Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolve xnet package CVE-2023-45288 #629

Merged
merged 1 commit into from
Apr 19, 2024
Merged

Resolve xnet package CVE-2023-45288 #629

merged 1 commit into from
Apr 19, 2024

Conversation

DharmitD
Copy link
Member

@DharmitD DharmitD commented Apr 19, 2024
edited
Loading

The issue resolved by this Pull Request:

Resolves https://issues.redhat.com/browse/RHOAIENG-5450

Description of your changes:

Resolves this High Level CVE in go.mod

Testing instructions

Imported my fork in synk and made sure the relevant CVEs were fixed with this update.

Updated package versions locally based on what versions are compatible with each other and ran go mod tidy.
Ran go build locally to make sure no errors were introduced due to any breaking changes arising from package version upgrades.
Pushed changes to my fork and ensured the CVEs were resolved.

Checklist

  • The commits are squashed in a cohesive manner and have meaningful messages.
  • Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
  • The developer has manually tested the changes and verified that the changes work

hbelmiro
hbelmiro reviewed Apr 19, 2024
View reviewed changes
Copy link
Contributor

@hbelmiro hbelmiro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Apr 19, 2024
@dsp-developers
Copy link
Contributor

A new image has been built to help with testing out this PR: quay.io/opendatahub/data-science-pipelines-operator:pr-629
An OCP cluster where you are logged in as cluster admin is required.

To use this image run the following:

cd $(mktemp -d)
git clone git@github.com:opendatahub-io/data-science-pipelines-operator.git
cd data-science-pipelines-operator/
git fetch origin pull/629/head
git checkout -b pullrequest d2c710cbece9b01252e9845c8233a62c7f8d43f1
oc new-project opendatahub
make deploy IMG="quay.io/opendatahub/data-science-pipelines-operator:pr-629"

More instructions here on how to deploy and test a Data Science Pipelines Application.

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Apr 19, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: gmfrasca

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit 88282d9 into opendatahub-io:main Apr 19, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hbelmiro hbelmiro hbelmiro left review comments

@gmfrasca gmfrasca gmfrasca approved these changes

@HumairAK HumairAK Awaiting requested review from HumairAK

Assignees

@hbelmiro hbelmiro

@gmfrasca gmfrasca

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@DharmitD @dsp-developers @hbelmiro @gmfrasca