Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(go.mod): fix dependabot alerts #1333

Merged
merged 1 commit into from
Apr 6, 2023
Merged

chore(go.mod): fix dependabot alerts #1333

merged 1 commit into from
Apr 6, 2023

Conversation

andaaron
Copy link
Contributor

@andaaron andaaron commented Apr 5, 2023
edited

upgrade to github.com/aws/aws-sdk-go@v1.44.236
upgrade to github.com/aquasecurity/trivy@v0.38.3
upgrade to oras.land/oras-go@v1.2.3
upgrade to github.com/google/go-containerregistry@v0.14.0 upgrade to github.com/moby/buildkit@v0.11.4

Note we can't switch to trivy 0.39.0 as well as some other updates because they would also require upgrade of cosign to v2 with breaking api changes

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@andaaron
chore(go.mod): fix dependabot alerts
cb3b3ee 
upgrade to github.com/aws/aws-sdk-go@v1.44.237
upgrade to github.com/aquasecurity/trivy@v0.38.3
upgrade to oras.land/oras-go@v1.2.3
upgrade to github.com/google/go-containerregistry@v0.14.0
upgrade to github.com/moby/buildkit@v0.11.4

Note we can't switch to trivy 0.39.0 as well as some other updates
because they would also require upgrade of cosign to v2 with
breaking api changes

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
@andaaron andaaron marked this pull request as ready for review April 5, 2023 22:05
@andaaron andaaron changed the title chose(go.mod): fix dependabot alerts chore(go.mod): fix dependabot alerts Apr 5, 2023
@codecov
Copy link

codecov bot commented Apr 5, 2023
edited

Codecov Report

Merging #1333 (d62600d) into main (d9173e3) will increase coverage by 0.06%.
The diff coverage is 100.00%.

❗ Current head d62600d differs from pull request most recent head cb3b3ee. Consider uploading reports for the commit cb3b3ee to get more accurate results

@@            Coverage Diff             @@
##             main    #1333      +/-   ##
==========================================
+ Coverage   90.41%   90.47%   +0.06%     
==========================================
  Files          97       97              
  Lines       21336    21336              
==========================================
+ Hits        19291    19304      +13     
+ Misses       1529     1518      -11     
+ Partials      516      514       -2
Impacted Files Coverage Δ
pkg/extensions/search/cve/trivy/scanner.go 98.59% <100.00%> (ø)

... and 2 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

rchincha
rchincha approved these changes Apr 6, 2023
View reviewed changes
Copy link
Contributor

@rchincha rchincha left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@rchincha rchincha merged commit 06bd8a8 into project-zot:main Apr 6, 2023
26 of 27 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rchincha rchincha rchincha approved these changes

@shimish2 shimish2 Awaiting requested review from shimish2 shimish2 is a code owner

@peusebiu peusebiu Awaiting requested review from peusebiu peusebiu is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@andaaron @rchincha