Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Go to v1.23.4, golang.org/x/crypto to v0.31.0 #333

Merged
merged 4 commits into from
Dec 13, 2024
Merged

Update Go to v1.23.4, golang.org/x/crypto to v0.31.0 #333

merged 4 commits into from
Dec 13, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 12, 2024
edited by rolinh
Loading

  • Updates k8s.io/apimachinery from 0.31.4 to 0.32.0
  • Update Go to v1.23.4
  • Update golang.org/x/crypto to v0.31.0 to address CVE-2024-45337
  • Update golangci-lint to v1.62.2

@dependabot
vendor: bump the k8s-deps group with 2 updates
e847e68 
Bumps the k8s-deps group with 2 updates: [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) and [k8s.io/client-go](https://github.com/kubernetes/client-go).


Updates `k8s.io/apimachinery` from 0.31.4 to 0.32.0
- [Commits](kubernetes/apimachinery@v0.31.4...v0.32.0)

Updates `k8s.io/client-go` from 0.31.4 to 0.32.0
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.31.4...v0.32.0)

---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: k8s-deps
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: k8s-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner December 12, 2024 16:32
@dependabot dependabot bot requested review from learnitall and removed request for a team December 12, 2024 16:32
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 12, 2024
@rolinh rolinh requested review from a team as code owners December 13, 2024 07:55
@rolinh rolinh requested review from viktor-kurchenko and kaworu and removed request for a team December 13, 2024 07:55
@rolinh
bump Go to v1.23.4
e416cec 
Signed-off-by: Robin Hahling <[email protected]>
@rolinh
ci: bump golangci-lint to v1.62.2
b9b57cd 
Signed-off-by: Robin Hahling <[email protected]>
@rolinh rolinh force-pushed the dependabot/go_modules/k8s-deps-0db14436c7 branch from c21c6bf to b9b57cd Compare December 13, 2024 07:56
@rolinh
vendor: update golang.org/x/crypto to v0.31.0
a558053 
This update addresses CVE-2024-45337.

Signed-off-by: Robin Hahling <[email protected]>
@rolinh rolinh changed the title vendor: bump the k8s-deps group with 2 updates Update Go to v1.23.4, golang.org/x/crypto to v0.31.0 Dec 13, 2024
@rolinh rolinh merged commit efc5c1c into main Dec 13, 2024
2 checks passed
@rolinh rolinh deleted the dependabot/go_modules/k8s-deps-0db14436c7 branch December 13, 2024 08:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rolinh rolinh rolinh approved these changes

@learnitall learnitall Awaiting requested review from learnitall learnitall is a code owner automatically assigned from cilium/vendor

@viktor-kurchenko viktor-kurchenko Awaiting requested review from viktor-kurchenko viktor-kurchenko is a code owner automatically assigned from cilium/github-sec

@kaworu kaworu Awaiting requested review from kaworu kaworu is a code owner automatically assigned from cilium/sig-hubble

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@rolinh