >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> + k8s.io/gengo v0.0.0-20190822140433-26a664648505 h1:ZY6yclUKVbZ+SdWnkfY+Je5vrMpKOxmGeKRbsXVmqYM= >> +diff --git a/src/import/staging/src/k8s.io/component-base/go.sum b/src/import/staging/src/k8s.io/component-base/go.sum >> +index 34151a5846d..155e3e420e9 100644 >> +--- a/src/import/staging/src/k8s.io/component-base/go.sum >> ++++ b/src/import/staging/src/k8s.io/component-base/go.sum >> +@@ -171,8 +171,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >> +index 71646a53606..a4de3199c55 100644 >> +--- a/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >> ++++ b/src/import/staging/src/k8s.io/csi-translation-lib/go.sum >> +@@ -139,8 +139,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/kube-aggregator/go.sum b/src/import/staging/src/k8s.io/kube-aggregator/go.sum >> +index 306beb4d2c1..be07875a640 100644 >> +--- a/src/import/staging/src/k8s.io/kube-aggregator/go.sum >> ++++ b/src/import/staging/src/k8s.io/kube-aggregator/go.sum >> +@@ -303,8 +303,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >> +index 346871c01de..1653f3eca5a 100644 >> +--- a/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >> ++++ b/src/import/staging/src/k8s.io/kube-controller-manager/go.sum >> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/kube-proxy/go.sum b/src/import/staging/src/k8s.io/kube-proxy/go.sum >> +index 346871c01de..1653f3eca5a 100644 >> +--- a/src/import/staging/src/k8s.io/kube-proxy/go.sum >> ++++ b/src/import/staging/src/k8s.io/kube-proxy/go.sum >> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/kube-scheduler/go.sum b/src/import/staging/src/k8s.io/kube-scheduler/go.sum >> +index 346871c01de..1653f3eca5a 100644 >> +--- a/src/import/staging/src/k8s.io/kube-scheduler/go.sum >> ++++ b/src/import/staging/src/k8s.io/kube-scheduler/go.sum >> +@@ -147,8 +147,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/kubectl/go.mod b/src/import/staging/src/k8s.io/kubectl/go.mod >> +index 5e5e4b2bbed..d1c8a52cbb4 100644 >> +--- a/src/import/staging/src/k8s.io/kubectl/go.mod >> ++++ b/src/import/staging/src/k8s.io/kubectl/go.mod >> +@@ -33,7 +33,7 @@ require ( >> + github.com/spf13/pflag v1.0.3 >> + github.com/stretchr/testify v1.3.0 >> + golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f >> +- gopkg.in/yaml.v2 v2.2.4 >> ++ gopkg.in/yaml.v2 v2.2.8 >> + gotest.tools v2.2.0+incompatible // indirect >> + k8s.io/api v0.0.0 >> + k8s.io/apimachinery v0.0.0 >> +diff --git a/src/import/staging/src/k8s.io/kubectl/go.sum b/src/import/staging/src/k8s.io/kubectl/go.sum >> +index b164ecd3dc3..17d56a30001 100644 >> +--- a/src/import/staging/src/k8s.io/kubectl/go.sum >> ++++ b/src/import/staging/src/k8s.io/kubectl/go.sum >> +@@ -268,8 +268,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/kubelet/go.sum b/src/import/staging/src/k8s.io/kubelet/go.sum >> +index 0635238e2ce..e12860540cd 100644 >> +--- a/src/import/staging/src/k8s.io/kubelet/go.sum >> ++++ b/src/import/staging/src/k8s.io/kubelet/go.sum >> +@@ -87,8 +87,8 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= >> + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= >> + gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> + k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= >> + k8s.io/klog v0.4.0 h1:lCJCxf/LIowc2IGS9TPjWDyXY4nOmdGdfcwwDQCOURQ= >> +diff --git a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >> +index 7da7d10f1b0..4affb42e698 100644 >> +--- a/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >> ++++ b/src/import/staging/src/k8s.io/legacy-cloud-providers/go.sum >> +@@ -271,8 +271,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/metrics/go.sum b/src/import/staging/src/k8s.io/metrics/go.sum >> +index 4ba35f7c725..b820dfe346b 100644 >> +--- a/src/import/staging/src/k8s.io/metrics/go.sum >> ++++ b/src/import/staging/src/k8s.io/metrics/go.sum >> +@@ -192,8 +192,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >> +diff --git a/src/import/staging/src/k8s.io/node-api/go.sum b/src/import/staging/src/k8s.io/node-api/go.sum >> +index eb2113416f4..df4095e8c53 100644 >> +--- a/src/import/staging/src/k8s.io/node-api/go.sum >> ++++ b/src/import/staging/src/k8s.io/node-api/go.sum >> +@@ -195,8 +195,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >> +diff --git a/src/import/staging/src/k8s.io/sample-apiserver/go.sum b/src/import/staging/src/k8s.io/sample-apiserver/go.sum >> +index 6100b600021..c9af593485a 100644 >> +--- a/src/import/staging/src/k8s.io/sample-apiserver/go.sum >> ++++ b/src/import/staging/src/k8s.io/sample-apiserver/go.sum >> +@@ -300,8 +300,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> +diff --git a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >> +index 71af2c05905..641ba432230 100644 >> +--- a/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >> ++++ b/src/import/staging/src/k8s.io/sample-cli-plugin/go.sum >> +@@ -207,8 +207,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= >> +diff --git a/src/import/staging/src/k8s.io/sample-controller/go.sum b/src/import/staging/src/k8s.io/sample-controller/go.sum >> +index 2729443484f..9d360830a5a 100644 >> +--- a/src/import/staging/src/k8s.io/sample-controller/go.sum >> ++++ b/src/import/staging/src/k8s.io/sample-controller/go.sum >> +@@ -196,8 +196,8 @@ gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= >> + gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= >> + gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> +-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= >> +-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> ++gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= >> ++gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= >> + honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= >> + k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6 h1:4s3/R4+OYYYUKptXPhZKjQ04WJ6EhQQVFdjOFvCazDk= >> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >> +index 9f556934d8b..055480b9ef8 100644 >> +--- a/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >> ++++ b/src/import/vendor/gopkg.in/yaml.v2/.travis.yml >> +@@ -1,12 +1,16 @@ >> + language: go >> + >> + go: >> +- - 1.4 >> +- - 1.5 >> +- - 1.6 >> +- - 1.7 >> +- - 1.8 >> +- - 1.9 >> +- - tip >> ++ - "1.4.x" >> ++ - "1.5.x" >> ++ - "1.6.x" >> ++ - "1.7.x" >> ++ - "1.8.x" >> ++ - "1.9.x" >> ++ - "1.10.x" >> ++ - "1.11.x" >> ++ - "1.12.x" >> ++ - "1.13.x" >> ++ - "tip" >> + >> + go_import_path: gopkg.in/yaml.v2 >> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/decode.go b/src/import/vendor/gopkg.in/yaml.v2/decode.go >> +index 53108765555..129bc2a97d3 100644 >> +--- a/src/import/vendor/gopkg.in/yaml.v2/decode.go >> ++++ b/src/import/vendor/gopkg.in/yaml.v2/decode.go >> +@@ -319,10 +319,14 @@ func (d *decoder) prepare(n *node, out reflect.Value) (newout reflect.Value, unm >> + } >> + >> + const ( >> +- // 400,000 decode operations is ~500kb of dense object declarations, or ~5kb of dense object declarations with 10000% alias expansion >> ++ // 400,000 decode operations is ~500kb of dense object declarations, or >> ++ // ~5kb of dense object declarations with 10000% alias expansion >> + alias_ratio_range_low = 400000 >> +- // 4,000,000 decode operations is ~5MB of dense object declarations, or ~4.5MB of dense object declarations with 10% alias expansion >> ++ >> ++ // 4,000,000 decode operations is ~5MB of dense object declarations, or >> ++ // ~4.5MB of dense object declarations with 10% alias expansion >> + alias_ratio_range_high = 4000000 >> ++ >> + // alias_ratio_range is the range over which we scale allowed alias ratios >> + alias_ratio_range = float64(alias_ratio_range_high - alias_ratio_range_low) >> + ) >> +@@ -784,8 +788,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { >> + case mappingNode: >> + d.unmarshal(n, out) >> + case aliasNode: >> +- an, ok := d.doc.anchors[n.value] >> +- if ok && an.kind != mappingNode { >> ++ if n.alias != nil && n.alias.kind != mappingNode { >> + failWantMap() >> + } >> + d.unmarshal(n, out) >> +@@ -794,8 +797,7 @@ func (d *decoder) merge(n *node, out reflect.Value) { >> + for i := len(n.children) - 1; i >= 0; i-- { >> + ni := n.children[i] >> + if ni.kind == aliasNode { >> +- an, ok := d.doc.anchors[ni.value] >> +- if ok && an.kind != mappingNode { >> ++ if ni.alias != nil && ni.alias.kind != mappingNode { >> + failWantMap() >> + } >> + } else if ni.kind != mappingNode { >> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >> +index 570b8ecd10f..0b9bb6030a0 100644 >> +--- a/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >> ++++ b/src/import/vendor/gopkg.in/yaml.v2/scannerc.go >> +@@ -626,31 +626,18 @@ func trace(args ...interface{}) func() { >> + func yaml_parser_fetch_more_tokens(parser *yaml_parser_t) bool { >> + // While we need more tokens to fetch, do it. >> + for { >> +- // Check if we really need to fetch more tokens. >> +- need_more_tokens := false >> +- >> +- if parser.tokens_head == len(parser.tokens) { >> +- // Queue is empty. >> +- need_more_tokens = true >> +- } else { >> +- // Check if any potential simple key may occupy the head position. >> +- if !yaml_parser_stale_simple_keys(parser) { >> ++ if parser.tokens_head != len(parser.tokens) { >> ++ // If queue is non-empty, check if any potential simple key may >> ++ // occupy the head position. >> ++ head_tok_idx, ok := parser.simple_keys_by_tok[parser.tokens_parsed] >> ++ if !ok { >> ++ break >> ++ } else if valid, ok := yaml_simple_key_is_valid(parser, &parser.simple_keys[head_tok_idx]); !ok { >> + return false >> +- } >> +- >> +- for i := range parser.simple_keys { >> +- simple_key := &parser.simple_keys[i] >> +- if simple_key.possible && simple_key.token_number == parser.tokens_parsed { >> +- need_more_tokens = true >> +- break >> +- } >> ++ } else if !valid { >> ++ break >> + } >> + } >> +- >> +- // We are finished. >> +- if !need_more_tokens { >> +- break >> +- } >> + // Fetch the next token. >> + if !yaml_parser_fetch_next_token(parser) { >> + return false >> +@@ -678,11 +665,6 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { >> + return false >> + } >> + >> +- // Remove obsolete potential simple keys. >> +- if !yaml_parser_stale_simple_keys(parser) { >> +- return false >> +- } >> +- >> + // Check the indentation level against the current column. >> + if !yaml_parser_unroll_indent(parser, parser.mark.column) { >> + return false >> +@@ -837,29 +819,30 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool { >> + "found character that cannot start any token") >> + } >> + >> +-// Check the list of potential simple keys and remove the positions that >> +-// cannot contain simple keys anymore. >> +-func yaml_parser_stale_simple_keys(parser *yaml_parser_t) bool { >> +- // Check for a potential simple key for each flow level. >> +- for i := range parser.simple_keys { >> +- simple_key := &parser.simple_keys[i] >> +- >> +- // The specification requires that a simple key >> +- // >> +- // - is limited to a single line, >> +- // - is shorter than 1024 characters. >> +- if simple_key.possible && (simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index) { >> +- >> +- // Check if the potential simple key to be removed is required. >> +- if simple_key.required { >> +- return yaml_parser_set_scanner_error(parser, >> +- "while scanning a simple key", simple_key.mark, >> +- "could not find expected ':'") >> +- } >> +- simple_key.possible = false >> ++func yaml_simple_key_is_valid(parser *yaml_parser_t, simple_key *yaml_simple_key_t) (valid, ok bool) { >> ++ if !simple_key.possible { >> ++ return false, true >> ++ } >> ++ >> ++ // The 1.2 specification says: >> ++ // >> ++ // "If the ? indicator is omitted, parsing needs to see past the >> ++ // implicit key to recognize it as such. To limit the amount of >> ++ // lookahead required, the “:” indicator must appear at most 1024 >> ++ // Unicode characters beyond the start of the key. In addition, the key >> ++ // is restricted to a single line." >> ++ // >> ++ if simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index { >> ++ // Check if the potential simple key to be removed is required. >> ++ if simple_key.required { >> ++ return false, yaml_parser_set_scanner_error(parser, >> ++ "while scanning a simple key", simple_key.mark, >> ++ "could not find expected ':'") >> + } >> ++ simple_key.possible = false >> ++ return false, true >> + } >> +- return true >> ++ return true, true >> + } >> + >> + // Check if a simple key may start at the current position and add it if >> +@@ -879,13 +862,14 @@ func yaml_parser_save_simple_key(parser *yaml_parser_t) bool { >> + possible: true, >> + required: required, >> + token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), >> ++ mark: parser.mark, >> + } >> +- simple_key.mark = parser.mark >> + >> + if !yaml_parser_remove_simple_key(parser) { >> + return false >> + } >> + parser.simple_keys[len(parser.simple_keys)-1] = simple_key >> ++ parser.simple_keys_by_tok[simple_key.token_number] = len(parser.simple_keys) - 1 >> + } >> + return true >> + } >> +@@ -900,9 +884,10 @@ func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool { >> + "while scanning a simple key", parser.simple_keys[i].mark, >> + "could not find expected ':'") >> + } >> ++ // Remove the key from the stack. >> ++ parser.simple_keys[i].possible = false >> ++ delete(parser.simple_keys_by_tok, parser.simple_keys[i].token_number) >> + } >> +- // Remove the key from the stack. >> +- parser.simple_keys[i].possible = false >> + return true >> + } >> + >> +@@ -912,7 +897,12 @@ const max_flow_level = 10000 >> + // Increase the flow level and resize the simple key list if needed. >> + func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { >> + // Reset the simple key on the next level. >> +- parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) >> ++ parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{ >> ++ possible: false, >> ++ required: false, >> ++ token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head), >> ++ mark: parser.mark, >> ++ }) >> + >> + // Increase the flow level. >> + parser.flow_level++ >> +@@ -928,7 +918,9 @@ func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool { >> + func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool { >> + if parser.flow_level > 0 { >> + parser.flow_level-- >> +- parser.simple_keys = parser.simple_keys[:len(parser.simple_keys)-1] >> ++ last := len(parser.simple_keys) - 1 >> ++ delete(parser.simple_keys_by_tok, parser.simple_keys[last].token_number) >> ++ parser.simple_keys = parser.simple_keys[:last] >> + } >> + return true >> + } >> +@@ -1005,6 +997,8 @@ func yaml_parser_fetch_stream_start(parser *yaml_parser_t) bool { >> + // Initialize the simple key stack. >> + parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{}) >> + >> ++ parser.simple_keys_by_tok = make(map[int]int) >> ++ >> + // A simple key is allowed at the beginning of the stream. >> + parser.simple_key_allowed = true >> + >> +@@ -1286,7 +1280,11 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { >> + simple_key := &parser.simple_keys[len(parser.simple_keys)-1] >> + >> + // Have we found a simple key? >> +- if simple_key.possible { >> ++ if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok { >> ++ return false >> ++ >> ++ } else if valid { >> ++ >> + // Create the KEY token and insert it into the queue. >> + token := yaml_token_t{ >> + typ: yaml_KEY_TOKEN, >> +@@ -1304,6 +1302,7 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool { >> + >> + // Remove the simple key. >> + simple_key.possible = false >> ++ delete(parser.simple_keys_by_tok, simple_key.token_number) >> + >> + // A simple key cannot follow another simple key. >> + parser.simple_key_allowed = false >> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yaml.go b/src/import/vendor/gopkg.in/yaml.v2/yaml.go >> +index de85aa4cdb7..89650e293ac 100644 >> +--- a/src/import/vendor/gopkg.in/yaml.v2/yaml.go >> ++++ b/src/import/vendor/gopkg.in/yaml.v2/yaml.go >> +@@ -89,7 +89,7 @@ func UnmarshalStrict(in []byte, out interface{}) (err error) { >> + return unmarshal(in, out, true) >> + } >> + >> +-// A Decorder reads and decodes YAML values from an input stream. >> ++// A Decoder reads and decodes YAML values from an input stream. >> + type Decoder struct { >> + strict bool >> + parser *parser >> +diff --git a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >> +index e25cee563be..f6a9c8e34b1 100644 >> +--- a/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >> ++++ b/src/import/vendor/gopkg.in/yaml.v2/yamlh.go >> +@@ -579,6 +579,7 @@ type yaml_parser_t struct { >> + >> + simple_key_allowed bool // May a simple key occur at the current position? >> + simple_keys []yaml_simple_key_t // The stack of simple keys. >> ++ simple_keys_by_tok map[int]int // possible simple_key indexes indexed by token_number >> + >> + // Parser stuff >> + >> +diff --git a/src/import/vendor/modules.txt b/src/import/vendor/modules.txt >> +index 4585ca5ec0d..06a5d7fa5a0 100644 >> +--- a/src/import/vendor/modules.txt >> ++++ b/src/import/vendor/modules.txt >> +@@ -1069,7 +1069,7 @@ gopkg.in/square/go-jose.v2/jwt >> + gopkg.in/tomb.v1 >> + # gopkg.in/warnings.v0 v0.1.1 => gopkg.in/warnings.v0 v0.1.1 >> + gopkg.in/warnings.v0 >> +-# gopkg.in/yaml.v2 v2.2.4 => gopkg.in/yaml.v2 v2.2.4 >> ++# gopkg.in/yaml.v2 v2.2.8 => gopkg.in/yaml.v2 v2.2.8 >> + gopkg.in/yaml.v2 >> + # gotest.tools v2.2.0+incompatible => gotest.tools v2.2.0+incompatible >> + gotest.tools >> +-- >> +2.23.0 >> + >> diff --git a/recipes-containers/kubernetes/kubernetes_git.bb b/recipes-containers/kubernetes/kubernetes_git.bb >> index e96b7d6..941e0ca 100644 >> --- a/recipes-containers/kubernetes/kubernetes_git.bb >> +++ b/recipes-containers/kubernetes/kubernetes_git.bb >> @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/kubernetes/kubernetes.git;branch=release-1.16;name=k >> file://CVE-2020-8551.patch \ >> file://CVE-2020-8552.patch \ >> file://CVE-2020-8555.patch \ >> + file://CVE-2019-11254.patch \ >> " >> >> DEPENDS += "rsync-native \ >> -- >> 2.17.1 >> -- --------------------- Thanks, Zhixiong Chi Tel: +86-10-8477-7036 ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2020-07-30 7:36 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-06-18 7:34 [yocto][meta-virtualization][zeus][PATCH] kubernetes: CVE-2019-11254 Zhixiong Chi
2020-06-18 12:49 ` Bruce Ashfield
2020-06-19 2:29 ` Zhixiong Chi
2020-06-19 12:54 ` Bruce Ashfield
[not found] ` <1619D0FBDD33F6B0.13914@lists.yoctoproject.org>
2020-06-19 3:19 ` Zhixiong Chi
[not found] ` <1619D3B5F684DBB7.13914@lists.yoctoproject.org>
2020-06-19 3:21 ` Zhixiong Chi
2020-06-22 13:35 ` Bruce Ashfield
2020-07-30 7:37 ` Zhixiong Chi
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.