Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): security update #9514

Merged
merged 1 commit into from Mar 7, 2024
Merged

chore(deps): security update #9514

merged 1 commit into from Mar 7, 2024

Conversation

kumahq[bot]
Copy link
Contributor

@kumahq kumahq bot commented Mar 6, 2024

Scan output:

Before update:

OSV URL CVSS ECOSYSTEM PACKAGE VERSION SOURCE
https://osv.dev/GO-2024-2611 Go google.golang.org/protobuf 1.32.0 go.mod
https://osv.dev/GHSA-jw44-4f3j-q396 Go helm.sh/helm/v3 3.14.2 go.mod
https://osv.dev/GO-2024-2598 Go stdlib 1.21.6 go.mod
https://osv.dev/GO-2024-2599 Go stdlib 1.21.6 go.mod
https://osv.dev/GO-2024-2600 Go stdlib 1.21.6 go.mod
https://osv.dev/GO-2024-2609 Go stdlib 1.21.6 go.mod
https://osv.dev/GO-2024-2610 Go stdlib 1.21.6 go.mod
------------------------------------- ------ ----------- ---------------------------- --------- --------
Uncalled vulnerabilities
------------------------------------- ------ ----------- ---------------------------- --------- --------
https://osv.dev/GO-2022-0646 Go github.com/aws/aws-sdk-go 1.49.6 go.mod

After update:

OSV URL CVSS ECOSYSTEM PACKAGE VERSION SOURCE
https://osv.dev/GHSA-jw44-4f3j-q396 Go helm.sh/helm/v3 3.14.2 go.mod
------------------------------------- ------ ----------- --------------------------- --------- --------
Uncalled vulnerabilities
------------------------------------- ------ ----------- --------------------------- --------- --------
https://osv.dev/GO-2022-0646 Go github.com/aws/aws-sdk-go 1.49.6 go.mod

If a package is showing up in the scan but the script is not trying to update it then it might be because there is no fixed version yet.

@kumahq
chore(deps): security update
8cf36f2 
Signed-off-by: kumahq[bot] <110050114+kumahq[bot]@users.noreply.github.com>
@kumahq kumahq bot requested a review from a team as a code owner March 6, 2024 15:10
@kumahq kumahq bot added dependencies Pull requests that update a dependency file release-2.6 labels Mar 6, 2024
@kumahq kumahq bot requested review from slonka, lobkovilya and lukidzi and removed request for a team March 6, 2024 15:10
@slonka slonka merged commit 7dc0878 into release-2.6 Mar 7, 2024
18 checks passed
@slonka slonka deleted the chore/security-updates-release-2.6 branch March 7, 2024 07:01
@BrewTestBot BrewTestBot mentioned this pull request Mar 19, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@slonka slonka slonka approved these changes

@lobkovilya lobkovilya Awaiting requested review from lobkovilya lobkovilya is a code owner automatically assigned from kumahq/kuma-maintainers

@lukidzi lukidzi Awaiting requested review from lukidzi lukidzi is a code owner automatically assigned from kumahq/kuma-maintainers

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file release-2.6
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@slonka