Skip to content
This repository has been archived by the owner on Nov 1, 2022. It is now read-only.

Update dependencies #3605

Merged
merged 2 commits into from
May 3, 2022
Merged

Update dependencies #3605

merged 2 commits into from
May 3, 2022

Conversation

pjbgf
Copy link
Member

@pjbgf pjbgf commented May 3, 2022
edited
Loading

  • Update golang.org/x/crypto to version v0.0.0-20220427172511-eb4f295cb31f (fixes CVE-2022-27191).
  • Replace github.com/dgrijalva/jwt-go@v3.2.0+incompatible with github.com/golang-jwt/jwt@3.2.2 (fixes CVE-2020-26160).
  • Update kubectl to version v1.21.11.

@pjbgf pjbgf changed the title Update deps Update dependencies May 3, 2022
@kingdonb kingdonb added this to the 1.25.1 milestone May 3, 2022
Update kubectl to v1.21.11
5e1c9da 
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
@pjbgf pjbgf marked this pull request as ready for review May 3, 2022 16:01
@pjbgf pjbgf changed the base branch from master to release/1.25.1 May 3, 2022 17:03
@kingdonb kingdonb changed the base branch from release/1.25.1 to master May 3, 2022 17:12
kingdonb
kingdonb approved these changes May 3, 2022
View reviewed changes
Copy link
Member

@kingdonb kingdonb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

Update dependencies
0a4ddaa 
- Replace github.com/dgrijalva/jwt-go@v3.2.0+incompatible with github.com/golang-jwt/jwt@3.2.2 (fixes CVE-2020-26160).
- Update golang.org/x/crypto to v0.0.0-20220427172511-eb4f295cb31f (fixes CVE-2022-27191).

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
Signed-off-by: Kingdon Barrett <kingdon@weave.works>
@kingdonb
Copy link
Member

kingdonb commented May 3, 2022

I have just made a minor update to the "Update dependencies" commit so that it would have the proper formatting in the subject line.

@kingdonb kingdonb added the dependencies Pull requests that update a dependency file label May 3, 2022
@kingdonb
Copy link
Member

kingdonb commented May 3, 2022

CI is passing, LGTM

@kingdonb kingdonb merged commit 5e66637 into fluxcd:master May 3, 2022
@pjbgf pjbgf deleted the update-deps branch May 3, 2022 17:40
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@kingdonb kingdonb kingdonb approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
1.25.1
Development

Successfully merging this pull request may close these issues.
2 participants
@pjbgf @kingdonb