Replace satori go uuid library in api-controller #2883

piotrmsc · 2019-02-27T08:19:50Z

Description
As a part of code scanning, tool reported usage of https://github.com/satori/go.uuid with high vulnerability of insecure randomness see here
We have to change it to https://github.com/gofrs/uuid which is a new version of old go uuid with fixed problem. Additionally, satori lib is deprecated see here

We use it here

Expected result
We are using gofrs uuid library instead of satori go.uuid

Actual result
satori go.uuid is used.

Steps to reproduce

Troubleshooting

piotrmsc added the area/service-mesh Issues or PRs related to service-mesh label Feb 27, 2019

piotrmsc added this to the Backlog_Goat milestone Feb 27, 2019

ghost added the priority/critical Priority indication label Feb 28, 2019

piotrmsc modified the milestones: Backlog_Goat, Sprint_Goat_8 Mar 11, 2019

Demonsthere self-assigned this Mar 13, 2019

This was referenced Mar 13, 2019

Swap satori for gofrs #3141

Merged

Bump api-controller image #3143

Closed

Feature/gofrs bump #3166

Merged

piotrmsc closed this as completed Mar 20, 2019

ghost mentioned this issue Feb 4, 2020

Replace satori go uuid library kyma-incubator/compass#791

Closed

Provide feedback