Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: upgrade github.com/prometheus/client_golang to v1.11.1 to avoid CVE-2022-21698 #12015

Merged
merged 2 commits into from Jan 17, 2023
Merged

chore: upgrade github.com/prometheus/client_golang to v1.11.1 to avoid CVE-2022-21698 #12015

merged 2 commits into from Jan 17, 2023

Conversation

crenshaw-dev
Copy link
Collaborator

…d CVE-2022-21698

Signed-off-by: Michael Crenshaw 350466+crenshaw-dev@users.noreply.github.com

Note on DCO:

If the DCO action in the integration test fails, one or more of your commits are not signed off. Please click on the Details link next to the DCO action for instructions on how to resolve this.

Checklist:

  • Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
  • The title of the PR states what changed and the related issues number (used for the release note).
  • I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
  • I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
  • Does this PR require documentation updates?
  • I've updated documentation as required by this PR.
  • Optional. My organization is added to USERS.md.
  • I have signed off all my commits as required by DCO
  • I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
  • My build is green (troubleshooting builds).

@crenshaw-dev
chore: upgrade github.com/prometheus/client_golang to v1.11.1 to avoid
97b27dc 
…CVE-2022-21698

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
@crenshaw-dev crenshaw-dev added cherry-pick/2.3 Candidate for cherry picking into the 2.3 release branch cherry-pick/2.4 Candidate for cherry picking into the 2.4 release branch labels Jan 17, 2023
@crenshaw-dev crenshaw-dev changed the title chore: upgrade github.com/prometheus/client_golang to v1.11.1 to avoi… chore: upgrade github.com/prometheus/client_golang to v1.11.1 to avoid CVE-2022-21698 Jan 17, 2023
@crenshaw-dev crenshaw-dev marked this pull request as ready for review January 17, 2023 21:58
@crenshaw-dev crenshaw-dev merged commit e89bf08 into argoproj:release-2.4 Jan 17, 2023
@crenshaw-dev crenshaw-dev deleted the CVE-2022-21698-release-2.4 branch January 17, 2023 22:05
crenshaw-dev added a commit that referenced this pull request Jan 17, 2023
@crenshaw-dev
chore: upgrade github.com/prometheus/client_golang to v1.11.1 to avoid
90ae691 
…CVE-2022-21698 (#12015)

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leoluz leoluz leoluz approved these changes

Assignees
No one assigned
Labels
cherry-pick/2.3 Candidate for cherry picking into the 2.3 release branch cherry-pick/2.4 Candidate for cherry picking into the 2.4 release branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@crenshaw-dev @leoluz