Updated go version in deps and CI.

goss-org / goss

Quick and Easy server testing/validation

https://goss.rocks

Apache License 2.0

5.5k stars 470 forks source link

Updated go version in deps and CI. #809

Closed AlexSkrypnyk closed 1 year ago

AlexSkrypnyk commented 1 year ago

Checklist

[x] make test-all (UNIX) passes. CI will also test this
[ ] unit and/or integration tests are included (if applicable)
[ ] documentation is changed or added (if applicable)

Description of change

Updated to go 1.20
Updated dependencies

The binaries in the latest release rely on stdlib:18.5 that has some CVEs.

Cursor_and_Image_Layer_Details_-_drevops_ci-builder_preview_1_6_0___Docker_Hub

aelsabbahy commented 1 year ago

This is great, thank you!

AlexSkrypnyk commented 1 year ago

@aelsabbahy @ripienaar Can we please have a release after this update so that we can have these changes be propagated to our images (that are currently marked as having vulnerabilities). Thank you

aelsabbahy commented 1 year ago

Totally dropped the ball on this. I'll take care of it this week.

Apologies for the delay.

aelsabbahy commented 1 year ago

Curious, what are you using to test for vulnerabilities. I'm surprised dependabot didn't submit a PR 😢

aelsabbahy commented 1 year ago

Released: https://github.com/goss-org/goss/releases/tag/v0.3.22

Thank you for the PR, much appreciated!

AlexSkrypnyk commented 1 year ago

@aelsabbahy I used Docker scout in Docker HUB web UI as a part of the image that uses Goss.

Thank you for merging and releasing this!