upgrade to go 1.20.4 #5299
Merged
upgrade to go 1.20.4 #5299
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 2 commits
April 28, 2023 11:35
friedrichg
requested changes
May 3, 2023
There was a problem hiding this comment.
Thanks for the contribution.
We need to move to 1.20.4 already, See https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved
Co-authored-by: Friedrich Gonzalez <[email protected]> Signed-off-by: rokh-conduktor <[email protected]>
|
Thanks for doing this. One of the maintainer will need to build the changes in this PR, and push new version of build image to quay.io. I will try to see if I can do it tomorrow :-) |
|
thanks a lot 🙏 |
Signed-off-by: Alvin Lin <[email protected]>
Signed-off-by: Alvin Lin <[email protected]>
alvinlin123
reviewed
May 4, 2023
friedrichg
approved these changes
May 5, 2023
Signed-off-by: Alvin Lin <[email protected]>
|
hey there 👋 |
|
I think it make sense to do a 1.15.2 release for the CVE. I will try to find time to do it this or next week. |
alvinlin123
added a commit
to alvinlin123/cortex
that referenced
this pull request
May 9, 2023
* upgrade to go 1.20.3 * align on pr name ? * Update build-image/Dockerfile Co-authored-by: Friedrich Gonzalez <[email protected]> Signed-off-by: rokh-conduktor <[email protected]> * Update test-build-deploy.yml with build image tag Signed-off-by: Alvin Lin <[email protected]> * Update Makefile Signed-off-by: Alvin Lin <[email protected]> * Remove python-request and python-yaml in build-image/Dockerfile Signed-off-by: Alvin Lin <[email protected]> --------- Signed-off-by: rokh-conduktor <[email protected]> Signed-off-by: Alvin Lin <[email protected]> Co-authored-by: Friedrich Gonzalez <[email protected]> Co-authored-by: Alvin Lin <[email protected]>
yeya24
pushed a commit
that referenced
this pull request
May 9, 2023
* upgrade to go 1.20.3 * align on pr name ? * Update build-image/Dockerfile * Update test-build-deploy.yml with build image tag * Update Makefile * Remove python-request and python-yaml in build-image/Dockerfile --------- Signed-off-by: rokh-conduktor <[email protected]> Signed-off-by: Alvin Lin <[email protected]> Co-authored-by: rokh-conduktor <[email protected]> Co-authored-by: Friedrich Gonzalez <[email protected]>
This was referenced May 10, 2023
Closed
|
thanks 🙏 |
friedrichg
added a commit
that referenced
this pull request
Nov 7, 2023
* upgrade to go 1.20.4 (#5299) (#5331) * upgrade to go 1.20.3 * align on pr name ? * Update build-image/Dockerfile * Update test-build-deploy.yml with build image tag * Update Makefile * Remove python-request and python-yaml in build-image/Dockerfile --------- Signed-off-by: rokh-conduktor <[email protected]> Signed-off-by: Alvin Lin <[email protected]> Co-authored-by: rokh-conduktor <[email protected]> Co-authored-by: Friedrich Gonzalez <[email protected]> * Release and bump version to 1.15.2 (#5336) * Bump version to 1.15.2 Signed-off-by: Alvin Lin <[email protected]> * Add entry to change log for 1.15.2 release Signed-off-by: Alvin Lin <[email protected]> --------- Signed-off-by: Alvin Lin <[email protected]> * Release 1.15 (#5423) * Do not reuse remote write requests in case of error (#5422) * Do not reuse remote write requests in case of error Signed-off-by: Alan Protasio <[email protected]> * Changelog Signed-off-by: Alan Protasio <[email protected]> --------- Signed-off-by: Alan Protasio <[email protected]> * Release and bump version to 1.15.3 Signed-off-by: Alan Protasio <[email protected]> * Fix Changelog Signed-off-by: Alan Protasio <[email protected]> --------- Signed-off-by: Alan Protasio <[email protected]> --------- Signed-off-by: rokh-conduktor <[email protected]> Signed-off-by: Alvin Lin <[email protected]> Signed-off-by: Alan Protasio <[email protected]> Signed-off-by: Ben Ye <[email protected]> Co-authored-by: Alvin Lin <[email protected]> Co-authored-by: rokh-conduktor <[email protected]> Co-authored-by: Friedrich Gonzalez <[email protected]> Co-authored-by: Alan Protasio <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does:
if it's not the proper way to do this,
just let me know
Bump the go version to remove some CVEs detected by our scans.
go version : 1.20.1, solved in 1.20.3
CVE-2023-24538 / critical
CVE-2023-24536 / high
CVE-2023-24537 / high
CVE-2023-24534 / high
Which issue(s) this PR fixes:
Nonw
Checklist
CHANGELOG.mdupdated - the order of entries should be[CHANGE],[FEATURE],[ENHANCEMENT],[BUGFIX]