-
Notifications
You must be signed in to change notification settings - Fork 74
Commit
…ions of https://github.com/go-git/go-git less than version v5.11 Presently assisted-installer depends on this library due to the following dependency chain. (#655) github.com/containers/image/v5@v5.20.0 depends on github.com/sylabs/sif/v2@v2.3.2 github.com/sylabs/sif/v2@v2.3.2 depends on github.com/sylabs/release-tools@v0.1.0 github.com/sylabs/release-tools@v0.1.0 depends on github.com/go-git/go-git/v5@v5.4.2 From v2.5.0 github.com/sylabs/sif no longer depends on github.com/sylabs/release-tools@v0.1.0 The solution in this PR is as follows: github.com/containers/image/v5@v5.21.1 is the closest revision we can upgrade to that uses github.com/sylabs/sif/v2 > v2.5.0 thus removing the go-git dependency altogether and resolving both CVEs.
- Loading branch information
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.