Closed pierreprinetti closed 5 months ago
Name | Link |
---|---|
Latest commit | 27526d5f37d843c6b9ba15d302ec026c0e7da227 |
Latest deploy log | https://app.netlify.com/sites/kubernetes-sigs-cluster-api-openstack/deploys/662a79c8b541e500098bbd28 |
Deploy Preview | https://deploy-preview-2037--kubernetes-sigs-cluster-api-openstack.netlify.app |
Preview on mobile | Toggle QR Code...Use your smartphone camera to open QR code link. |
To edit notification comments on pull requests, go to your Netlify site configuration.
Thanks. Can you please do a couple of things for me before merging?
- To make a static analyzer happy, ensure there is no code path
done. PTAL
/approve
Thank you!
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: mdbooth
The full list of commands accepted by this bot can be found here.
The pull request process is described here
/hold cancel I think this is ready for a review.
/lgtm
/hold good that I fixed the tests
tests still failing. Happy to LGTM once they're fixed.
/hold cancel :crossed_fingers:
Unit tests pass, and this PR doesn't do anything which should affect the e2e tests.
/lgtm
@pierreprinetti do we want/need it in release-0.10?
@pierreprinetti do we want/need it in release-0.10?
that'd be swell.
In the meantime, the bug has been validated by Snyk and reportedly passed on to their engineering.
/cherry-pick release-0.10
@EmilienM: new pull request created: #2062
What this PR does / why we need it:
Our downstream security scan is confused by
GetTLSVersion
returning0
as a value (even if coupled by a non-nil error), which could end up being assigned to the same identifier that (in a non-error context) would set the TLS version.This patch makes security linting easier by never setting a TLS version outside v1.2 or v1.3, even in case of an unacceptable user input.
Special notes for your reviewer:
This is expected to be a pure refactoring. Please reject this patch if it introduces any change in behaviour.
TODOs:
/hold
Fixes: #2034