Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump go mod dependencies #14

Closed
mudler opened this issue Jul 5, 2022 · 2 comments
Closed

Bump go mod dependencies #14

mudler opened this issue Jul 5, 2022 · 2 comments
Assignees
@fgiudici
Labels
area/teal Elemental Teal

Comments

@mudler
Copy link
Contributor

mudler commented Jul 5, 2022
edited
Loading

Some of the dependencies of the operator have new versions that are fixing (low) security vulnerabilities ( https://github.com/rancher/elemental-operator/security/dependabot ).

We should check if we are affected and we can bump to at least a patch version to address those.
@mudler mudler added the area/teal Elemental Teal label Jul 5, 2022
@fgiudici fgiudici self-assigned this Jul 11, 2022
@Itxaka
Copy link
Contributor

Itxaka commented Jul 11, 2022
edited
Loading

Confused Deputy in Kubernetes

Not affecting us, this is a kubernetes installation issue and configuration of the kube-apiserver. Also open since September 2021 with no fix as it seems to be a low priority issue and not very important. Dismissed.

Clarify mediaType handling

Patch version available, PR created: #28

OCI Manifest Type Confusion Issue

Minor version availabel, PR created: #29

@Itxaka
Copy link
Contributor

Itxaka commented Jul 12, 2022

Both PRs merged

@Itxaka Itxaka closed this as completed Jul 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fgiudici fgiudici

Labels
area/teal Elemental Teal
Projects
Elemental
Archived in project
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Itxaka @mudler @fgiudici