Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Bump google.golang.org/grpc from 1.50.1 to 1.53.0 #620

Merged
merged 1 commit into from
Jul 10, 2023
Merged

chore(deps): Bump google.golang.org/grpc from 1.50.1 to 1.53.0 #620

merged 1 commit into from
Jul 10, 2023

Conversation

0xFelix
Copy link
Member

@0xFelix 0xFelix commented Jul 6, 2023
edited
Loading

What this PR does / why we need it:

Bump dependency to fix CVE-2023-32731

See #619

Release note:

None

@0xFelix
chore(deps): Bump google.golang.org/grpc from 1.50.1 to 1.53.0
819afa4 
Bump dependency to fix CVE-2023-32731

Signed-off-by: Felix Matouschek <fmatouschek@redhat.com>
@kubevirt-bot kubevirt-bot added release-note-none Denotes a PR that doesn't merit a release note. dco-signoff: yes Indicates the PR's author has DCO signed all their commits. size/XXL labels Jul 6, 2023
@kubevirt-bot kubevirt-bot requested review from akrejcir and ksimon1 July 6, 2023 08:47
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jul 6, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@lyarwood
Copy link
Member

lyarwood commented Jul 6, 2023

/approve

@kubevirt-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lyarwood

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@kubevirt-bot kubevirt-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 6, 2023
@0xFelix
Copy link
Member Author

0xFelix commented Jul 7, 2023

/retest-required

@codingben
Copy link
Member

/lgtm

Why dependabot didn't work? it bumped that also in #619.

@kubevirt-bot kubevirt-bot added the lgtm Indicates that a PR is ready to be merged. label Jul 7, 2023
@jcanocan
Copy link
Contributor

jcanocan commented Jul 7, 2023

/lgtm

@0xFelix
Copy link
Member Author

0xFelix commented Jul 7, 2023

Why dependabot didn't work? it bumped that also in #619.

It also changed the kubevirt.io/ssp-operator/api import which I wanted to avoid.

@ksimon1
Copy link
Member

ksimon1 commented Jul 10, 2023

/retest

@kubevirt-bot kubevirt-bot merged commit d5e6990 into kubevirt:main Jul 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akrejcir akrejcir Awaiting requested review from akrejcir

@ksimon1 ksimon1 Awaiting requested review from ksimon1

Assignees

@codingben codingben

@jcanocan jcanocan

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates the PR's author has DCO signed all their commits. lgtm Indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/XXL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@0xFelix @lyarwood @kubevirt-bot @codingben @jcanocan @ksimon1