Closed TheoBrigitte closed 1 month ago
This has similar problems in CI as #1515. @getsops/maintainers can someone with more Go experience take a look at this?
This has similar problems in CI as #1515. @getsops/maintainers can someone with more Go experience take a look at this?
This happens when running go mod tidy
with a go version < 1.21, since CI uses go1.21.10
At first I did not felt like updating the go version in this PR.
My guess is that #1427 should have also bumped the go
version in go.mod
, even though at that point that version was already outdated (1.19 instead of 1.20).
Should I move the go version update to a different PR or you're fine having this change here ?
I guess it's fine here, but for this kind of PRs I prefer input from someone else from the maintainer team since I'm not that familiar with the Golang module mechanism :)
I guess it's fine here, but for this kind of PRs I prefer input from someone else from the maintainer team since I'm not that familiar with the Golang module mechanism :)
Will review this pr later today
@TheoBrigitte thanks for fixing this! @sabre1041 thanks for reviewing!
Update
github.com/hashicorp/vault/api
tov1.14.0
to fix following CVE:Note: As of today latest version of
github.com/hashicorp/vault/api
isv1.14.0
and notv1.16.0
as shown in the above report