[Snyk] Security upgrade golang from 1.15.1 to 1.23rc1

[adriengentil]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix 4 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

• vendor/github.com/go-gormigrate/gormigrate/v2/Dockerfile

We recommend upgrading to golang:1.23rc1, as this image has only 89 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Resource Exhaustion SNYK-DEBIAN10-NGHTTP2-5953390	829
	CVE-2023-26604 SNYK-DEBIAN10-SYSTEMD-3339153	786
	CVE-2023-26604 SNYK-DEBIAN10-SYSTEMD-3339153	786
	Link Following SNYK-DEBIAN10-GIT-6846202	714
	Out-of-bounds Read SNYK-DEBIAN10-LIBBSD-541041	714

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Resource Exhaustion

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: adriengentil

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [adriengentil]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 68.43%. Comparing base (b7116f3) to head (88383a6).
Report is 1 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #6534   +/-   ##
=======================================
  Coverage   68.43%   68.43%           
=======================================
  Files         247      247           
  Lines       36416    36416           
=======================================
+ Hits        24920    24921    +1     
  Misses       9290     9290           
+ Partials     2206     2205    -1     

see 2 files with indirect coverage changes

[openshift-ci]

@adriengentil: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[carbonin]

/hold

@adriengentil I saw you asked about this already, but should we just close this?

[adriengentil]

closing because it tries update deps inside vendor/ dir