Skip to content

[release-1.12] bump go-jose to fix CVE alert#7109

Merged
cert-manager-prow[bot] merged 1 commit into
cert-manager:release-1.12from
inteon:release-1.12_jose
Jun 19, 2024
Merged

[release-1.12] bump go-jose to fix CVE alert#7109
cert-manager-prow[bot] merged 1 commit into
cert-manager:release-1.12from
inteon:release-1.12_jose

Conversation

@inteon

@inteon inteon commented Jun 19, 2024

Copy link
Copy Markdown
Member

Bumps github.com/hashicorp/vault/api from v1.9.1 to v1.9.2
And replaces gopkg.in/square/go-jose.v2 v2.6.0 // indirect with github.com/go-jose/go-jose/v3 v3.0.3 // indirect

Kind

/kind cleanup

Release Note

Upgrade go-jose library to fix CVE-2024-28180 trivy alert.

@inteon
bump go-jose to fix CVE alert
c4e87aa 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
@cert-manager-prow cert-manager-prow Bot added kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. release-note Denotes a PR that will be considered when it comes time to generate release notes. dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. area/testing Issues relating to testing size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jun 19, 2024
@maelvls

maelvls commented Jun 19, 2024

Copy link
Copy Markdown
Member

/approve
/lgtm

@cert-manager-prow cert-manager-prow Bot added the lgtm Indicates that a PR is ready to be merged. label Jun 19, 2024
@cert-manager-prow

cert-manager-prow Bot commented Jun 19, 2024

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: maelvls

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@cert-manager-prow cert-manager-prow Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 19, 2024
@cert-manager-prow cert-manager-prow Bot merged commit 2db1070 into cert-manager:release-1.12 Jun 19, 2024
@SgtCoDFish SgtCoDFish mentioned this pull request Mar 5, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. area/testing Issues relating to testing dco-signoff: yes Indicates that all commits in the pull request have the valid DCO sign-off message. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@inteon @maelvls