-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix code scanning alert - Log entries created from user input #126
Comments
mazay
added a commit
that referenced
this issue
Feb 27, 2022
mazay
added a commit
that referenced
this issue
Feb 27, 2022
mazay
added a commit
that referenced
this issue
Mar 4, 2022
* target dependabot PR to devel branch * Bump golang from 1.17.6-alpine3.15 to 1.17.7-alpine3.15 (#118) Bumps golang from 1.17.6-alpine3.15 to 1.17.7-alpine3.15. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yevgeniy Valeyev <[email protected]> * Bump k8s.io/client-go from 0.19.3 to 0.23.4 (#119) Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.19.3 to 0.23.4. - [Release notes](https://github.com/kubernetes/client-go/releases) - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.19.3...v0.23.4) --- updated-dependencies: - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yevgeniy Valeyev <[email protected]> * Codecov (#125) * target dependabot PR to devel branch (#124) * Don’t limit codecov to PRs * sanitise URL string in the log, fixes #126 * use request URI in log * Bump github.com/aws/aws-sdk-go from 1.35.5 to 1.43.8 (#128) * Bump github.com/aws/aws-sdk-go from 1.43.8 to 1.43.9 (#129) * Bump github.com/aws/aws-sdk-go from 1.43.9 to 1.43.10 (#130) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.9 to 1.43.10. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md) - [Commits](aws/aws-sdk-go@v1.43.9...v1.43.10) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go from 1.43.10 to 1.43.11 (#131) * run codeql on PRs and schedule * security fix for golang/go#51112 Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
mazay
added a commit
that referenced
this issue
Mar 5, 2022
* target dependabot PR to devel branch * Bump golang from 1.17.6-alpine3.15 to 1.17.7-alpine3.15 (#118) Bumps golang from 1.17.6-alpine3.15 to 1.17.7-alpine3.15. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yevgeniy Valeyev <[email protected]> * Bump k8s.io/client-go from 0.19.3 to 0.23.4 (#119) Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.19.3 to 0.23.4. - [Release notes](https://github.com/kubernetes/client-go/releases) - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](kubernetes/client-go@v0.19.3...v0.23.4) --- updated-dependencies: - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yevgeniy Valeyev <[email protected]> * Codecov (#125) * target dependabot PR to devel branch (#124) * Don’t limit codecov to PRs * sanitise URL string in the log, fixes #126 * use request URI in log * Bump github.com/aws/aws-sdk-go from 1.35.5 to 1.43.8 (#128) * Bump github.com/aws/aws-sdk-go from 1.43.8 to 1.43.9 (#129) * Bump github.com/aws/aws-sdk-go from 1.43.9 to 1.43.10 (#130) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.9 to 1.43.10. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md) - [Commits](aws/aws-sdk-go@v1.43.9...v1.43.10) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go from 1.43.10 to 1.43.11 (#131) * run codeql on PRs and schedule * security fix for golang/go#51112 * validate k8s response status before parsing config, fixes #113 * use helm-docs * minor docs and chart update * update only read the docs file * update doc * retire chart release notes * bump appVersion * bumpd appVersion * update aio manifest * adjust build triggers Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Tracking issue for:
The text was updated successfully, but these errors were encountered: