Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): security update #6059

Merged
merged 1 commit into from
Feb 20, 2023

Conversation

kumahq[bot]
Copy link
Contributor

@kumahq kumahq bot commented Feb 17, 2023

Scan output:

Before update:

OSV URL (ID IN BOLD) ECOSYSTEM PACKAGE VERSION SOURCE
https://osv.dev/GO-2022-0646 Go github.com/aws/aws-sdk-go 1.44.182 go.mod
https://osv.dev/GHSA-259w-8hf6-59c2 Go github.com/containerd/containerd 1.6.15 go.mod
https://osv.dev/GO-2023-1573
https://osv.dev/GHSA-hmfx-3pcx-653p Go github.com/containerd/containerd 1.6.15 go.mod
https://osv.dev/GO-2023-1574
https://osv.dev/GHSA-vvpx-j8f3-3w6h Go golang.org/x/net 0.5.0 go.mod
https://osv.dev/GO-2023-1571

After update:

OSV URL (ID IN BOLD) ECOSYSTEM PACKAGE VERSION SOURCE
https://osv.dev/GO-2022-0646 Go github.com/aws/aws-sdk-go 1.44.182 go.mod

If a package is showing up in the scan but the script is not trying to update it then it might be in env.IGNORE_PACKAGES regex

Signed-off-by: kumahq[bot] <110050114+kumahq[bot]@users.noreply.github.com>
@kumahq kumahq bot requested a review from a team as a code owner February 17, 2023 08:24
@kumahq kumahq bot added dependencies Pull requests that update a dependency file release-1.8 labels Feb 17, 2023
@jakubdyszkiewicz jakubdyszkiewicz merged commit 6102843 into release-1.8 Feb 20, 2023
@jakubdyszkiewicz jakubdyszkiewicz deleted the chore/security-updates-release-1.8 branch February 20, 2023 11:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file release-1.8
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant