Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolve security alerts from Dependabots #7588

Merged
merged 3 commits into from
Feb 22, 2024
Merged

Resolve security alerts from Dependabots #7588

merged 3 commits into from
Feb 22, 2024

Conversation

yuxiang-zhang
Copy link
Member

@yuxiang-zhang yuxiang-zhang commented Feb 22, 2024
edited
Loading

Description

Checklist

  • Added tests that cover your change (if possible)
  • Added/modified documentation as required (such as the README.md, or the userdocs directory)
  • Manually tested
  • Made sure the title of the PR is a good description that can go into the release notes
  • (Core team) Added labels for change area (e.g. area/nodegroup) and kind (e.g. kind/improvement)

BONUS POINTS checklist: complete for good vibes and maybe prizes?! 🤯

  • Backfilled missing tests for code in same general area 🎉
  • Refactored something and made the world a better place 🌟

@yuxiang-zhang yuxiang-zhang added skip-release-notes Causes PR not to show in release notes dependencies Pull requests that update a dependency file area/tech-debt Leftover improvements in code, testing and building area/ci labels Feb 22, 2024
@yuxiang-zhang yuxiang-zhang force-pushed the update-deps branch 3 times, most recently from e96a789 to c17b746 Compare February 22, 2024 00:34
dependabot bot and others added 3 commits February 22, 2024 20:31
@dependabot @yuxiang-zhang
Bump dependencies for Dependabot alerts
8ef49ae 
Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.11.0

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.4.2 to 5.11.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](go-git/go-git@v5.4.2...v5.11.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

Bump helm.sh/helm/v3 from 3.14.0 to 3.14.2

Bumps [helm.sh/helm/v3](https://github.com/helm/helm) from 3.14.0 to 3.14.2.
- [Release notes](https://github.com/helm/helm/releases)
- [Commits](helm/helm@v3.14.0...v3.14.2)

---
updated-dependencies:
- dependency-name: helm.sh/helm/v3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@yuxiang-zhang
Fix generate-internal-groups.sh permission
0dd23e1
@yuxiang-zhang
Update dependencies
e88a717
@yuxiang-zhang yuxiang-zhang merged commit f863aee into main Feb 22, 2024
10 checks passed
@yuxiang-zhang yuxiang-zhang deleted the update-deps branch February 22, 2024 21:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@a-hilaly a-hilaly a-hilaly approved these changes

Assignees
No one assigned
Labels
area/ci area/tech-debt Leftover improvements in code, testing and building dependencies Pull requests that update a dependency file skip-release-notes Causes PR not to show in release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yuxiang-zhang @a-hilaly