Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: bump frameworks for 3.14 #3083

Merged
merged 3 commits into from
Oct 19, 2023
Merged

chore: bump frameworks for 3.14 #3083

merged 3 commits into from
Oct 19, 2023

Conversation

sozercan
Copy link
Member

@sozercan sozercan commented Oct 19, 2023
edited

What this PR does / why we need it:

  • bumps opa to 0.57.1

Which issue(s) this PR fixes (optional, using fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when the PR gets merged):
Fixes #

Special notes for your reviewer:

@sozercan sozercan changed the title bump frameworks for 3.14 chore: bump frameworks for 3.14 Oct 19, 2023
@sozercan
bump frameworks for 3.14
8a00860 
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
@sozercan
bump oras due to test failure
c73806b 
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
@codecov-commenter
Copy link

codecov-commenter commented Oct 19, 2023
edited

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (103ae25) 52.42% compared to head (d8128f4) 52.40%.
Report is 2 commits behind head on master.

❗ Current head d8128f4 differs from pull request most recent head fb0e007. Consider uploading reports for the commit fb0e007 to get more accurate results

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #3083      +/-   ##
==========================================
- Coverage   52.42%   52.40%   -0.02%     
==========================================
  Files         134      134              
  Lines       11952    11952              
==========================================
- Hits         6266     6264       -2     
- Misses       5193     5195       +2     
  Partials      493      493
Flag Coverage Δ
unittests 52.40% <ø> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 2 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@sozercan sozercan mentioned this pull request Oct 19, 2023
Merged
@sozercan sozercan marked this pull request as ready for review October 19, 2023 18:09
@sozercan
update
fb0e007 
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
sozercan
sozercan commented Oct 19, 2023
View reviewed changes
.github/workflows/workflow.yaml
@@ -292,9 +292,6 @@ jobs:
USE_LOCAL_IMG=true \
ENABLE_GENERATOR_EXPANSION=true

go mod tidy
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we have seperate workflow for this

@sozercan sozercan added this to the v3.14.0 milestone Oct 19, 2023
ritazh
ritazh approved these changes Oct 19, 2023
View reviewed changes
Copy link
Member

@ritazh ritazh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sozercan sozercan merged commit ef1f869 into open-policy-agent:master Oct 19, 2023
15 of 16 checks passed
@sozercan sozercan deleted the bump-fwks-314 branch October 19, 2023 19:04
sozercan added a commit to sozercan/gatekeeper that referenced this pull request Oct 19, 2023
@sozercan
chore: bump frameworks for 3.14 (open-policy-agent#3083)
45e132d 
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
sozercan added a commit that referenced this pull request Oct 19, 2023
@sozercan
chore: cherry pick #3083 for release 3.14 (#3086)
9950594 
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
@a7i
Copy link

a7i commented Oct 24, 2023

Any chance this will be cherry-picked to 3.13 releases? Thanks!

CVE-2023-45142 :

The library go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp version 0.37.0 was detected in Golang binary located at /manager and is vulnerable to CVE-2023-45142, which exists in versions < 0.44.0.

@sozercan
Copy link
Member Author

@a7i can you open an issue for this please?

@a7i
Copy link

a7i commented Oct 24, 2023

https://github.com/open-policy-agent/gatekeeper/security/advisories/GHSA-9787-fhjc-pr33

Mattes83 pushed a commit to Mattes83/gatekeeper that referenced this pull request Oct 25, 2023
@sozercan @Mattes83
chore: bump frameworks for 3.14 (open-policy-agent#3083)
812c621 
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ritazh ritazh ritazh approved these changes

@maxsmythe maxsmythe Awaiting requested review from maxsmythe

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v3.14.0
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@sozercan @codecov-commenter @a7i @ritazh