fix(security): Update dependencies for upstream vulnerabilities

[CVE-2022-21698](GHSA-cg3q-j54f-5p7p) prometheus/client_golang
CVE-2022-29526 x/sys

.github/workflows/release.yml

@@ -31,9 +31,9 @@ jobs:
           fetch-depth: 0
 
       - name: Set up Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v4
         with:
-          go-version: 1.17
+          go-version: 1.20.3
 
       - name: Install promu
         id: make_promu

.github/workflows/test.yml

@@ -28,9 +28,9 @@ jobs:
           fetch-depth: 0
 
       - name: Set up Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v4
         with:
-          go-version: 1.17
+          go-version: 1.20.3
 
       - name: Test
         id: test

collector/collector.go

@@ -5,10 +5,10 @@ import (
 	"fmt"
 	"strings"
 
+	"github.com/alecthomas/kingpin/v2"
 	"github.com/go-kit/log"
 	"github.com/pdf/zfs_exporter/v2/zfs"
 	"github.com/prometheus/client_golang/prometheus"
-	"gopkg.in/alecthomas/kingpin.v2"
 )
 
 const (

collector/collector_test.go

@@ -5,7 +5,7 @@ import (
 	"context"
 	"time"
 
-	"github.com/go-kit/kit/log"
+	"github.com/go-kit/log"
 	"github.com/pdf/zfs_exporter/v2/zfs"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/testutil"

go.mod

@@ -1,27 +1,27 @@
 module github.com/pdf/zfs_exporter/v2
 
-go 1.17
+go 1.20
 
 require (
-	github.com/alecthomas/units v0.0.0-20210208195552-ff826a37aa15 // indirect
-	github.com/go-kit/kit v0.11.0
-	github.com/go-kit/log v0.1.0
+	github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect
+	github.com/go-kit/log v0.2.1
 	github.com/golang/mock v1.6.0
-	github.com/golang/protobuf v1.5.2 // indirect
-	github.com/prometheus/client_golang v1.11.0
-	github.com/prometheus/common v0.30.0
-	golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 // indirect
-	gopkg.in/alecthomas/kingpin.v2 v2.2.6
+	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/prometheus/client_golang v1.15.0
+	github.com/prometheus/common v0.42.0
+	golang.org/x/sys v0.7.0 // indirect
 )
 
+require github.com/alecthomas/kingpin/v2 v2.3.2
+
 require (
-	github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/cespare/xxhash/v2 v2.1.1 // indirect
-	github.com/go-logfmt/logfmt v0.5.0 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
-	github.com/pkg/errors v0.9.1 // indirect
-	github.com/prometheus/client_model v0.2.0 // indirect
-	github.com/prometheus/procfs v0.7.3 // indirect
-	google.golang.org/protobuf v1.27.1 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/go-logfmt/logfmt v0.6.0 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
+	github.com/prometheus/client_model v0.3.0 // indirect
+	github.com/prometheus/procfs v0.9.0 // indirect
+	github.com/xhit/go-str2duration/v2 v2.1.0 // indirect
+	google.golang.org/protobuf v1.30.0 // indirect
 )

zfs_exporter.go

@@ -8,13 +8,13 @@ import (
 	"github.com/pdf/zfs_exporter/v2/collector"
 	"github.com/pdf/zfs_exporter/v2/zfs"
 
-	"github.com/go-kit/kit/log/level"
+	"github.com/alecthomas/kingpin/v2"
+	"github.com/go-kit/log/level"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
 	"github.com/prometheus/common/promlog"
 	"github.com/prometheus/common/promlog/flag"
 	"github.com/prometheus/common/version"
-	"gopkg.in/alecthomas/kingpin.v2"
 )
 
 func main() {