devth
commented
1 year ago Thanks for raising this issue @MartijnPDirekt! I'm fine just removing it from this image given how long Helm 3 has been out.
Closed MartijnPDirekt closed 1 year ago
devth
commented
1 year ago Thanks for raising this issue @MartijnPDirekt! I'm fine just removing it from this image given how long Helm 3 has been out.
MartijnPDirekt
commented
1 year ago Hi Trevor, You're awesome. Thanks for the fast response and resolution!
Hi Trevor,
https://github.com/helm/helm-2to3/ contains several high CVE's, that are all fixed by dependabot, but are not approved by the maintainer (https://github.com/helm/helm-2to3/issues/228)
How would you like to proceed, given helm 2 is deprecated almost 3 years. A possbile solution would be to leave this repo untouched and start a new one that supports Helm v3 only. That will make the image even lighter.
I am curious to hear your thoughts.
Kr, Martijn