Skip to content

Fix trivy CVE alert for cyphar/filepath-securejoin#6333

Merged
jetstack-bot merged 1 commit intocert-manager:masterfrom
inteon:fix_securejoin_trivy
Sep 12, 2023
Merged

Fix trivy CVE alert for cyphar/filepath-securejoin#6333
jetstack-bot merged 1 commit intocert-manager:masterfrom
inteon:fix_securejoin_trivy

Conversation

@inteon
Copy link
Copy Markdown
Member

@inteon inteon commented Sep 12, 2023

@inteon
fix trivy CVE alert for cyphar/filepath-securejoin
80953b1 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
@jetstack-bot jetstack-bot added kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. release-note-none Denotes a PR that doesn't merit a release note. area/testing Issues relating to testing dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Sep 12, 2023
@inteon
Copy link
Copy Markdown
Member Author

inteon commented Sep 12, 2023
edited
Loading

/cherry-pick release-1.12

@jetstack-bot
Copy link
Copy Markdown
Contributor

jetstack-bot commented Sep 12, 2023

@inteon: once the present PR merges, I will cherry-pick it on top of release-1.12 in a new PR and assign it to you.

Details

In response to this:

/cherry-pick release-1.12
/cherry-pick release-1.13

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@inteon
Copy link
Copy Markdown
Member Author

inteon commented Sep 12, 2023

/cherry-pick release-1.13

@jetstack-bot
Copy link
Copy Markdown
Contributor

jetstack-bot commented Sep 12, 2023

@inteon: once the present PR merges, I will cherry-pick it on top of release-1.13 in a new PR and assign it to you.

Details

In response to this:

/cherry-pick release-1.13

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@maelvls
Copy link
Copy Markdown
Member

maelvls commented Sep 12, 2023

/lgtm
/approve

@jetstack-bot jetstack-bot added the lgtm Indicates that a PR is ready to be merged. label Sep 12, 2023
@jetstack-bot
Copy link
Copy Markdown
Contributor

jetstack-bot commented Sep 12, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: maelvls

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jetstack-bot jetstack-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 12, 2023
@jetstack-bot jetstack-bot merged commit 02590d2 into cert-manager:master Sep 12, 2023
@jetstack-bot
Copy link
Copy Markdown
Contributor

jetstack-bot commented Sep 12, 2023

@inteon: #6333 failed to apply on top of branch "release-1.12":

Applying: fix trivy CVE alert for cyphar/filepath-securejoin
Using index info to reconstruct a base tree...
M	cmd/ctl/LICENSES
M	cmd/ctl/go.mod
M	cmd/ctl/go.sum
M	test/integration/LICENSES
M	test/integration/go.mod
M	test/integration/go.sum
Falling back to patching base and 3-way merge...
Auto-merging test/integration/go.sum
Auto-merging test/integration/go.mod
CONFLICT (content): Merge conflict in test/integration/go.mod
Auto-merging test/integration/LICENSES
CONFLICT (content): Merge conflict in test/integration/LICENSES
Auto-merging cmd/ctl/go.sum
Auto-merging cmd/ctl/go.mod
CONFLICT (content): Merge conflict in cmd/ctl/go.mod
Auto-merging cmd/ctl/LICENSES
CONFLICT (content): Merge conflict in cmd/ctl/LICENSES
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 fix trivy CVE alert for cyphar/filepath-securejoin
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".
Details

In response to this:

/cherry-pick release-1.12

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@jetstack-bot jetstack-bot mentioned this pull request Sep 12, 2023
Merged
@jetstack-bot
Copy link
Copy Markdown
Contributor

jetstack-bot commented Sep 12, 2023

@inteon: new pull request created: #6335

Details

In response to this:

/cherry-pick release-1.13

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

This was referenced Sep 12, 2023
Closed
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. area/testing Issues relating to testing dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm Indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@inteon @jetstack-bot @maelvls