Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Backport of security: update go version to 1.20.4 into release/1.13.x #17243

Merged
merged 17 commits into from
May 9, 2023
Merged

Backport of security: update go version to 1.20.4 into release/1.13.x #17243

merged 17 commits into from
May 9, 2023

Conversation

hc-github-team-consul-core
Copy link
Contributor

Backport

This PR is auto-generated from #17240 to be assessed for backporting due to the inclusion of the label backport/1.13.

WARNING automatic cherry-pick of commits failed. Commits will require human attention.

merge conflict error: POST https://api.github.com/repos/hashicorp/consul/merges: 409 Merge conflict []

The below text is copied from the body of the original PR.

Changes proposed in this PR:

Resolves CVES: GHSA-fp86-2355-v99r, GHSA-v4m2-x4rp-hv22, GHSA-8v5j-pwr7-w5f8, GHSA-9f7g-gqwh-jpf5, plus additional CVEs resolved with Go 1.19.9.
Resolves dependabot PRs hashicorp/consul-k8s#2096, hashicorp/consul-k8s#1987, hashicorp/consul-k8s#1986

PR Checklist

  • external facing docs updated
  • appropriate backport labels added
Overview of commits

@hc-github-team-consul-core hc-github-team-consul-core force-pushed the backport/jm/NET-3781/sharply-probable-sawfly branch 2 times, most recently from 9a9e453 to d62d175 Compare May 8, 2023 17:57
@hashicorp-cla
Copy link

hashicorp-cla commented May 8, 2023
edited
Loading

CLA assistant check

Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement

Learn more about why HashiCorp requires a CLA and what the CLA includes

3 out of 4 committers have signed the CLA.

  • kschoche
  • DanStough
  • jmurret
  • temp

temp seems not to be a GitHub user.
You need a GitHub account to be able to sign the CLA. If you already have a GitHub account, please add the email address used for this commit to your account.

Have you signed the CLA already but the status is still pending? Recheck it.

github-team-consul-core-pr-approver
github-team-consul-core-pr-approver approved these changes May 8, 2023
View reviewed changes
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Auto approved Consul Bot automated PR

jmurret and others added 3 commits May 8, 2023 12:00
@jmurret
security: update go version to 1.20.4 (#17240)
97cc167 
* update go version to 1.20.3

* add changelog

* rename changelog file to remove underscore

* update to use 1.20.4

* update change log entry to reflect 1.20.4
@jmurret
upgrading to 1.20
3be6236
@DanStough @jmurret
[OSS] security: update go to 1.20.1 (#16263)
51c62ee 
* security: update go to 1.20.1
@jmurret jmurret marked this pull request as ready for review May 8, 2023 19:08
@jmurret jmurret requested a review from a team May 8, 2023 19:08
@jmurret jmurret requested a review from a team as a code owner May 8, 2023 19:08
@jmurret jmurret requested review from smacfarlane and jeanneryan and removed request for a team May 8, 2023 19:08
@jmurret jmurret enabled auto-merge (squash) May 8, 2023 19:08
jmurret and others added 7 commits May 8, 2023 13:13
@jmurret
fixing auto_config_endpoint_test that was merged incorrectly
f0dfa9e
@jmurret
go mod tidy
66de455
@jmurret
fixing auto_config_endpoint_test that was merged incorrectly
3a3ed39
@jmurret
updating linter to 1.51.1
9819278
@jmurret
go mod tidy on api
5901523
@jmurret
go mod tidy
a4687e1
@kschoche @jmurret
removes ioutil usage everywhere which was deprecated in go1.16 (#15297)
052952c 
* update go version to 1.18 for api and sdk, go mod tidy
* removes ioutil usage everywhere which was deprecated in go1.16 in favour of io and os packages. Also introduces a lint rule which forbids use of ioutil going forward.
Co-authored-by: R.B. Boyer <4903+rboyer@users.noreply.github.com>
@jmurret jmurret force-pushed the backport/jm/NET-3781/sharply-probable-sawfly branch from 11a60d9 to 052952c Compare May 8, 2023 22:58
@jmurret jmurret disabled auto-merge May 9, 2023 16:46
@jmurret jmurret merged commit f4b321c into release/1.13.x May 9, 2023
@jmurret jmurret deleted the backport/jm/NET-3781/sharply-probable-sawfly branch May 9, 2023 16:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-team-consul-core-pr-approver github-team-consul-core-pr-approver github-team-consul-core-pr-approver approved these changes

@jmurret jmurret Awaiting requested review from jmurret

@smacfarlane smacfarlane Awaiting requested review from smacfarlane

@jeanneryan jeanneryan Awaiting requested review from jeanneryan

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@hc-github-team-consul-core @hashicorp-cla @github-team-consul-core-pr-approver @jmurret @DanStough @kschoche