Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade dependencies #1602

Merged
merged 1 commit into from
May 15, 2023
Merged

Upgrade dependencies #1602

merged 1 commit into from
May 15, 2023

Conversation

torredil
Copy link
Member

What is this PR about? / Why do we need it?

Upgrade dependencies ahead of v1.19.0

@k8s-ci-robot k8s-ci-robot requested review from ConnorJC3 and hanyuel May 15, 2023 19:10
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels May 15, 2023
ConnorJC3
ConnorJC3 approved these changes May 15, 2023
View reviewed changes
Copy link
Contributor

@ConnorJC3 ConnorJC3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@k8s-ci-robot k8s-ci-robot added lgtm "Looks good to me", indicates that a PR is ready to be merged. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels May 15, 2023
@torredil
Copy link
Member Author

/retest

@torredil torredil force-pushed the upgrade-deps-119 branch from 4fa6124 to 8f60a57 Compare May 15, 2023 19:34
@k8s-ci-robot k8s-ci-robot added needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. and removed lgtm "Looks good to me", indicates that a PR is ready to be merged. labels May 15, 2023
@torredil torredil force-pushed the upgrade-deps-119 branch from 8f60a57 to ac82df1 Compare May 15, 2023 19:41
@k8s-ci-robot k8s-ci-robot added size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels May 15, 2023
@torredil torredil force-pushed the upgrade-deps-119 branch from ac82df1 to c8c2ded Compare May 15, 2023 19:45
@k8s-ci-robot k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label May 15, 2023
@torredil torredil force-pushed the upgrade-deps-119 branch from c8c2ded to 4e0f3fa Compare May 15, 2023 19:46
ConnorJC3
ConnorJC3 approved these changes May 15, 2023
View reviewed changes
Copy link
Contributor

@ConnorJC3 ConnorJC3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 15, 2023
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ConnorJC3

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ConnorJC3
Copy link
Contributor

/hold

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label May 15, 2023
@torredil torredil force-pushed the upgrade-deps-119 branch from 4e0f3fa to f9b7bdd Compare May 15, 2023 20:07
@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 15, 2023
@torredil torredil force-pushed the upgrade-deps-119 branch from f9b7bdd to d566f66 Compare May 15, 2023 20:14
@ConnorJC3
Copy link
Contributor

/remove-hold

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label May 15, 2023
@torredil
Upgrade dependencies
d9bb971 
Signed-off-by: Eddie Torres <[email protected]>
@torredil torredil force-pushed the upgrade-deps-119 branch from d566f66 to d9bb971 Compare May 15, 2023 20:40
@torredil
Copy link
Member Author

/retest

@ConnorJC3
Copy link
Contributor

/skip

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 15, 2023
@k8s-ci-robot k8s-ci-robot merged commit a0ec0da into kubernetes-sigs:master May 15, 2023
mpatlasov added a commit to mpatlasov/aws-ebs-csi-driver that referenced this pull request Aug 24, 2023
@mpatlasov
UPSTREAM: <drop>: Bump goproxy to resolve CVE-2023-37788 (OCPBUGS-16491)
e603291 
The patch to be dropped on the nearest CSI driver rebase (upstream aws-ebs CSI driver does not depend on goproxy since v1.19.0).
The PR removing goproxy deps upstream: kubernetes-sigs#1602

The content of this patch resulted from:
```
$ go get -u github.com/elazarl/goproxy@f99041a5c0273fcf6a144498b458a630585872f; go mod tidy; go mod vendor
```
where `f99041a5c` is commit-id corresponding to elazarl/goproxy#507 which resolved CVE-2023-37788
@mpatlasov mpatlasov mentioned this pull request Aug 24, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ConnorJC3 ConnorJC3 ConnorJC3 approved these changes

@hanyuel hanyuel Awaiting requested review from hanyuel

Assignees

@ConnorJC3 ConnorJC3

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@torredil @k8s-ci-robot @ConnorJC3