Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cve: update go-jose package to 4.0.2 (PROJQUAY-6850) #1008

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

cve: update go-jose package to 4.0.2 (PROJQUAY-6850) #1008

wants to merge 1 commit into from

Conversation

Marcusk19
Copy link

Changes dependency for github.com/quay/config-tool to github.com/quay/quay/config-tool. The current config-tool dependency is archived and is now located in the quay monorepo.

Updates the go-jose dependency to 4.0.2 as a result due to this update in the github.com/quay/quay/config-tool package. Should address CVE-2024-28180

@Marcusk19
Copy link
Author

/retest

2 similar comments
@Marcusk19
Copy link
Author

/retest

@Marcusk19
Copy link
Author

/retest

jonathankingfc
jonathankingfc approved these changes Dec 3, 2024
View reviewed changes
Copy link
Collaborator

@jonathankingfc jonathankingfc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@deshpandevlab
Copy link
Contributor

ocp tests are failing with 503 status from apps.openshift. Could it have to do with the updated go module?

@Marcusk19
Copy link
Author

@deshpandevlab which test are you referring to? if it's the ocp-latest-e2e @jonathankingfc was telling me how it's a flakey one

@Marcusk19
Copy link
Author

/retest

@deshpandevlab
Copy link
Contributor

/test ocp-latest-e2e

@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Dec 4, 2024

@Marcusk19: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/ocp-latest-e2e 84c8346 link true /test ocp-latest-e2e

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonathankingfc jonathankingfc jonathankingfc approved these changes

@deshpandevlab deshpandevlab Awaiting requested review from deshpandevlab

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Marcusk19 @deshpandevlab @jonathankingfc