Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release-1.17] Update go version to 1.23.6 [SECURITY] #1665

Merged
merged 2 commits into from
Feb 13, 2025
Merged

[release-1.17] Update go version to 1.23.6 [SECURITY] #1665

merged 2 commits into from
Feb 13, 2025

Conversation

turkenf
Copy link
Collaborator

@turkenf turkenf commented Feb 4, 2025
edited
Loading

Description of your changes

This PR updates go.mod dependencies to fix the following:

Name Change Type Vulnerability Severity
stdlib go1.23.3 -> go1.23.6 go-module CVE-2024-45341 Medium
stdlib go1.23.3 -> go1.23.6 go-module CVE-2024-45336 Medium
stdlib go1.23.3 -> go1.23.6 go-module CVE-2025-22866 -

I have:

  • Read and followed Crossplane's contribution process.
  • Run make reviewable to ensure this PR is ready for review.
  • Added backport release-x.y labels to auto-backport this PR if necessary.

How has this code been tested

https://github.com/crossplane-contrib/provider-upjet-aws/actions/runs/13245917828

@turkenf
Copy link
Collaborator Author

turkenf commented Feb 4, 2025

/test-examples="examples/s3/v1beta2/bucket.yaml"

@turkenf
Update go version to 1.23.6
b7b8a2b 
Signed-off-by: Fatih Türken <[email protected]>
@turkenf turkenf changed the title [release-1.17] Update go version to 1.23.5 [SECURITY] [release-1.17] Update go version to 1.23.6 [SECURITY] Feb 10, 2025
@turkenf
Copy link
Collaborator Author

turkenf commented Feb 10, 2025

/test-examples="examples/s3/v1beta2/bucket.yaml"

@turkenf turkenf marked this pull request as ready for review February 10, 2025 18:28
sergenyalcin
sergenyalcin approved these changes Feb 13, 2025
View reviewed changes
Copy link
Collaborator

@sergenyalcin sergenyalcin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @turkenf LGTM!

@turkenf turkenf merged commit f5f571b into crossplane-contrib:release-1.17 Feb 13, 2025
9 checks passed
@turkenf turkenf deleted the go-vulnerability-fix-1.17 branch February 13, 2025 07:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sergenyalcin sergenyalcin sergenyalcin approved these changes

@ulucinar ulucinar Awaiting requested review from ulucinar ulucinar is a code owner

@mbbush mbbush Awaiting requested review from mbbush mbbush is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@turkenf @sergenyalcin