Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri… #2013

Merged
merged 14 commits into from Mar 5, 2023
Merged

Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri… #2013

merged 14 commits into from Mar 5, 2023

Conversation

miguelborges99
Copy link
Contributor

@miguelborges99 miguelborges99 commented Feb 12, 2023
edited

Description

Upgrade alpine and dependencies

Motivation and Context

Provide the latest CVE fixes and solve issue #1929

How Has This Been Tested?

Under test

Checklist:

  • My change requires a change to the documentation or CHANGELOG.
  • I have updated the documentation/CHANGELOG accordingly.
  • I have created a feature (non-master) branch for my PR.

Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri…
6f0bb86 
…tten in code & updates versions due to fixed CVEs
@miguelborges99 miguelborges99 requested a review from a team as a code owner February 12, 2023 22:44
JoelSpeed
JoelSpeed previously approved these changes Feb 13, 2023
View reviewed changes
Copy link
Member

@JoelSpeed JoelSpeed left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks

@JoelSpeed
Copy link
Member

Could you please resolve the conflicts and add a changelog and then we can merge this

HoKim98 and others added 6 commits February 20, 2023 10:21
@HoKim98
Fix a typo in oauthproxy.go (oauth2-proxy#2021)
2faa91e
@trel
fix typo (oauth2-proxy#2001)
f204625
Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri…
280b8e4 
…tten in code & updates versions due to fixed CVEs
Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri…
ce4a31e 
…tten in code & updates versions due to fixed CVEs
Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri…
8f3b9c2 
…tten in code & updates versions due to fixed CVEs
Merge remote-tracking branch 'origin/feature/Oauth2-proxy_v7_4_0_is_n…
bdc1127 
…ot_using_alpine_3_16_as_it_is_written_in_code' into feature/Oauth2-proxy_v7_4_0_is_not_using_alpine_3_16_as_it_is_written_in_code

# Conflicts:
#	go.mod
#	go.sum
Nuno Borges added 3 commits February 26, 2023 23:08
Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri…
72e8762 
…tten in code & updates versions due to fixed CVEs
Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri…
902f610 
…tten in code & updates versions due to fixed CVEs
Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri…
1daaeef 
…tten in code & updates versions due to fixed CVEs
@miguelborges99
Copy link
Contributor Author

Could you please resolve the conflicts and add a changelog and then we can merge this

Conflits were solved. Sorry, for the time it took, I was rather busy.

Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri…
087cd85 
…tten in code & updates versions due to fixed CVEs
JoelSpeed
JoelSpeed approved these changes Mar 5, 2023
View reviewed changes
Copy link
Member

@JoelSpeed JoelSpeed left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, thanks!

@JoelSpeed JoelSpeed merged commit e079c60 into oauth2-proxy:master Mar 5, 2023
@JoelSpeed JoelSpeed mentioned this pull request Mar 5, 2023
Closed
2 tasks
JoelSpeed
JoelSpeed reviewed Mar 5, 2023
View reviewed changes
CHANGELOG.md
@@ -907,6 +907,7 @@ N/A
- `-bitbucket-team` Restrict authorization to users that are part of this Bitbucket team
- [#211](https://github.com/oauth2-proxy/oauth2-proxy/pull/211) Switch from dep to go modules (@steakunderscore)
- [#145](https://github.com/oauth2-proxy/oauth2-proxy/pull/145) Add support for OIDC UserInfo endpoint email verification (@rtluckie)
- [#2013](https://github.com/oauth2-proxy/oauth2-proxy/pull/2013) Upgrade alpine to version 3.17.2 and library dependencies (@miguelborges99)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops, this was in the wrong place, will need to move that up to the top

@JoelSpeed JoelSpeed mentioned this pull request Mar 5, 2023
Closed
@whiskeysierra whiskeysierra mentioned this pull request Mar 16, 2023
Closed
@tolleiv tolleiv mentioned this pull request Mar 27, 2023
Closed
@miguelborges99 miguelborges99 deleted the feature/Oauth2-proxy_v7_4_0_is_not_using_alpine_3_16_as_it_is_written_in_code branch April 7, 2023 17:38
imranshifa pushed a commit to imranshifa/oauth2-proxy that referenced this pull request Apr 19, 2023
@miguelborges99 @jeroenlandheer
@ryuichi1208 @HoKim98 @trel
Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is wri… (
0455b11 
oauth2-proxy#2013)

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Fixes CVE-2022-41721 (oauth2-proxy#1994)

See: https://avd.aquasec.com/nvd/2022/cve-2022-41717/

* update checkout actions (oauth2-proxy#1981)

* Fix a typo in oauthproxy.go (oauth2-proxy#2021)

* fix typo (oauth2-proxy#2001)

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

* Issue 1929: Oauth2-proxy v7.4.0 is not using alpine:3.16 as it is written in code & updates versions due to fixed CVEs

---------

Co-authored-by: Nuno Borges <Nuno.Borges@ctw.bmwgroup.com>
Co-authored-by: Jeroen Landheer <jlandheer@bintelligence.nl>
Co-authored-by: Ryuichi Watanabe <ryucrosskey@gmail.com>
Co-authored-by: Ho Kim <ho.kim@ulagbulag.io>
Co-authored-by: Terrell Russell <terrellrussell@gmail.com>
@XtremeOwnageDotCom XtremeOwnageDotCom mentioned this pull request Apr 22, 2023
Closed
10 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JoelSpeed JoelSpeed JoelSpeed approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@miguelborges99 @JoelSpeed @jeroenlandheer @ryuichi1208 @HoKim98 @trel