bump to go 1.22.2 - Githubissues

kubernetes-sigs / descheduler

Descheduler for Kubernetes

https://sigs.k8s.io/descheduler

Apache License 2.0

4.23k stars 645 forks source link

bump to go 1.22.2 #1374

Closed jklaw90 closed 2 months ago

jklaw90 commented 2 months ago

CVE-2023-45288 was handled in Go 1.22.2.

jklaw90 commented 2 months ago

seems like our ci is running 1.21.9? that version also contains the fix for the CVE, i can set our mod to 1.21.9 if it's easier.

ingvagabund commented 2 months ago

seems like our ci is running 1.21.9? that version also contains the fix for the CVE, i can set our mod to 1.21.9 if it's easier.

Bumped to 1.21.9 through https://github.com/kubernetes/test-infra/pull/32403

ingvagabund commented 2 months ago

1.22 works better given k8s 1.30 pins 1.22: https://github.com/kubernetes/kubernetes/blob/77aa9c21c295614817d5d49ea81f20783480691b/go.mod#L9

ingvagabund commented 2 months ago

Bumping the go version in CI for the master branch: https://github.com/kubernetes/test-infra/pull/32415

a7i commented 2 months ago

/retest

a7i commented 2 months ago

@jklaw90 would you please update here and here?

a7i commented 2 months ago

/label tide/merge-method-squash

a7i commented 2 months ago

/lgtm /approve

k8s-ci-robot commented 2 months ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: a7i

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes-sigs/descheduler/blob/master/OWNERS)~~ [a7i] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment