-
Notifications
You must be signed in to change notification settings - Fork 3.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[release/1.6] vendor: golang.org/x/net@v0.23.0 #10214
[release/1.6] vendor: golang.org/x/net@v0.23.0 #10214
Conversation
Partial cherry-pick of c2dfae8 which updates golang.org/x/sys from v0.16.0 to v0.17.0 full diff: golang/sys@v0.16.0...v0.17.0 Signed-off-by: Alexandru Matei <alexandru.matei@uipath.com> (cherry picked from commit c2dfae8) Signed-off-by: Austin Vazquez <macedonv@amazon.com>
Partial cherry-pick of 00d714e which updates golang.org/x/sys from v0.17.0 to v0.18.0. full diff: golang/sys@v0.17.0...v0.18.0 Signed-off-by: dependabot[bot] <support@github.com> (cherry picked from commit 00d714e) Signed-off-by: Austin Vazquez <macedonv@amazon.com>
Partial cherry-pick of 228aa42 which updates golang.org/x/term from v0.16.0 to v0.17.0. full diff: golang/term@v0.16.0...v0.17.0 Signed-off-by: dependabot[bot] <support@github.com> (cherry picked from commit 228aa42) Signed-off-by: Austin Vazquez <macedonv@amazon.com>
Partial cherry-pick of 7842161 which updates golang.org/x/net from v0.17.0 to v0.19.0. full diff: golang/net@v0.17.0...v0.19.0 Signed-off-by: Bryant Biggs <bryantbiggs@gmail.com> (cherry picked from commit 7842161) Signed-off-by: Austin Vazquez <macedonv@amazon.com>
Partial cherry-pick of 5e3e12d which updates golang.org/x/net from v0.19.0 to v0.20.0. full diff: golang/net@v0.19.0...v0.20.0 Signed-off-by: dependabot[bot] <support@github.com> (cherry picked from commit 5e3e12d) Signed-off-by: Austin Vazquez <macedonv@amazon.com>
Partial cherry-pick of 3a5b47d which updates golang.org/x/net from v0.20.0 to v0.21.0 and golang.org/x/crypto from v0.18.0 to v0.19.0. full diff: - golang/net@v0.20.0...v0.21.0 - golang/crypto@v0.18.0...v0.19.0 Signed-off-by: dependabot[bot] <support@github.com> (cherry picked from commit 3a5b47d) Signed-off-by: Austin Vazquez <macedonv@amazon.com>
Partial cherry-pick of 1040c7b which updates golang.org/x/net from v0.21.0 to v0.23.0, golang.org/x/crypto from v0.19.0 to v0.21.0, and golang.org/x/term from v0.17.0 to v0.18.0. full diff: - golang/net@v0.21.0...v0.23.0 - golang/crypto@v0.19.0...v0.21.0 - golang/term@v0.17.0...v0.18.0 Signed-off-by: dependabot[bot] <support@github.com> (cherry picked from commit 1040c7b) Signed-off-by: Austin Vazquez <macedonv@amazon.com>
Hi @austinvazquez. Thanks for your PR. I'm waiting for a containerd member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
Issue
release/1.6 is showing warnings from indirect dependency golang.org/x/net with recommendation to upgrade to golang.org/x/net@v0.23.0.
Description
This change vendors golang.org/x/net@v0.23.0 for the 1.6 release branch to resolve warnings for https://pkg.go.dev/vuln/GO-2024-2687.
Signed-off-by: Austin Vazquez macedonv@amazon.com