Upgrade golang.org/x/sys - Githubissues

cyberark / summon-conjur

CyberArk Conjur provider for Summon

MIT License

38 stars 8 forks source link

Upgrade golang.org/x/sys #109

Closed gl-johnson closed 1 year ago

gl-johnson commented 1 year ago

Desired Outcome

Vulnerability in golang.org/x/sys is causing downstream errors in image scans of pet-store-demo (See: https://jenkins.conjur.net/blue/organizations/jenkins/conjurdemos--pet-store-demo/detail/upgrade-dependencies/7/pipeline)

Implemented Changes

Describe how the desired outcome above has been achieved with this PR. In particular, consider:

Upgrade golang.org/x/sys to 0.4.0
Add replace statements for older versions

Changelog

[ ] The CHANGELOG has been updated, or
[x] This PR does not include user-facing changes and doesn't require a CHANGELOG update

Test coverage

[ ] This PR includes new unit and integration tests to go with the code changes, or
[x] The changes in this PR do not require tests

Documentation

[ ] Docs (e.g. READMEs) were updated in this PR
[ ] A follow-up issue to update official docs has been filed here: [insert issue ID]
[x] This PR does not require updating any documentation

Behavior

[ ] This PR changes product behavior and has been reviewed by a PO, or
[ ] These changes are part of a larger initiative that will be reviewed later, or
[x] No behavior was changed with this PR

Security

[ ] Security architect has reviewed the changes in this PR,
[ ] These changes are part of a larger initiative with a separate security review, or
[x] There are no security aspects to these changes