Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.1 to 1.6.0 to fix CVE #13197

Merged
merged 7 commits into from
Jun 17, 2024
Merged

fix(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.1 to 1.6.0 to fix CVE #13197

merged 7 commits into from
Jun 17, 2024

Conversation

yulin-li
Copy link
Contributor

@yulin-li yulin-li commented Jun 17, 2024
edited by agilgur5
Loading

Fixes GHSA-m5vv-6r4h-3vj9
Supersedes / Closes #13167

Motivation

Modifications

  • bump up github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.1 to 1.6.0
  • fix lint error due to github.com/stretchr/testify/http is deprecated.
  • update .golangci.yml to fix warnings

Verification

Yulin Li and others added 4 commits June 17, 2024 14:14
@yulin-li yulin-li force-pushed the yulin/GHSA-m5vv-6r4h-3vj9 branch from 2def2b7 to 611f53c Compare June 17, 2024 06:14
@yulin-li yulin-li mentioned this pull request Jun 17, 2024
Closed
Yulin Li added 2 commits June 17, 2024 14:41
fix unit tests
681fc00 
Signed-off-by: Yulin Li <[email protected]>
fix lint
b2fe6e2 
Signed-off-by: Yulin Li <[email protected]>
@agilgur5 agilgur5 self-assigned this Jun 17, 2024
@agilgur5 agilgur5 added type/dependencies PRs and issues specific to updating dependencies go Pull requests that update Go dependencies type/security Security related labels Jun 17, 2024
@agilgur5 agilgur5 changed the title fix(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from… fix(deps): bump azure-sdk-for-go/sdk/azidentity from 1.5.1 to 1.6.0 to fix CVE Jun 17, 2024
@agilgur5 agilgur5 changed the title fix(deps): bump azure-sdk-for-go/sdk/azidentity from 1.5.1 to 1.6.0 to fix CVE fix(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.1 to 1.6.0 to fix CVE Jun 17, 2024
agilgur5
agilgur5 approved these changes Jun 17, 2024
View reviewed changes
Copy link

@agilgur5 agilgur5 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for fixing the lint issues/refactoring some code to make this mergeable!

@agilgur5 agilgur5 merged commit 824cf99 into argoproj:main Jun 17, 2024
31 checks passed
@agilgur5 agilgur5 added this to the v3.5.x patches milestone Jun 17, 2024
agilgur5 pushed a commit that referenced this pull request Jun 17, 2024
@yulin-li
fix(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity fr…
d138911 
…om 1.5.1 to 1.6.0 to fix CVE (#13197)

Signed-off-by: Yulin Li <[email protected]>
Co-authored-by: Anton Gilgur <[email protected]>
(cherry picked from commit 824cf99)
@yulin-li yulin-li deleted the yulin/GHSA-m5vv-6r4h-3vj9 branch June 18, 2024 02:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@agilgur5 agilgur5 agilgur5 approved these changes

Assignees

@agilgur5 agilgur5

Labels
go Pull requests that update Go dependencies type/dependencies PRs and issues specific to updating dependencies type/security Security related
Projects
None yet
Milestone
v3.5.x patches
Development

Successfully merging this pull request may close these issues.
4 participants
@yulin-li @agilgur5 @jiachengxu @juliev0