upgrade to go 1.20.4 #5299
Merged
upgrade to go 1.20.4 #5299
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 2 commits
April 28, 2023 11:35
friedrichg
requested changes
May 3, 2023
There was a problem hiding this comment.
Thanks for the contribution.
We need to move to 1.20.4 already, See https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved
Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com> Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com>
|
Thanks for doing this. One of the maintainer will need to build the changes in this PR, and push new version of build image to quay.io. I will try to see if I can do it tomorrow :-) |
|
thanks a lot 🙏 |
Signed-off-by: Alvin Lin <alvinlin123@gmail.com>
Signed-off-by: Alvin Lin <alvinlin123@gmail.com>
alvinlin123
reviewed
May 4, 2023
friedrichg
approved these changes
May 5, 2023
Signed-off-by: Alvin Lin <alvinlin123@gmail.com>
|
hey there 👋 |
|
I think it make sense to do a 1.15.2 release for the CVE. I will try to find time to do it this or next week. |
alvinlin123
added a commit
to alvinlin123/cortex
that referenced
this pull request
May 9, 2023
* upgrade to go 1.20.3 * align on pr name ? * Update build-image/Dockerfile Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com> Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> * Update test-build-deploy.yml with build image tag Signed-off-by: Alvin Lin <alvinlin123@gmail.com> * Update Makefile Signed-off-by: Alvin Lin <alvinlin123@gmail.com> * Remove python-request and python-yaml in build-image/Dockerfile Signed-off-by: Alvin Lin <alvinlin123@gmail.com> --------- Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Signed-off-by: Alvin Lin <alvinlin123@gmail.com> Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com> Co-authored-by: Alvin Lin <alvinlin123@gmail.com>
yeya24
pushed a commit
that referenced
this pull request
May 9, 2023
* upgrade to go 1.20.3 * align on pr name ? * Update build-image/Dockerfile * Update test-build-deploy.yml with build image tag * Update Makefile * Remove python-request and python-yaml in build-image/Dockerfile --------- Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Signed-off-by: Alvin Lin <alvinlin123@gmail.com> Co-authored-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com>
This was referenced May 10, 2023
Closed
|
thanks 🙏 |
friedrichg
added a commit
that referenced
this pull request
Nov 7, 2023
* upgrade to go 1.20.4 (#5299) (#5331) * upgrade to go 1.20.3 * align on pr name ? * Update build-image/Dockerfile * Update test-build-deploy.yml with build image tag * Update Makefile * Remove python-request and python-yaml in build-image/Dockerfile --------- Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Signed-off-by: Alvin Lin <alvinlin123@gmail.com> Co-authored-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com> * Release and bump version to 1.15.2 (#5336) * Bump version to 1.15.2 Signed-off-by: Alvin Lin <alvinlin123@gmail.com> * Add entry to change log for 1.15.2 release Signed-off-by: Alvin Lin <alvinlin123@gmail.com> --------- Signed-off-by: Alvin Lin <alvinlin123@gmail.com> * Release 1.15 (#5423) * Do not reuse remote write requests in case of error (#5422) * Do not reuse remote write requests in case of error Signed-off-by: Alan Protasio <alanprot@gmail.com> * Changelog Signed-off-by: Alan Protasio <alanprot@gmail.com> --------- Signed-off-by: Alan Protasio <alanprot@gmail.com> * Release and bump version to 1.15.3 Signed-off-by: Alan Protasio <alanprot@gmail.com> * Fix Changelog Signed-off-by: Alan Protasio <alanprot@gmail.com> --------- Signed-off-by: Alan Protasio <alanprot@gmail.com> --------- Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Signed-off-by: Alvin Lin <alvinlin123@gmail.com> Signed-off-by: Alan Protasio <alanprot@gmail.com> Signed-off-by: Ben Ye <benye@amazon.com> Co-authored-by: Alvin Lin <alvinlin@amazon.com> Co-authored-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com> Co-authored-by: Alan Protasio <approtas@amazon.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does:
if it's not the proper way to do this,
just let me know
Bump the go version to remove some CVEs detected by our scans.
go version : 1.20.1, solved in 1.20.3
CVE-2023-24538 / critical
CVE-2023-24536 / high
CVE-2023-24537 / high
CVE-2023-24534 / high
Which issue(s) this PR fixes:
Nonw
Checklist
CHANGELOG.mdupdated - the order of entries should be[CHANGE],[FEATURE],[ENHANCEMENT],[BUGFIX]