From 2f05f969e2e567ca30bcd10daaf42c4325494250 Mon Sep 17 00:00:00 2001
From: Nuno Diegues <nuno@cloudflare.com>
Date: Thu, 7 Apr 2022 10:51:52 +0100
Subject: [PATCH] TUN-5995: Force prometheus v1.12.1 usage

---
 go.mod             | 3 +++
 vendor/modules.txt | 1 +
 2 files changed, 4 insertions(+)

diff --git a/go.mod b/go.mod
index 96ce0408..1e571d95 100644
--- a/go.mod
+++ b/go.mod
@@ -98,3 +98,6 @@ require (
 replace github.com/urfave/cli/v2 => github.com/ipostelnik/cli/v2 v2.3.1-0.20210324024421-b6ea8234fe3d
 
 replace github.com/lucas-clemente/quic-go => github.com/chungthuang/quic-go v0.24.1-0.20220110095058-981dc498cb62
+
+// Avoid 'CVE-2022-21698'
+replace github.com/prometheus/golang_client => github.com/prometheus/golang_client v1.12.1
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 6abd2cd0..b6fe6b65 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -566,3 +566,4 @@ zombiezen.com/go/capnproto2/server
 zombiezen.com/go/capnproto2/std/capnp/rpc
 # github.com/urfave/cli/v2 => github.com/ipostelnik/cli/v2 v2.3.1-0.20210324024421-b6ea8234fe3d
 # github.com/lucas-clemente/quic-go => github.com/chungthuang/quic-go v0.24.1-0.20220110095058-981dc498cb62
+# github.com/prometheus/golang_client => github.com/prometheus/golang_client v1.12.1