-
Notifications
You must be signed in to change notification settings - Fork 410
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updating logrus and net packages in go.mod #1495
Conversation
Signed-off-by: James Busche <[email protected]>
This is looking good to me. It would be great if you could extend your scanning to the |
@jbusche I think you need to do a |
@jbusche Can you also do |
Signed-off-by: James Busche <[email protected]>
Hi @z103cb, I had done the go mod tidy on the ray-operator, but I didn't change anything in ../apiserver and didn't realize I also needed to run it there as well... thanks for the tip @tedhtchang! Let's see if it passes this time... |
Is this PR ready for review? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jbusche, this is looking good. I would flip this PR to ready for review.
LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
@anishasthana @tedhtchang @kevin85421 @z103cb
Note: I'm going to leave this in draft mode for now until I have been able to deploy it with CodeFlare and make sure that all works. A quick test, it looked good, but I'd like to do additional tests.
Why are these changes needed?
There are three CVE vulnerabilities that I think can be easily fixed with this PR
I'm updating the logurs and net packages in go.mod so that Twistlock no longer flags them as a vulnerability.
Related issue number
Closes #1494
Checks
Well, I'm not certain this is the tests you mean, but I've done this
make docker-build
and it reports
and later
Before: There were 8 total vulnerabilities:
C:0|H:1|M:7|L:0|T:8
After the PR: There are 5 total vulnerabilities left:
C:0|H:1|M:4|L:0|T:5