Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update to golang 1.20.6 #4013

Merged
merged 1 commit into from
Jul 28, 2023
Merged

Update to golang 1.20.6 #4013

merged 1 commit into from
Jul 28, 2023

Conversation

mortent
Copy link
Contributor

@mortent mortent commented Jul 28, 2023

Update to golang 1.20.6 due to CVE-2023-29406

@mortent mortent requested a review from a team as a code owner July 28, 2023 22:23
justinsb
justinsb reviewed Jul 28, 2023
View reviewed changes
.github/workflows/checkLicenses.yml
@@ -24,7 +24,7 @@ jobs:
- name: Set up Go 1.20
uses: actions/setup-go@v3
with:
go-version: '>=1.20.5'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We might be able to use 'stable' here (for things where we are running go but not necessarily building artifacts): https://github.com/actions/setup-go#using-stableoldstable-aliases. But OTOH that might be more confusing than just having one, explicitly specified version.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I agree. But we have had quite a few CVE's come up about go, so on the other hand it is useful to be explicit about which version we are using.

justinsb
justinsb reviewed Jul 28, 2023
View reviewed changes
Copy link
Contributor

@justinsb justinsb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

/approve
/lgtm

@mortent mortent merged commit 5185eff into kptdev:main Jul 28, 2023
15 checks passed
johnbelamaric pushed a commit to mortent/kpt that referenced this pull request Sep 18, 2023
@mortent @johnbelamaric
Update to golang 1.20.6 (kptdev#4013)
4ab81ab
@karlkfi karlkfi mentioned this pull request Oct 13, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@justinsb justinsb justinsb approved these changes

@natasha41575 natasha41575 Awaiting requested review from natasha41575 natasha41575 was automatically assigned from GoogleContainerTools/kpt-reviewers

@droot droot Awaiting requested review from droot

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mortent @justinsb