-
Notifications
You must be signed in to change notification settings - Fork 781
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
upgrade to go 1.20.4 #5299
upgrade to go 1.20.4 #5299
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the contribution.
We need to move to 1.20.4 already, See https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved
Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com> Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com>
Thanks for doing this. One of the maintainer will need to build the changes in this PR, and push new version of build image to quay.io. I will try to see if I can do it tomorrow :-) |
thanks a lot 🙏 |
Signed-off-by: Alvin Lin <alvinlin123@gmail.com>
Signed-off-by: Alvin Lin <alvinlin123@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM but do remove python stuff from Dockerfile
Signed-off-by: Alvin Lin <alvinlin123@gmail.com>
hey there 👋 |
I think it make sense to do a 1.15.2 release for the CVE. I will try to find time to do it this or next week. |
* upgrade to go 1.20.3 * align on pr name ? * Update build-image/Dockerfile Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com> Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> * Update test-build-deploy.yml with build image tag Signed-off-by: Alvin Lin <alvinlin123@gmail.com> * Update Makefile Signed-off-by: Alvin Lin <alvinlin123@gmail.com> * Remove python-request and python-yaml in build-image/Dockerfile Signed-off-by: Alvin Lin <alvinlin123@gmail.com> --------- Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Signed-off-by: Alvin Lin <alvinlin123@gmail.com> Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com> Co-authored-by: Alvin Lin <alvinlin123@gmail.com>
* upgrade to go 1.20.3 * align on pr name ? * Update build-image/Dockerfile * Update test-build-deploy.yml with build image tag * Update Makefile * Remove python-request and python-yaml in build-image/Dockerfile --------- Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Signed-off-by: Alvin Lin <alvinlin123@gmail.com> Co-authored-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com>
thanks 🙏 |
* upgrade to go 1.20.4 (#5299) (#5331) * upgrade to go 1.20.3 * align on pr name ? * Update build-image/Dockerfile * Update test-build-deploy.yml with build image tag * Update Makefile * Remove python-request and python-yaml in build-image/Dockerfile --------- Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Signed-off-by: Alvin Lin <alvinlin123@gmail.com> Co-authored-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com> * Release and bump version to 1.15.2 (#5336) * Bump version to 1.15.2 Signed-off-by: Alvin Lin <alvinlin123@gmail.com> * Add entry to change log for 1.15.2 release Signed-off-by: Alvin Lin <alvinlin123@gmail.com> --------- Signed-off-by: Alvin Lin <alvinlin123@gmail.com> * Release 1.15 (#5423) * Do not reuse remote write requests in case of error (#5422) * Do not reuse remote write requests in case of error Signed-off-by: Alan Protasio <alanprot@gmail.com> * Changelog Signed-off-by: Alan Protasio <alanprot@gmail.com> --------- Signed-off-by: Alan Protasio <alanprot@gmail.com> * Release and bump version to 1.15.3 Signed-off-by: Alan Protasio <alanprot@gmail.com> * Fix Changelog Signed-off-by: Alan Protasio <alanprot@gmail.com> --------- Signed-off-by: Alan Protasio <alanprot@gmail.com> --------- Signed-off-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Signed-off-by: Alvin Lin <alvinlin123@gmail.com> Signed-off-by: Alan Protasio <alanprot@gmail.com> Signed-off-by: Ben Ye <benye@amazon.com> Co-authored-by: Alvin Lin <alvinlin@amazon.com> Co-authored-by: rokh-conduktor <88239458+rokh-conduktor@users.noreply.github.com> Co-authored-by: Friedrich Gonzalez <friedrichg@gmail.com> Co-authored-by: Alan Protasio <approtas@amazon.com>
What this PR does:
if it's not the proper way to do this,
just let me know
Bump the go version to remove some CVEs detected by our scans.
go version : 1.20.1, solved in 1.20.3
CVE-2023-24538 / critical
CVE-2023-24536 / high
CVE-2023-24537 / high
CVE-2023-24534 / high
Which issue(s) this PR fixes:
Nonw
Checklist
CHANGELOG.md
updated - the order of entries should be[CHANGE]
,[FEATURE]
,[ENHANCEMENT]
,[BUGFIX]