-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OCPBUGS-21829: Merge upstream #133
Conversation
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.57.0 to 1.58.2. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.57.0...v1.58.2) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…go_modules/google.golang.org/grpc-1.58.2 chore(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.10 to 1.28.0. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.27.10...v1.28.0) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…go_modules/github.com/onsi/gomega-1.28.0 chore(deps): bump github.com/onsi/gomega from 1.27.10 to 1.28.0
increase-snapshot-timeout
…ot-timeout fix: increase snapshot timeout as 20min
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.12.0 to 2.12.1. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.12.0...v2.12.1) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…go_modules/github.com/onsi/ginkgo/v2-2.12.1 chore(deps): bump github.com/onsi/ginkgo/v2 from 2.12.0 to 2.12.1
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.15.0 to 0.16.0. - [Commits](golang/net@v0.15.0...v0.16.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…-panic fix: flag panic if a flag is defined after being set
…go_modules/golang.org/x/net-0.16.0 chore(deps): bump golang.org/x/net from 0.15.0 to 0.16.0
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.12.1 to 2.13.0. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.12.1...v2.13.0) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…go_modules/github.com/onsi/ginkgo/v2-2.13.0 chore(deps): bump github.com/onsi/ginkgo/v2 from 2.12.1 to 2.13.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.16.0 to 0.17.0. - [Commits](golang/net@v0.16.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…go_modules/golang.org/x/net-0.17.0 chore(deps): bump golang.org/x/net from 0.16.0 to 0.17.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.2 to 1.58.3. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.58.2...v1.58.3) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…go_modules/google.golang.org/grpc-1.58.3 chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3
…nt_config feat: propagate default host configuration files to csi node
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.3 to 1.59.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.58.3...v1.59.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…go_modules/google.golang.org/grpc-1.59.0 chore(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0
Mitigations to CVE-2023-44487 were added to golang.org/x/net v0.17 (c4e9120) and in Go v1.20.10[1]. This PR bumps Go to v1.20 to benefit from the patches to the standard library. Aside, this patch also bump the pseudo-standard golang.org/x/... libraries to their latest available version for good measure. [1]: https://pkg.go.dev/vuln/GO-2023-2102
This change brings no changes in the current code, but asserts that potential future additions use updated versions of the dependencies.
/retest |
Bump Go and golang.org/x/... to recent versions
5df437e
to
bed85b4
Compare
@pierreprinetti: This pull request references Jira Issue OCPBUGS-21829, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
No GitHub users were found matching the public email listed for the QA contact in Jira (itbrown@redhat.com), skipping review request. The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
In general it LGTM, perhaps the deps failure could be fixed with |
Unfortunately not. EDIT: Kubernetes added a local dependency that needs replacement in every dependent package: https://github.com/kubernetes/kubernetes/blob/4b48ab1fdbdeee3568790e44bea55ea719205025/go.mod#L265 |
bed85b4
to
73c6f6b
Compare
/hold |
73c6f6b
to
566fcd0
Compare
/hold cancel |
/retest |
1 similar comment
/retest |
@pierreprinetti: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mandre, pierreprinetti The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@pierreprinetti: Jira Issue OCPBUGS-21829: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-21829 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Fix included in accepted release 4.15.0-0.nightly-2023-10-26-120535 |
[ART PR BUILD NOTIFIER] This PR has been included in build csi-driver-nfs-container-v4.15.0-202311202349.p0.g8e85ebf.assembly.stream for distgit csi-driver-nfs. |
This is a manual merge of upstream/master that resolves conflicts in
go.mod
,go.sum
andvendor/modules.txt
.