We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A library used by the KEDA operator should be updated to remove any doubt about whether its security defect could affect KEDA. https://discuss.hashicorp.com/t/hcsec-2024-12-go-retryablehttp-can-leak-basic-auth-credentials-to-log-files/68027
Update github.com/hashicorp/go-retryablehttp to v0.7.7
$ git grep go-retryablehttp go.mod go.mod: github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
$ git grep go-retryablehttp go.mod go.mod: github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
git grep go-retryablehttp go.mod
No response
2.14.0
1.29
Red Hat OpenShift
The library in question appears to only be used by the New Relic scaler.
The text was updated successfully, but these errors were encountered:
Successfully merging a pull request may close this issue.
Report
A library used by the KEDA operator should be updated to remove any doubt about whether its security defect could affect KEDA.
https://discuss.hashicorp.com/t/hcsec-2024-12-go-retryablehttp-can-leak-basic-auth-credentials-to-log-files/68027
Update github.com/hashicorp/go-retryablehttp to v0.7.7
Expected Behavior
Actual Behavior
Steps to Reproduce the Problem
git grep go-retryablehttp go.mod
Logs from KEDA operator
No response
KEDA Version
2.14.0
Kubernetes Version
1.29
Platform
Red Hat OpenShift
Scaler Details
No response
Anything else?
The library in question appears to only be used by the New Relic scaler.
The text was updated successfully, but these errors were encountered: