-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
remove backticks and LDFLAG variable name to fix vulnerability #1190
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks OK -- thanks Nikita.
Please remember to update that .travis.yml
-script
pkg/util/k8s/k8s.go
Outdated
@@ -51,7 +51,7 @@ const ( | |||
) | |||
|
|||
var ( | |||
kbVerRegex = regexp.MustCompile(`^(v\d+\.\d+\.\d+)(.*)`) | |||
kbVerRegex = regexp.MustCompile("^(v\\d+\\.\\d+\\.\\d+)(.*)") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good that you caught it. 👍
LOL -- this is too funny -- now the Travis and
We'll probably need to add |
Looking good -- but, you might need to rebase the PR, to make the Travis happy... |
Travis is still failing because of same issue , after adding lint:ignore, staticcheck looks fine but lint is still complaining about same issue
|
This PR is stale because it has been in review for 3 days with no activity. |
This PR is stale because it has been open for 90 days with no activity. Update this PR or it will be automatically closed in 30 days. |
Following changes are for vulnerability fixes CVE-2023-24538 , CVE-2023-29404, CVE-2023-29405
Removed few backticks (“
” -chars) and replaced with
"or
'`Re the usage of LDFLAGS variable (we use it as a regular variable in a Makefile, no special meaning, since we’re not compiling any C/C++ code as a part of operator)
Note : Testing still needs to be done