Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix code scanning alert - Log entries created from user input #126

Closed
1 task done
mazay opened this issue Feb 27, 2022 · 0 comments
Closed
1 task done

Fix code scanning alert - Log entries created from user input #126

mazay opened this issue Feb 27, 2022 · 0 comments

Comments

@mazay
Copy link
Owner

mazay commented Feb 27, 2022

Tracking issue for:

mazay added a commit that referenced this issue Feb 27, 2022
@mazay mazay closed this as completed Feb 27, 2022
@mazay mazay reopened this Feb 27, 2022
@mazay mazay closed this as completed Feb 27, 2022
mazay added a commit that referenced this issue Feb 27, 2022
mazay added a commit that referenced this issue Mar 4, 2022
* target dependabot PR to devel branch

* Bump golang from 1.17.6-alpine3.15 to 1.17.7-alpine3.15 (#118)

Bumps golang from 1.17.6-alpine3.15 to 1.17.7-alpine3.15.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yevgeniy Valeyev <[email protected]>

* Bump k8s.io/client-go from 0.19.3 to 0.23.4 (#119)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.19.3 to 0.23.4.
- [Release notes](https://github.com/kubernetes/client-go/releases)
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.19.3...v0.23.4)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yevgeniy Valeyev <[email protected]>

* Codecov (#125)

* target dependabot PR to devel branch (#124)

* Don’t limit codecov to PRs

* sanitise URL string in the log, fixes #126

* use request URI in log

* Bump github.com/aws/aws-sdk-go from 1.35.5 to 1.43.8 (#128)

* Bump github.com/aws/aws-sdk-go from 1.43.8 to 1.43.9 (#129)

* Bump github.com/aws/aws-sdk-go from 1.43.9 to 1.43.10 (#130)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.9 to 1.43.10.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](aws/aws-sdk-go@v1.43.9...v1.43.10)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.43.10 to 1.43.11 (#131)

* run codeql on PRs and schedule

* security fix for golang/go#51112

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
mazay added a commit that referenced this issue Mar 5, 2022
* target dependabot PR to devel branch

* Bump golang from 1.17.6-alpine3.15 to 1.17.7-alpine3.15 (#118)

Bumps golang from 1.17.6-alpine3.15 to 1.17.7-alpine3.15.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yevgeniy Valeyev <[email protected]>

* Bump k8s.io/client-go from 0.19.3 to 0.23.4 (#119)

Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.19.3 to 0.23.4.
- [Release notes](https://github.com/kubernetes/client-go/releases)
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](kubernetes/client-go@v0.19.3...v0.23.4)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yevgeniy Valeyev <[email protected]>

* Codecov (#125)

* target dependabot PR to devel branch (#124)

* Don’t limit codecov to PRs

* sanitise URL string in the log, fixes #126

* use request URI in log

* Bump github.com/aws/aws-sdk-go from 1.35.5 to 1.43.8 (#128)

* Bump github.com/aws/aws-sdk-go from 1.43.8 to 1.43.9 (#129)

* Bump github.com/aws/aws-sdk-go from 1.43.9 to 1.43.10 (#130)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.9 to 1.43.10.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](aws/aws-sdk-go@v1.43.9...v1.43.10)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.43.10 to 1.43.11 (#131)

* run codeql on PRs and schedule

* security fix for golang/go#51112

* validate k8s response status before parsing config, fixes #113

* use helm-docs

* minor docs and chart update

* update only read the docs file

* update doc

* retire chart release notes

* bump appVersion

* bumpd appVersion

* update aio manifest

* adjust build triggers

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant