Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependencies for a K8s Release and to fix CVE-2020-26160 #1877

Merged
merged 4 commits into from
Dec 15, 2022
Merged

Update dependencies for a K8s Release and to fix CVE-2020-26160 #1877

merged 4 commits into from
Dec 15, 2022

Conversation

JamesBurchell
Copy link
Contributor

@JamesBurchell JamesBurchell commented Dec 14, 2022
edited

What this PR does / why we need it:
Update dependencies
Add docs for the new version.
CVE-2020-26160 is fixed due to the github.com/dgrijalva/jwt-go package being removed.

Which issue(s) this PR fixes

@JamesBurchell JamesBurchell changed the title Fix Update dependencies to fix CVEs Dec 14, 2022
@pydctw
Copy link
Member

pydctw commented Dec 14, 2022
edited

@JamesBurchell, thanks for the PR.

Could you kindly add info about what CVEs are fixed with the PR? See #1853 for an example.
Also, please sign your commit with git commit -s.

@JamesBurchell
Update go dependencies
bbfc279 
 - Add methods for client_test.go
 - Update a deprecated method in retrieve.go

    Co-Authored By: Dave Riddle <driddle@vmware.com>

Signed-off-by: James Burchell <jburchell@vmware.com>
@JamesBurchell
Add e2e test lists
7d03a79 
    Co-Authored By: Dave Riddle <driddle@vmware.com>

Signed-off-by: James Burchell <jburchell@vmware.com>
@JamesBurchell
Add docs for v0.56.14
9b72df1 
    Co-Authored By: Dave Riddle <driddle@vmware.com>

Signed-off-by: James Burchell <jburchell@vmware.com>
@JamesBurchell
Update Sonobuoy version used in Dockerfile
e90f2d4 
    Co-Authored By: Dave Riddle <driddle@vmware.com>

Signed-off-by: James Burchell <jburchell@vmware.com>
@JamesBurchell JamesBurchell changed the title Update dependencies to fix CVEs Update dependencies for a K8s Release and to fix CVE-2020-26160 Dec 15, 2022
@JamesBurchell JamesBurchell merged commit bd5465d into main Dec 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pydctw pydctw pydctw approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Notice of K8s Release
2 participants
@JamesBurchell @pydctw