Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove github.com/emicklei/go-restful@v2.8.5 #1473

Merged
merged 1 commit into from
Jul 18, 2022
Merged

Remove github.com/emicklei/go-restful@v2.8.5 #1473

merged 1 commit into from
Jul 18, 2022

Conversation

andytinkham
Copy link
Contributor

Signed-off-by: Andy Tinkham andy.tinkham@cyberark.com

Desired Outcome

Remove occurrences of github.com/emicklei/go-restful prior to v3.8.0 to resolve CVE-2022-1996.

Implemented Changes

  • In go.mod, replaced k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42 with v0.0.0-20220627174259-011e075b9cb8 to get a version of kube-openapi that uses the latest version of go-restful
  • In go.mod, exclude github.com/emicklei/go-restful v2.9.5+incompatible from consideration
  • Run go mod tidy to clean up the go.sum file.

@andytinkham andytinkham requested a review from a team as a code owner July 18, 2022 16:13
@andytinkham andytinkham force-pushed the remove-old-emicklei/go-restful branch from 35c273f to 1ac09cf Compare July 18, 2022 16:14
@andytinkham
Remove github.com/emicklei/go-restful@v2.8.5
d3097ed 
Signed-off-by: Andy Tinkham <andy.tinkham@cyberark.com>
@andytinkham andytinkham force-pushed the remove-old-emicklei/go-restful branch from 1ac09cf to d3097ed Compare July 18, 2022 16:16
codeclimate[bot]
codeclimate bot reviewed Jul 18, 2022
View reviewed changes
CHANGELOG.md
## [1.7.14] - 2022-07-18

### Security
- Added replace & exclude statements to go.mod to remove dependency on
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Trailing spaces

CHANGELOG.md
## [1.7.14] - 2022-07-18

### Security
- Added replace & exclude statements to go.mod to remove dependency on
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lists should be surrounded by blank lines

@codeclimate
Copy link

codeclimate bot commented Jul 18, 2022

Code Climate has analyzed commit d3097ed and detected 2 issues on this pull request.

Here's the issue category breakdown:

Category Count
Style 2

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 40.1% (0.0% change).

View more on Code Climate.

john-odonnell
john-odonnell approved these changes Jul 18, 2022
View reviewed changes
Copy link
Contributor

@john-odonnell john-odonnell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@andytinkham andytinkham merged commit dfa62f3 into main Jul 18, 2022
@andytinkham andytinkham deleted the remove-old-emicklei/go-restful branch July 18, 2022 18:14
@gl-johnson gl-johnson mentioned this pull request Aug 23, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codeclimate CodeClimate CodeClimate left review comments

@john-odonnell john-odonnell john-odonnell approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@andytinkham @john-odonnell