dependabot[bot]
d599385ac5
rebase: bump the golang-dependencies group with 3 updates
...
Bumps the golang-dependencies group with 3 updates: [golang.org/x/crypto](https://github.com/golang/crypto ), [golang.org/x/net](https://github.com/golang/net ) and [golang.org/x/sys](https://github.com/golang/sys ).
Updates `golang.org/x/crypto` from 0.21.0 to 0.22.0
- [Commits](https://github.com/golang/crypto/compare/v0.21.0...v0.22.0 )
Updates `golang.org/x/net` from 0.22.0 to 0.24.0
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.24.0 )
Updates `golang.org/x/sys` from 0.18.0 to 0.19.0
- [Commits](https://github.com/golang/sys/compare/v0.18.0...v0.19.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: golang-dependencies
- dependency-name: golang.org/x/net
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: golang-dependencies
- dependency-name: golang.org/x/sys
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: golang-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-10 08:51:19 +00:00
dependabot[bot]
dc655f03a8
rebase: bump the golang-dependencies group with 1 update
...
Bumps the golang-dependencies group with 1 update: [golang.org/x/sys](https://github.com/golang/sys ).
- [Commits](https://github.com/golang/sys/compare/v0.13.0...v0.14.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/sys
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: golang-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-11-10 07:28:10 +00:00
Niels de Vos
a129b1c4ab
rebase: update golang.org/x/net to v0.14
...
golang.org/x/net/html v0.12 is vulnerable against CVE-2023-3978.
Exploiting it through Ceph-CSI is non-trivial, but rebasing
golang.org/x/net should take away any concerns.
See-also: https://pkg.go.dev/vuln/GO-2023-1988
Signed-off-by: Niels de Vos <ndevos@ibm.com>
2023-08-07 20:56:44 +00:00