OCPBUGS-51243: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 #318

anik120 · 2025-04-16T19:01:51Z

Bumps github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5.

updated-dependencies:

dependency-name: github.com/go-jose/go-jose/v4 dependency-type: indirect
...

Signed-off-by: dependabot[bot] support@github.com
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

openshift-ci-robot · 2025-04-16T19:01:59Z

@anik120: This pull request references Jira Issue OCPBUGS-51241, which is invalid:

release note text must be set and not match the template OR release note type must be set to "Release Note Not Required". For more information you can reference the OpenShift Bug Process.
expected Jira Issue OCPBUGS-51241 to depend on a bug targeting a version in 4.19.0 and in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but no dependents were found

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

This pull request references Jira Issue OCPBUGS-51243, which is invalid:

release note text must be set and not match the template OR release note type must be set to "Release Note Not Required". For more information you can reference the OpenShift Bug Process.
expected Jira Issue OCPBUGS-51243 to depend on a bug targeting a version in 4.19.0 and in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but no dependents were found

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

Bumps github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5.

Release notes

Changelog

Commits

updated-dependencies:

dependency-name: github.com/go-jose/go-jose/v4 dependency-type: indirect
...

Signed-off-by: dependabot[bot] support@github.com
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

anik120 · 2025-04-16T19:07:42Z

/jira refresh

openshift-ci-robot · 2025-04-16T19:07:55Z

@anik120: This pull request references Jira Issue OCPBUGS-51241, which is valid. The bug has been moved to the POST state.

7 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target version (4.18.z) matches configured target version for branch (4.18.z)
bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)
release note type set to "Release Note Not Required"
dependent bug Jira Issue OCPBUGS-52928 is in the state Verified, which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA))
dependent Jira Issue OCPBUGS-52928 targets the "4.19.0" version, which is one of the valid target versions: 4.19.0
bug has dependents

No GitHub users were found matching the public email listed for the QA contact in Jira (bandrade@redhat.com), skipping review request.

This pull request references Jira Issue OCPBUGS-51243, which is valid. The bug has been moved to the POST state.

7 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target version (4.18.z) matches configured target version for branch (4.18.z)
bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)
release note type set to "Release Note Not Required"
dependent bug Jira Issue OCPBUGS-52929 is in the state Verified, which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA))
dependent Jira Issue OCPBUGS-52929 targets the "4.19.0" version, which is one of the valid target versions: 4.19.0
bug has dependents

No GitHub users were found matching the public email listed for the QA contact in Jira (bandrade@redhat.com), skipping review request.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.0.4 to 4.0.5. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md) - [Commits](go-jose/go-jose@v4.0.4...v4.0.5) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

anik120 · 2025-04-17T14:10:10Z

/test openshift-e2e-aws

grokspawn · 2025-04-17T14:18:28Z

/approve

openshift-ci · 2025-04-17T14:18:45Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: anik120, grokspawn

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

~~DOWNSTREAM_OWNERS~~ [grokspawn]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

oceanc80 · 2025-04-17T14:23:13Z

/label backport-risk-assessed

openshift-ci · 2025-04-17T17:09:38Z

@anik120: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

bandrade · 2025-04-17T17:25:43Z

/label cherry-pick-approved

openshift-ci-robot · 2025-04-17T17:29:50Z

@anik120: Jira Issue OCPBUGS-51241: All pull requests linked via external trackers have merged:

openshift/operator-framework-operator-controller#318

Jira Issue OCPBUGS-51241 has been moved to the MODIFIED state.

Jira Issue OCPBUGS-51243: All pull requests linked via external trackers have merged:

openshift/operator-framework-operator-controller#318

Jira Issue OCPBUGS-51243 has been moved to the MODIFIED state.

In response to this:

Bumps github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5.

Release notes

Changelog

Commits

updated-dependencies:

dependency-name: github.com/go-jose/go-jose/v4 dependency-type: indirect
...

Signed-off-by: dependabot[bot] support@github.com
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-bot · 2025-04-17T18:52:50Z

[ART PR BUILD NOTIFIER]

Distgit: ose-olm-operator-controller
This PR has been included in build ose-olm-operator-controller-container-v4.18.0-202504171804.p0.g9d64235.assembly.stream.el9.
All builds following this will include this PR.

anik120 · 2025-04-29T13:58:03Z

/retitle OCPBUGS-51243: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5

since openshift/operator-framework-catalogd#138 is doing the backport for catalogd for 4.18

openshift-ci-robot · 2025-04-29T13:58:34Z

@anik120: Jira Issue OCPBUGS-51243 is in an unrecognized state (Verified) and will not be moved to the MODIFIED state.

In response to this:

Bumps github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5.

Release notes

Changelog

Commits

updated-dependencies:

dependency-name: github.com/go-jose/go-jose/v4 dependency-type: indirect
...

Signed-off-by: dependabot[bot] support@github.com
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci bot requested review from ankitathomas and kevinrizza April 16, 2025 19:02

openshift-ci-robot added jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. and removed jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Apr 16, 2025

anik120 force-pushed the release-4.18-CVE-2025-27144 branch from c4c8722 to fdc1f56 Compare April 16, 2025 19:09

anik120 changed the title ~~OCPBUGS-51241,OCPBUGS-51243: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 (#1805)~~ OCPBUGS-51241,OCPBUGS-51243: UPSTREAM: <drop>: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 (#1805) Apr 16, 2025

anik120 changed the title ~~OCPBUGS-51241,OCPBUGS-51243: UPSTREAM: <drop>: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 (#1805)~~ OCPBUGS-51241,OCPBUGS-51243: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 (#1805) Apr 16, 2025

anik120 force-pushed the release-4.18-CVE-2025-27144 branch from fdc1f56 to 6e86cbd Compare April 16, 2025 19:18

anik120 changed the title ~~OCPBUGS-51241,OCPBUGS-51243: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 (#1805)~~ OCPBUGS-51241,OCPBUGS-51243: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 Apr 16, 2025

grokspawn approved these changes Apr 17, 2025

View reviewed changes

openshift-ci bot assigned grokspawn Apr 17, 2025

openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Apr 17, 2025

openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 17, 2025

openshift-ci bot added the backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. label Apr 17, 2025

openshift-ci bot assigned bandrade, emmajiafan, jianzhangbjz, KeenonLee and kuiwang02 Apr 17, 2025

openshift-ci bot assigned Xia-Zhao-rh Apr 17, 2025

openshift-ci bot added the cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. label Apr 17, 2025

openshift-merge-bot bot merged commit 9d64235 into openshift:release-4.18 Apr 17, 2025
9 checks passed

openshift-ci bot changed the title ~~OCPBUGS-51241,OCPBUGS-51243: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5~~ OCPBUGS-51243: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 Apr 29, 2025

OCPBUGS-51243: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 #318

OCPBUGS-51243: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 #318

Uh oh!

Conversation

anik120 commented Apr 16, 2025

Uh oh!

openshift-ci-robot commented Apr 16, 2025

Uh oh!

anik120 commented Apr 16, 2025

Uh oh!

openshift-ci-robot commented Apr 16, 2025

Uh oh!

anik120 commented Apr 17, 2025

Uh oh!

grokspawn commented Apr 17, 2025

Uh oh!

openshift-ci bot commented Apr 17, 2025

Uh oh!

oceanc80 commented Apr 17, 2025

Uh oh!

openshift-ci bot commented Apr 17, 2025

Uh oh!

bandrade commented Apr 17, 2025

Uh oh!

Uh oh!

openshift-ci-robot commented Apr 17, 2025

Uh oh!

openshift-bot commented Apr 17, 2025

Uh oh!

anik120 commented Apr 29, 2025

Uh oh!

openshift-ci-robot commented Apr 29, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

11 participants