-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[0.1] Update lodash gitbook dependency to address CVE #1156
Conversation
Signed-off-by: Andy Goldstein <goldsteina@vmware.com>
@davidewatson you were the last to update this for a previous CVE. I ran |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
/hold
/test all |
/lgtm |
Vince already gave this a /lgtm... |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: davidewatson, ncdc The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
* Get updated cluster before removing finalizers (kubernetes-sigs#1173) If the cluster actuator's Delete() call updates the cluster in the apiserver, there is a possibility that in-memory cluster object in the cluster controller is now out of date. We either need to get-then-update the cluster to remove the finalizer, or we need to use patch. The version of controller-runtime we're using in release-0.1 does not support patch in its generic client, so this change adds the get-then-update logic, and wraps it inside a retry on conflict loop. Signed-off-by: Andy Goldstein <goldsteina@vmware.com> * Update lodash version to address CVE (kubernetes-sigs#1156) Signed-off-by: Andy Goldstein <goldsteina@vmware.com> * Update Netlify config for v1alpha1 subdomain (kubernetes-sigs#1176) * Release v0.1.8 (kubernetes-sigs#1183)
What this PR does / why we need it:
Update lodash version to address CVE
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Fixes #
Special notes for your reviewer:
Please confirm that if this PR changes any image versions, then that's the sole change this PR makes.
Release note: