Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update helm dependency to address vulnerability #110

Merged
merged 1 commit into from
Aug 4, 2021
Merged

Update helm dependency to address vulnerability #110

merged 1 commit into from
Aug 4, 2021

Conversation

hasheddan
Copy link
Contributor

Description of your changes

Updates the helm depdendency to address vulnerability where user
credentials are passed to chart archives on different domains than the
index.yaml that refers to them.

This vulnerability should not impact up, but we update to consume the
fix regardless.

Signed-off-by: hasheddan georgedanielmangum@gmail.com

I have:

  • Read and followed Upbound's contribution process.
  • Run make reviewable to ensure this PR is ready for review.
  • Added backport release-x.y labels to auto-backport this PR, as appropriate.

How has this code been tested

Rebuilt and tested functionality that exercises our helm integration, such as up uxp install / up uxp uninstall/ etc.

@hasheddan
Update helm dependency to address vulnerability
7952b81 
Updates the helm depdendency to address vulnerability where user
credentials are passed to chart archives on different domains than the
index.yaml that refers to them.

This vulnerability should not impact up, but we update to consume the
fix regardless.

Signed-off-by: hasheddan <georgedanielmangum@gmail.com>
@hasheddan hasheddan merged commit 37baf05 into upbound:main Aug 4, 2021
@github-actions github-actions bot mentioned this pull request Aug 4, 2021
Merged
@github-actions
Copy link

github-actions bot commented Aug 4, 2021

Successfully created backport PR #111 for release-0.4.

@hasheddan hasheddan self-assigned this Aug 4, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thephred thephred thephred approved these changes

@turkenh turkenh Awaiting requested review from turkenh

@AaronME AaronME Awaiting requested review from AaronME

Assignees

@hasheddan hasheddan

Labels
backport release-0.4 size/XS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hasheddan @thephred