New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pin golang.org/x/net to v0.4.0 in 1.26 #115642
Merged
k8s-ci-robot
merged 1 commit into
kubernetes:release-1.26
from
nckturner:pin-golang.org/x/net-to-v0.4.0-in-1.26
Feb 10, 2023
Merged
Pin golang.org/x/net to v0.4.0 in 1.26 #115642
k8s-ci-robot
merged 1 commit into
kubernetes:release-1.26
from
nckturner:pin-golang.org/x/net-to-v0.4.0-in-1.26
Feb 10, 2023
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
k8s-ci-robot
added
do-not-merge/cherry-pick-not-approved
Indicates that a PR is not yet approved to merge into a release branch.
release-note-none
Denotes a PR that doesn't merit a release note.
labels
Feb 9, 2023
k8s-ci-robot
added
kind/cleanup
Categorizes issue or PR as related to cleaning up code, process, or technical debt.
size/M
Denotes a PR that changes 30-99 lines, ignoring generated files.
cncf-cla: yes
Indicates the PR's author has signed the CNCF CLA.
do-not-merge/needs-sig
Indicates an issue or PR lacks a `sig/foo` label and requires one.
needs-triage
Indicates an issue or PR lacks a `triage/foo` label and requires one.
needs-priority
Indicates a PR lacks a `priority/foo` label and requires one.
area/apiserver
area/cloudprovider
area/code-generation
area/dependency
Issues or PRs related to dependency changes
area/kubectl
sig/api-machinery
Categorizes an issue or PR as relevant to SIG API Machinery.
sig/architecture
Categorizes an issue or PR as relevant to SIG Architecture.
sig/auth
Categorizes an issue or PR as relevant to SIG Auth.
sig/cli
Categorizes an issue or PR as relevant to SIG CLI.
sig/cloud-provider
Categorizes an issue or PR as relevant to SIG Cloud Provider.
sig/cluster-lifecycle
Categorizes an issue or PR as relevant to SIG Cluster Lifecycle.
sig/instrumentation
Categorizes an issue or PR as relevant to SIG Instrumentation.
sig/node
Categorizes an issue or PR as relevant to SIG Node.
sig/storage
Categorizes an issue or PR as relevant to SIG Storage.
and removed
do-not-merge/needs-sig
Indicates an issue or PR lacks a `sig/foo` label and requires one.
labels
Feb 9, 2023
/lgtm |
k8s-ci-robot
added
the
lgtm
"Looks good to me", indicates that a PR is ready to be merged.
label
Feb 9, 2023
LGTM label has been added. Git tree hash: 68f72c12be59f399ac31611cff32f0ebe08111f6
|
k8s-ci-robot
added
the
approved
Indicates a PR has been approved by an approver from all required OWNERS files.
label
Feb 9, 2023
/triage accepted |
k8s-ci-robot
added
triage/accepted
Indicates an issue or PR is ready to be actively worked on.
priority/important-soon
Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
and removed
needs-triage
Indicates an issue or PR lacks a `triage/foo` label and requires one.
needs-priority
Indicates a PR lacks a `priority/foo` label and requires one.
labels
Feb 9, 2023
saschagrunert
approved these changes
Feb 10, 2023
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
saschagrunert
added
cherry-pick-approved
Indicates a cherry-pick PR into a release branch has been approved by the release branch manager.
and removed
do-not-merge/cherry-pick-not-approved
Indicates that a PR is not yet approved to merge into a release branch.
labels
Feb 10, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
approved
Indicates a PR has been approved by an approver from all required OWNERS files.
area/apiserver
area/cloudprovider
area/code-generation
area/dependency
Issues or PRs related to dependency changes
area/kubectl
cherry-pick-approved
Indicates a cherry-pick PR into a release branch has been approved by the release branch manager.
cncf-cla: yes
Indicates the PR's author has signed the CNCF CLA.
kind/cleanup
Categorizes issue or PR as related to cleaning up code, process, or technical debt.
lgtm
"Looks good to me", indicates that a PR is ready to be merged.
priority/important-soon
Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
release-note-none
Denotes a PR that doesn't merit a release note.
sig/api-machinery
Categorizes an issue or PR as relevant to SIG API Machinery.
sig/architecture
Categorizes an issue or PR as relevant to SIG Architecture.
sig/auth
Categorizes an issue or PR as relevant to SIG Auth.
sig/cli
Categorizes an issue or PR as relevant to SIG CLI.
sig/cloud-provider
Categorizes an issue or PR as relevant to SIG Cloud Provider.
sig/cluster-lifecycle
Categorizes an issue or PR as relevant to SIG Cluster Lifecycle.
sig/instrumentation
Categorizes an issue or PR as relevant to SIG Instrumentation.
sig/node
Categorizes an issue or PR as relevant to SIG Node.
sig/storage
Categorizes an issue or PR as relevant to SIG Storage.
size/M
Denotes a PR that changes 30-99 lines, ignoring generated files.
triage/accepted
Indicates an issue or PR is ready to be actively worked on.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind cleanup
What this PR does / why we need it:
Pin golang.org/x/net to v0.4.0. The fix for https://nvd.nist.gov/vuln/detail/CVE-2022-41717 was already included, but this will make scanners happy.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
/cc @liggitt @dims
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: