-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade go.mod package versions #210
Upgrade go.mod package versions #210
Conversation
f9df218
to
3be7f77
Compare
3be7f77
to
8399a2f
Compare
golang.org/x/net v0.17.0 => golang.org/x/net v0.23.0 | ||
golang.org/x/net v0.21.0 => golang.org/x/net v0.23.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
at some point we should figure out why we're requiring v0.17.0 and v0.21.0 just to replace with v0.23.0
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1, these could be combined into one statement replacing 0.17.0 with 0.23.0.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
snyk created a CVE for 0.21.0 version, when I added only one statement to replace 0.17.0 with 0.23.0.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
/hold, investigating backend integration test failure |
/unhold, lgtm |
Description of your changes:
Resolves RHOAIENG-7309
Implemented fixes on my fork and imported in my personal snyk account and made sure CVEs are eliminated. Also updated the license CSVs.
Checklist: