Closed tariq1890 closed 3 months ago
P.S: I am not sure why dependabot isn't raising PRs for most of the gpu-operator deps
I believe dependabot is currently configured to only update our k8s.io dependencies:
groups:
k8sio:
patterns:
- k8s.io/*
exclude-patterns:
- k8s.io/klog/*
@cdesiniotis I think that's only the group settings. The stanza however enables all of the go dep bumps. The same config works fine in the other repos
This fixes some CVEs that were found in the
helm.sh/helm
dependencyP.S: I am not sure why dependabot isn't raising PRs for most of the gpu-operator deps