Skip to content

Update python dependencies #5637

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 7, 2022
Merged

Update python dependencies #5637

merged 3 commits into from
Apr 7, 2022

Conversation

asmacdo
Copy link
Member

@asmacdo asmacdo commented Apr 7, 2022

  • Bump openshift 0.12 to 0.13
  • Skip pipenv check for pyup-45114
    https://nvd.nist.gov/vuln/detail/CVE-2021-29923 This CVE is filed
    against k8s on Golang < 1.17 and is attached to this lib because
    python-kubernetes uses the Kubernetes API.

Signed-off-by: Austin Macdonald [email protected]

jmrodri
jmrodri approved these changes Apr 7, 2022
View reviewed changes
Copy link
Member

@jmrodri jmrodri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Apr 7, 2022
@asmacdo
Copy link
Member Author

asmacdo commented Apr 7, 2022

For more info on why this CVE is appropriate to skip:

@asmacdo asmacdo added this to the v1.19.0 milestone Apr 7, 2022
@asmacdo asmacdo added the release-blocker This issue blocks the parent release milestone label Apr 7, 2022
rashmigottipati
rashmigottipati approved these changes Apr 7, 2022
View reviewed changes
Copy link
Member

@rashmigottipati rashmigottipati left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

asmacdo added 2 commits April 7, 2022 13:58
@asmacdo
Update python dependencies
b91081e 
- Bump openshift 0.12 to 0.13
- Skip pipenv check for pyup-45114
  https://nvd.nist.gov/vuln/detail/CVE-2021-29923 This CVE is filed
  against k8s on Golang < 1.17 and is attached to this lib because
  python-kubernetes uses the Kubernetes API.

Signed-off-by: Austin Macdonald <[email protected]>
@asmacdo
remove pipfile lock, which was used to update the pipfiles
dc260d5 
Signed-off-by: Austin Macdonald <[email protected]>
@asmacdo asmacdo force-pushed the update-pipfile-and-lock branch from 7dc54eb to dc260d5 Compare April 7, 2022 17:59
@openshift-ci openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. label Apr 7, 2022
@openshift-ci
Copy link

openshift-ci bot commented Apr 7, 2022

New changes are detected. LGTM label has been removed.

@asmacdo
take 2
bb94a02 
Signed-off-by: Austin Macdonald <[email protected]>
@asmacdo asmacdo merged commit 9bb14cc into operator-framework:master Apr 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jmrodri jmrodri jmrodri approved these changes

@rashmigottipati rashmigottipati rashmigottipati approved these changes

@fabianvf fabianvf Awaiting requested review from fabianvf

Assignees

@jmrodri jmrodri

@rashmigottipati rashmigottipati

Labels
release-blocker This issue blocks the parent release milestone
Projects
None yet
Milestone
v1.19.0
Development

Successfully merging this pull request may close these issues.
3 participants
@asmacdo @jmrodri @rashmigottipati