Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11 #16581

Merged
merged 5 commits into from
Dec 8, 2023
Merged

chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11 #16581

merged 5 commits into from
Dec 8, 2023

Conversation

reegnz
Copy link
Contributor

@reegnz reegnz commented Dec 8, 2023

Fixes some vulnerabilities trivy is reporting on (not necessarily
vulnerabe, trivy tends to have a lot of false positives when it comes to
golang projects):

Signed-off-by: Zoltán Reegn zoltan.reegn@gmail.com

Checklist:

  • Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
  • The title of the PR states what changed and the related issues number (used for the release note).
  • The title of the PR conforms to the Toolchain Guide
  • I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
  • I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
  • Does this PR require documentation updates?
  • I've updated documentation as required by this PR.
  • I have signed off all my commits as required by DCO
  • I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
  • My build is green (troubleshooting builds).
  • My new feature complies with the feature status guidelines.
  • I have added a brief description of why this PR is necessary and/or what this PR solves.
  • Optional. My organization is added to USERS.md.
  • Optional. For bug fixes, I've indicated what older releases this fix should be cherry-picked into (this may or may not happen depending on risk/complexity).

@reegnz
chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11
7fdfcef 
Fixes some vulnerabilities trivy is reporting on (not necessarily
vulnerabe, trivy tends to have a lot of false positives when it comes to
golang projects):

* CVE-2023-3676
* CVE-2023-3955
* CVE-2023-5528
* CVE-2023-2431
* CVE-2023-2727
* CVE-2023-2728

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>
@reegnz reegnz requested a review from a team as a code owner December 8, 2023 14:52
@crenshaw-dev
Copy link
Member

@reegnz thanks for the PR! Looks like it needs a go mod tidy.

@reegnz
Copy link
Contributor Author

reegnz commented Dec 8, 2023

@crenshaw-dev done.

@reegnz
go mod tidy
eaa8967 
Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>
@reegnz reegnz force-pushed the cve_upgrade_kubernetes branch from a7ce81c to eaa8967 Compare December 8, 2023 17:25
@codecov Codecov
Copy link

codecov bot commented Dec 8, 2023
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (f67dcac) 49.49% compared to head (c160be1) 49.49%.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master   #16581      +/-   ##
==========================================
- Coverage   49.49%   49.49%   -0.01%     
==========================================
  Files         270      270              
  Lines       47488    47488              
==========================================
- Hits        23506    23505       -1     
- Misses      21671    21672       +1     
  Partials     2311     2311

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@reegnz
Add go mod tidy to kubernetes updater script
d5ae878 
Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>
@reegnz reegnz force-pushed the cve_upgrade_kubernetes branch from 8e3f928 to d5ae878 Compare December 8, 2023 18:54
crenshaw-dev
crenshaw-dev approved these changes Dec 8, 2023
View reviewed changes
Copy link
Member

@crenshaw-dev crenshaw-dev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @reegnz!

@crenshaw-dev crenshaw-dev merged commit a761a49 into argoproj:master Dec 8, 2023
25 checks passed
@reegnz reegnz deleted the cve_upgrade_kubernetes branch December 11, 2023 09:08
vladfr pushed a commit to vladfr/argo-cd that referenced this pull request Dec 13, 2023
@reegnz @vladfr
chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11 (argopr…
9fbd085 
…oj#16581)

* chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11

Fixes some vulnerabilities trivy is reporting on (not necessarily
vulnerabe, trivy tends to have a lot of false positives when it comes to
golang projects):

* CVE-2023-3676
* CVE-2023-3955
* CVE-2023-5528
* CVE-2023-2431
* CVE-2023-2727
* CVE-2023-2728

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

* go mod tidy

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

* Add go mod tidy to kubernetes updater script

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

---------

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>
tesla59 pushed a commit to tesla59/argo-cd that referenced this pull request Dec 16, 2023
@reegnz @tesla59
chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11 (argopr…
2fef88d 
…oj#16581)

* chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11

Fixes some vulnerabilities trivy is reporting on (not necessarily
vulnerabe, trivy tends to have a lot of false positives when it comes to
golang projects):

* CVE-2023-3676
* CVE-2023-3955
* CVE-2023-5528
* CVE-2023-2431
* CVE-2023-2727
* CVE-2023-2728

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

* go mod tidy

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

* Add go mod tidy to kubernetes updater script

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

---------

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>
JulienFuix pushed a commit to JulienFuix/argo-cd that referenced this pull request Feb 6, 2024
@reegnz
chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11 (argopr…
14611b8 
…oj#16581)

* chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11

Fixes some vulnerabilities trivy is reporting on (not necessarily
vulnerabe, trivy tends to have a lot of false positives when it comes to
golang projects):

* CVE-2023-3676
* CVE-2023-3955
* CVE-2023-5528
* CVE-2023-2431
* CVE-2023-2727
* CVE-2023-2728

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

* go mod tidy

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

* Add go mod tidy to kubernetes updater script

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

---------

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>
lyda pushed a commit to lyda/argo-cd that referenced this pull request Mar 28, 2024
@reegnz @lyda
chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11 (argopr…
9ab259f 
…oj#16581)

* chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11

Fixes some vulnerabilities trivy is reporting on (not necessarily
vulnerabe, trivy tends to have a lot of false positives when it comes to
golang projects):

* CVE-2023-3676
* CVE-2023-3955
* CVE-2023-5528
* CVE-2023-2431
* CVE-2023-2727
* CVE-2023-2728

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

* go mod tidy

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

* Add go mod tidy to kubernetes updater script

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

---------

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>
Signed-off-by: Kevin Lyda <kevin@lyda.ie>
Hariharasuthan99 pushed a commit to AmadeusITGroup/argo-cd that referenced this pull request Jun 16, 2024
@reegnz @Hariharasuthan99
chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11 (argopr…
239d87a 
…oj#16581)

* chore: upgrade kubernetes dependencies from 0.26.4 to 0.26.11

Fixes some vulnerabilities trivy is reporting on (not necessarily
vulnerabe, trivy tends to have a lot of false positives when it comes to
golang projects):

* CVE-2023-3676
* CVE-2023-3955
* CVE-2023-5528
* CVE-2023-2431
* CVE-2023-2727
* CVE-2023-2728

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

* go mod tidy

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

* Add go mod tidy to kubernetes updater script

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>

---------

Signed-off-by: Zoltán Reegn <zoltan.reegn@gmail.com>
@mkilchhofer mkilchhofer mentioned this pull request Oct 14, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crenshaw-dev crenshaw-dev crenshaw-dev approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@reegnz @crenshaw-dev