Skip to content

NO-ISSUE: [bot] Bump openshift/prometheus to v3.11.3#317

Merged
openshift-merge-bot[bot] merged 11 commits into
openshift:mainfrom
rhobs:automated-updates-main
May 21, 2026
Merged

NO-ISSUE: [bot] Bump openshift/prometheus to v3.11.3#317
openshift-merge-bot[bot] merged 11 commits into
openshift:mainfrom
rhobs:automated-updates-main

Conversation

@openshift-monitoring-bot
Copy link
Copy Markdown

@openshift-monitoring-bot openshift-monitoring-bot Bot commented May 21, 2026

Description

This is an automated version bump from CI.
The logs for this run can be found in the syncbot repo actions.

roidelapluie and others added 11 commits April 27, 2026 12:02
@roidelapluie
remote: validate snappy decoded length before allocation in read endp…
3273935 
…oint

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
@roidelapluie
remote/azuread: use Secret type for OAuth client_secret
5ccebcd 
The ClientSecret field in OAuthConfig was typed as plain string,
causing it to be exposed in plaintext via the /-/config HTTP endpoint.
Change it to config_util.Secret so Prometheus redacts it as <secret>.

Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
@juliusv @roidelapluie
ui: fix stored XSS in old UI heatmap chart tick labels
38f23b9 
This fixes the stored XSS as described in:

GHSA-fw8g-cg8f-9j28

Signed-off-by: Julius Volz <julius.volz@gmail.com>
Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
@roidelapluie
Merge pull request prometheus#18584 from roidelapluie/roidelapluie/sn…
04055ee 
…appylength

remote: validate snappy decoded length before allocation in read endpoint
@roidelapluie
Merge pull request prometheus#18588 from roidelapluie/roidelapluie/re…
ecbde5f 
…act-escape

ui: fix stored XSS in old UI heatmap chart tick labels
@roidelapluie
Merge pull request prometheus#18590 from roidelapluie/roidelapluie/az…
26dae7f 
…adsecret

remote/azuread: use Secret type for OAuth client_secret
@roidelapluie
Release 3.11.3
5ba3545 
Signed-off-by: Julien Pivotto <291750+roidelapluie@users.noreply.github.com>
@roidelapluie
Merge pull request prometheus#18594 from roidelapluie/roidelapluie/cu…
eb173f5 
…t-rel-3.11.3

Release 3.11.3
@github-actions
Merge tag 'refs/tags/v3.11.3'
a94a11f 
v3.11.3

# -----BEGIN SSH SIGNATURE-----
# U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAg7hZ9qUTtuIC3orQMCoP9dIliYw
# hkXEErIk8NfCGjCBAAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
# AAAAQBd7WKj+uO3t/DCRKZyKY29W8i7YIf0RAtZEUnbZIiVPK/bcDuI5MkkV+mGDqS3d47
# Sl3hOPraLpxNfXZLu8owo=
# -----END SSH SIGNATURE-----
# gpg verification failed.
@github-actions
[bot] assets: generate
54c006d 
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@github-actions
[bot] update rh-manifest.txt
5b14200 
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@openshift-ci openshift-ci Bot requested review from jan--f and marioferh May 21, 2026 07:27
simonpasquier
simonpasquier reviewed May 21, 2026
View reviewed changes
Copy link
Copy Markdown

@simonpasquier simonpasquier left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve
/lgtm
/retitle NO-ISSUE: [bot] Bump openshift/prometheus to v3.11.3

@openshift-ci openshift-ci Bot changed the title [bot] Bump openshift/prometheus to v3.11.3 NO-ISSUE: [bot] Bump openshift/prometheus to v3.11.3 May 21, 2026
@openshift-ci-robot
Copy link
Copy Markdown

openshift-ci-robot commented May 21, 2026

@openshift-monitoring-bot[bot]: This pull request explicitly references no jira issue.

Details

In response to this:

Description

This is an automated version bump from CI.
The logs for this run can be found in the syncbot repo actions.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label May 21, 2026
@openshift-ci openshift-ci Bot added the lgtm Indicates that a PR is ready to be merged. label May 21, 2026
@openshift-ci
Copy link
Copy Markdown

openshift-ci Bot commented May 21, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: openshift-monitoring-bot[bot], simonpasquier

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 21, 2026
@simonpasquier
Copy link
Copy Markdown

simonpasquier commented May 21, 2026

/verified by tests

@openshift-ci-robot openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label May 21, 2026
@openshift-ci-robot
Copy link
Copy Markdown

openshift-ci-robot commented May 21, 2026

@simonpasquier: This PR has been marked as verified by tests.

Details

In response to this:

/verified by tests

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@simonpasquier
Copy link
Copy Markdown

simonpasquier commented May 21, 2026

/retest-required

@openshift-ci
Copy link
Copy Markdown

openshift-ci Bot commented May 21, 2026

@openshift-monitoring-bot[bot]: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@openshift-merge-bot openshift-merge-bot Bot merged commit eda74b4 into openshift:main May 21, 2026
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@simonpasquier simonpasquier simonpasquier left review comments

@jan--f jan--f Awaiting requested review from jan--f

@marioferh marioferh Awaiting requested review from marioferh

Assignees

@simonpasquier simonpasquier

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. verified Signifies that the PR passed pre-merge verification criteria

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@openshift-ci-robot @simonpasquier @roidelapluie @juliusv