Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

depandabot fix #98

Merged
merged 2 commits into from
Jan 2, 2025
Merged

depandabot fix #98

merged 2 commits into from
Jan 2, 2025

Conversation

gilltaran
Copy link
Contributor

@gilltaran gilltaran commented Dec 30, 2024
edited
Loading

Description

golang.org/x/net pkg update for Non-linear parsing of case-insensitive content in golang.org/x/net/html

GitHub Issues

List the GitHub issues impacted by this PR:

GitHub Issue #
dell/csm#1559

Checklist:

  • I have performed a self-review of my own code to ensure there are no formatting, vetting, linting, or security issues
  • I have verified that new and existing unit tests pass locally with my changes
  • I have not allowed coverage numbers to degenerate
  • I have maintained at least 90% code coverage
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my fix is effective or that my feature works
  • Backward compatibility is not broken

How Has This Been Tested?

Verified in Trivy scan this vulnerability is not coming after the fix

@suryagupta4
Copy link
Contributor

@gilltaran: pkg update also needs to be done in test/integration-test/go.mod for https://github.com/dell/csi-volumegroup-snapshotter/security/dependabot/40

@gilltaran
Copy link
Contributor Author

@gilltaran: pkg update also needs to be done in test/integration-test/go.mod for Non-linear parsing of case-insensitive content in golang.org/x/net/html

Done @suryagupta4

@AkshaySainiDell AkshaySainiDell merged commit 9826acb into main Jan 2, 2025
6 checks passed
@AkshaySainiDell AkshaySainiDell deleted the depandabot-issue branch January 2, 2025 04:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AkshaySainiDell AkshaySainiDell AkshaySainiDell approved these changes

@suryagupta4 suryagupta4 suryagupta4 approved these changes

@ashleyvjoy ashleyvjoy ashleyvjoy approved these changes

@abhi16394 abhi16394 Awaiting requested review from abhi16394 abhi16394 is a code owner

@adarsh-dell adarsh-dell Awaiting requested review from adarsh-dell adarsh-dell is a code owner

@anathoodell anathoodell Awaiting requested review from anathoodell anathoodell is a code owner

@bharathsreekanth bharathsreekanth Awaiting requested review from bharathsreekanth bharathsreekanth is a code owner

@ChristianAtDell ChristianAtDell Awaiting requested review from ChristianAtDell ChristianAtDell is a code owner

@gallacher gallacher Awaiting requested review from gallacher gallacher is a code owner

@JacobGros JacobGros Awaiting requested review from JacobGros JacobGros is a code owner

@jooseppi-luna jooseppi-luna Awaiting requested review from jooseppi-luna jooseppi-luna is a code owner

@mjsdell mjsdell Awaiting requested review from mjsdell mjsdell is a code owner

@harishp8889 harishp8889 Awaiting requested review from harishp8889 harishp8889 is a code owner

@alikdell alikdell Awaiting requested review from alikdell alikdell is a code owner

@atye atye Awaiting requested review from atye atye is a code owner

@shaynafinocchiaro shaynafinocchiaro Awaiting requested review from shaynafinocchiaro shaynafinocchiaro is a code owner

@xuluna xuluna Awaiting requested review from xuluna xuluna is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@gilltaran @suryagupta4 @AkshaySainiDell @ashleyvjoy