OCPBUGS-6447: bump golang/x/net to v0.4.0 for CVE-2022-41717

[awgreene]

The fix for golang/go#56350 has been included in the v0.4.0 release.

This PR bumps the version of golang/x/net to v0.4.0 to pick up the CVE fix.

Cherry-picked from an upstream PR: operator-framework/rukpak#605

[openshift-ci-robot]

@awgreene: This pull request references Jira Issue OCPBUGS-6447, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target version (4.13.0) matches configured target version for branch (4.13.0)
• bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @xiaojiey

The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

The fix for golang/go#56350 has been included in the v0.4.0 release.

This PR bumps the version of golang/x/net to v0.4.0 to pick up the CVE fix.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci-robot]

@awgreene: This pull request references Jira Issue OCPBUGS-6447, which is valid.

3 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target version (4.13.0) matches configured target version for branch (4.13.0)
• bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @xiaojiey

In response to this:

The fix for golang/go#56350 has been included in the v0.4.0 release.

This PR bumps the version of golang/x/net to v0.4.0 to pick up the CVE fix.

Cherry-picked from an upstream PR: operator-framework/rukpak#605

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[awgreene]

/approve

[awgreene]

/retest

[awgreene]

/retest

[ankitathomas]

/retest

[tmshort]

Did not review a vendor updates.
/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: awgreene, tmshort

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [awgreene]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@awgreene: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e	7a03bef	link	false	/test e2e

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[openshift-ci-robot]

@awgreene: All pull requests linked via external trackers have merged:

• openshift/operator-framework-rukpak#17

Jira Issue OCPBUGS-6447 has been moved to the MODIFIED state.

In response to this:

The fix for golang/go#56350 has been included in the v0.4.0 release.

This PR bumps the version of golang/x/net to v0.4.0 to pick up the CVE fix.

Cherry-picked from an upstream PR: operator-framework/rukpak#605

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.