Skip to content

Updating link handling#31041

Merged
robertsirc merged 2 commits intohelm:release-3.17from
lrascao:backport-CVE-2025-53547
Jul 15, 2025
Merged

Updating link handling#31041
robertsirc merged 2 commits intohelm:release-3.17from
lrascao:backport-CVE-2025-53547

Conversation

@lrascao
Copy link

@lrascao lrascao commented Jul 9, 2025
edited
Loading

What this PR does / why we need it:

Backport of 4b8e610 to release-3.17 hopefully to be cut into 3.17.4

If applicable:

  • this PR contains user facing changes (the docs needed label should be applied if so)
  • this PR contains unit tests
  • this PR has been tested for backwards compatibility

@robertsirc @lrascao
Updating link handling
3663598 
Backport of helm@4b8e610

Signed-off-by: Luis Rascao <luis.rascao@gmail.com>
@pull-request-size pull-request-size bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Jul 9, 2025
@lrascao lrascao mentioned this pull request Jul 9, 2025
Closed
@kannon92 kannon92 mentioned this pull request Jul 11, 2025
Closed
@kannon92
Copy link

kannon92 commented Jul 11, 2025

This would be a really welcome change. I was trying to address this in Kueue and I realize its next to impossible to carry this to projects that depend on earlier k8s versions.

kubernetes-sigs/kueue#5916

For these branch, we have 0.32 dependencies and in order to carry this, we would have to update all of k8s.

robertsirc
robertsirc approved these changes Jul 14, 2025
View reviewed changes
Copy link
Member

@robertsirc robertsirc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@robertsirc robertsirc added the Has One Approval This PR has one approval. It still needs a second approval to be merged. label Jul 14, 2025
@lrascao
fixup! Updating link handling
0e59b9e 
Signed-off-by: Luis Rascao <luis.rascao@gmail.com>
@lrascao lrascao force-pushed the backport-CVE-2025-53547 branch from 8fef6f8 to 0e59b9e Compare July 14, 2025 14:04
@lrascao
Copy link
Author

lrascao commented Jul 14, 2025

fixed linter issue

TerryHowe
TerryHowe reviewed Jul 14, 2025
View reviewed changes
Copy link
Contributor

@TerryHowe TerryHowe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

I'd never written code in go to check for symbolic links and info.Mode()&os.ModeSymlink != 0 is pretty terrible. PR looks good though, thanks!

mattfarina
mattfarina approved these changes Jul 15, 2025
View reviewed changes
Copy link
Collaborator

@mattfarina mattfarina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@robertsirc robertsirc merged commit 595a05d into helm:release-3.17 Jul 15, 2025
2 checks passed
@lrascao lrascao deleted the backport-CVE-2025-53547 branch July 16, 2025 08:41
@lrascao
Copy link
Author

lrascao commented Jul 16, 2025

@robertsirc thanks! final step in making this available is tagging 595a05d with tag v3.17.4, is there a process i need to go through to request this?

@robertsirc
Copy link
Member

robertsirc commented Jul 16, 2025

No it's all on us.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TerryHowe TerryHowe TerryHowe left review comments

@mattfarina mattfarina mattfarina approved these changes

@robertsirc robertsirc robertsirc approved these changes

Assignees

No one assigned

Labels

Has One Approval This PR has one approval. It still needs a second approval to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@lrascao @kannon92 @robertsirc @mattfarina @TerryHowe