client_golang icon indicating copy to clipboard operation
client_golang copied to clipboard
verified publisher icon prometheus

Dependency github.com/beorn7/perks:v1.0.1 is EOL — request to upgrade

Open ShivaliBandi opened this issue 3 months ago • 1 comments

Hello Prometheus team,

We are using github.com/prometheus/client_golang:v1.19.1 as a dependency in our project. During our security and version EOL assessment, we observed that this package depends on github.com/beorn7/perks:v1.0.1, which has reached its End of Life (EOL) and is no longer maintained.

Since continued use of EOL components can pose maintenance and security risks, we wanted to bring this to your attention.

Could you please consider upgrading or replacing the dependency github.com/beorn7/perks:v1.0.1 with a supported version (if available) or an alternative package?

Thanks and regards , Shivali Bandi

ShivaliBandi avatar Oct 07 '25 10:10 ShivaliBandi

Why do you think github.com/beorn7/perks has reached EOL? Surprise to me…

beorn7 avatar Oct 19 '25 15:10 beorn7