Skip to content

chore: update dependencies to latest stable #24

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jan 11, 2022
Merged

chore: update dependencies to latest stable #24

merged 3 commits into from
Jan 11, 2022

Conversation

swiatekm
Copy link

@swiatekm swiatekm commented Jan 11, 2022
edited
Loading

Terraform to 1.1.3
Alpine to 3.15
Collection to 2.3.2

This should take care of some vulnerabilities reported for our out-of-support TF version.

@swiatekm swiatekm requested a review from a team as a code owner January 11, 2022 09:39
pmalek-sumo
pmalek-sumo approved these changes Jan 11, 2022
View reviewed changes
Copy link
Contributor

@pmalek-sumo pmalek-sumo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While this help with some vulnerabilities (mostly due to the upgraded terraform version) we'll also need to bump the providers (which are defined in the downloaded main.tf) in order to get all of them sorted out.

You can get some of these problems by looking at the output of docker scan (or a similar tool).

@swiatekm
Copy link
Author

While this help with some vulnerabilities (mostly due to the upgraded terraform version) we'll also need to bump the providers (which are defined in the downloaded main.tf) in order to get all of them sorted out.

You can get some of these problems by looking at the output of docker scan (or a similar tool).

Actually, running docker scan on the image built from this revision doesn't find any vulnerabilities. In fact, it doesn't look like Snyk cares about Terraform at all.

@swiatekm swiatekm merged commit 4c67df6 into main Jan 11, 2022
@swiatekm swiatekm deleted the chore/dependency-updates branch January 11, 2022 11:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@pmalek-sumo pmalek-sumo pmalek-sumo approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@swiatekm @pmalek-sumo