Closed sjhx closed 1 year ago
sjhx
commented
1 year ago the majority of the change set here is about reorienting the functional tests toward simple signing and away from notary which is no longer available on the IBM service so we did not have working tests
Kieran-Muller
commented
1 year ago Noticed 1 issue in the alltests. Could you resolve please
Error: grep: test/e2e/vulnerability.imagePolicy_test.go: No such file or directoryDiscussed. Will be resolved.
Kieran-Muller
commented
1 year ago This looks to contain more than just a bump to go-toolset, would you mind updating the description with the further changes made (unless my interpretation is wrong) and I'll be happy to approve as tests are happy and no issues jump out to me from what I've seen in the codebase.
Edit: Missed the first comment here https://github.com/IBM/portieris/pull/441#issuecomment-1685886425, makes sense to me.
resolving vulnerabilities reported in go-toolset
Vulnerability ID Policy Status Affected Packages How to Resolve CVE-2023-29404 Active golang and golang Upgrade 2 packages. Re-run command with --extended to view. CVE-2023-29405 Active golang and golang Upgrade 2 packages. Re-run command with --extended to view. CVE-2023-24540 Active golang and golang Upgrade 2 packages. Re-run command with --extended to view. CVE-2022-41724 Active golang and golang Upgrade 2 packages. Re-run command with --extended to view. CVE-2022-41725 Active golang and golang Upgrade 2 packages. Re-run command with --extended to view. CVE-2023-29402 Active golang and golang Upgrade 2 packages. Re-run command with --extended to view. CVE-2023-29403 Active golang and golang Upgrade 2 packages. Re-run command with --extended to view.