search

keptn / lifecycle-toolkit

Toolkit for cloud-native application lifecycle management
https://keptn.sh
Apache License 2.0
272 stars 111 forks source link

deps: bump golang.org/x/net to v0.23.0 #3388

Closed odubajDT closed 3 months ago

odubajDT commented 3 months ago

Fixes go vulnerability: https://pkg.go.dev/vuln/GO-2024-2687

security scan https://github.com/keptn/lifecycle-toolkit/actions/runs/8555467155/job/23442929687

The security scan fails, reason: net/http is part of go standard lib -> it's used by opentelemetry.io, which uses go version 1.20 (does not contain the fix yet)

sonarcloud[bot] commented 3 months ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

codecov[bot] commented 3 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 85.33%. Comparing base (e4f1a6a) to head (b3f1d91).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #3388 +/- ## ========================================== - Coverage 85.36% 85.33% -0.03% ========================================== Files 167 167 Lines 7412 7412 ========================================== - Hits 6327 6325 -2 - Misses 798 799 +1 - Partials 287 288 +1 ``` [see 1 file with indirect coverage changes](https://app.codecov.io/gh/keptn/lifecycle-toolkit/pull/3388/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=keptn) | [Flag](https://app.codecov.io/gh/keptn/lifecycle-toolkit/pull/3388/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=keptn) | Coverage Δ | | |---|---|---| | [certificate-operator](https://app.codecov.io/gh/keptn/lifecycle-toolkit/pull/3388/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=keptn) | `69.23% <ø> (ø)` | | | [component-tests](https://app.codecov.io/gh/keptn/lifecycle-toolkit/pull/3388/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=keptn) | `58.04% <ø> (-0.74%)` | :arrow_down: | | [lifecycle-operator](https://app.codecov.io/gh/keptn/lifecycle-toolkit/pull/3388/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=keptn) | `83.46% <ø> (ø)` | | | [metrics-operator](https://app.codecov.io/gh/keptn/lifecycle-toolkit/pull/3388/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=keptn) | `88.32% <ø> (ø)` | | | [scheduler](https://app.codecov.io/gh/keptn/lifecycle-toolkit/pull/3388/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=keptn) | `34.74% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=keptn#carryforward-flags-in-the-pull-request-comment) to find out more.