Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release-1.3] Update go version to 1.22.12 [SECURITY] #195

Draft
wants to merge 4 commits into
base: release-1.3
Choose a base branch
from
Draft

[release-1.3] Update go version to 1.22.12 [SECURITY] #195

wants to merge 4 commits into from
+483 −160

Conversation

turkenf
Copy link
Collaborator

@turkenf turkenf commented Feb 4, 2025
edited by sergenyalcin
Loading

Description of your changes

This PR updates go.mod dependencies to fix the following:

Name Change Type Vulnerability Severity
stdlib go1.22.7 -> go1.22.12 go-module CVE-2024-45341 Medium
stdlib go1.22.7 -> go1.22.12 go-module CVE-2024-45336 Medium
stdlib go1.22.7 -> go1.22.12 go-module CVE-2025-22866 -

Also, this PR:

  • Updates build submodule and uses lint 1.61.0
  • Stops using deprecated reusable workflows and uses new ones
  • Adds go.lint.analysiskey make target for caching liters

I have:

  • Read and followed Crossplane's contribution process.
  • Run make reviewable to ensure this PR is ready for review.
  • Added backport release-x.y labels to auto-backport this PR if necessary.

How has this code been tested

@turkenf
Copy link
Collaborator Author

turkenf commented Feb 4, 2025

/test-examples="examples/conditionalaccess/v1beta2/location.yaml"

@turkenf
Copy link
Collaborator Author

turkenf commented Feb 4, 2025

/test-examples="examples/applications/v1beta1/application.yaml"

@turkenf turkenf force-pushed the go-vulnerability-fix-1.3 branch from d57c706 to cece307 Compare February 4, 2025 13:25
@turkenf
Copy link
Collaborator Author

turkenf commented Feb 4, 2025

/test-examples="examples/applications/v1beta1/application.yaml"

@turkenf
Copy link
Collaborator Author

turkenf commented Feb 4, 2025

/test-examples="examples/conditionalaccess/v1beta2/location.yaml"

@turkenf @sergenyalcin
Update build submodule and use lint 1.61.0
911a0d6 
Signed-off-by: Fatih Türken <[email protected]>
Signed-off-by: Sergen Yalçın <[email protected]>
@sergenyalcin sergenyalcin force-pushed the go-vulnerability-fix-1.3 branch from cece307 to 911a0d6 Compare February 10, 2025 14:28
@sergenyalcin sergenyalcin changed the title [release-1.3] Update go version to 1.22.11 [SECURITY] [release-1.3] Update go version to 1.22.12 [SECURITY] Feb 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ulucinar ulucinar Awaiting requested review from ulucinar ulucinar will be requested when the pull request is marked ready for review ulucinar is a code owner

@sergenyalcin sergenyalcin Awaiting requested review from sergenyalcin sergenyalcin will be requested when the pull request is marked ready for review sergenyalcin is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@turkenf @erhancagirici