Update cni plugins #2024
Update cni plugins #2024
Conversation
|
Skipping CI for Draft Pull Request. |
github-actions
bot
added
patch
|
Locally, had run into this exact issue safchain/ethtool#57 |
|
testing two different solutions out on 1.22 and 1.23. I think 1.23 is correct, but I want to make sure |
|
The 1.23 approach, which also updated vendor, was correct. The failure was due to checksums. Updating all in next commit |
There was a problem hiding this comment.
Need to bump golang/x/text to 0.3.8 in the patch to fix CVE-2021-38561
There was a problem hiding this comment.
P.S upstream updated to golang/x/text to 0.5.0 in 1.2.0
There was a problem hiding this comment.
@kschumy does the patch need to have go 1.18 instead of go1.17?
There was a problem hiding this comment.
So we should be good not handling that other CVE, right?
There was a problem hiding this comment.
@kschumy it's not the CVE, the project is generated with golang version 1.18 but in the go.mod it is 1.17
There was a problem hiding this comment.
we have that for several projects
|
[APPROVALNOTIFIER] This PR is APPROVED Approval requirements bypassed by manually added approval. This pull-request has been approved by: The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/lgtm |
* Bumped cni plugins to 1.2.0 for all versions * added WIP patch * Fixed patches(???) * fix go sum again * Added vendor to 1.23 only to test vs 1.22, which does not have vendor * Added correct version of patch to all versions * checksums * missed a checksum
Issue #, if available:
Description of changes:
For some reason, go mod tidy is generating an error. Will work on resolving thisBy submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.