Closed IzhakJakov closed 2 years ago
/transfer kubernetes
@IzhakJakov: This issue is currently awaiting triage.
If a SIG or subproject determines this is a relevant issue, they will accept it by applying the triage/accepted
label and provide further guidance.
The triage/accepted
label can be added by org members by writing /triage accepted
in a comment.
/area code-organization /sig architecture
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.
This bot triages issues and PRs according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/lifecycle rotten
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
We are now on a newer cobra:
[dims@dims-m1-7728 13:45] ~/go/src/k8s.io/kubernetes ⟩ rg github.com/spf13/cobra go.mod
64: github.com/spf13/cobra v1.5.0
465: github.com/spf13/cobra => github.com/spf13/cobra v1.5.0
We do not currently have a dependency on github.com/dgrijalva/jwt-go
[dims@dims-m1-7728 13:47] ~/go/src/k8s.io/kubernetes ⟩ go mod graph | grep github.com/dgrijalva/jwt-go
[dims@dims-m1-7728 13:48] ~/go/src/k8s.io/kubernetes ⟩ grep github.com/dgrijalva/jwt-go go.mod
/close
@dims: Closing this issue.
Found vulnerability (SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515)
github.com/spf13/cobra
v1.1.3
uses github.com/dgrijalva/jwt-go which is affected by a known vulnerability and is no longer maintaned so it should probably be upgraded to a newer version.Found another vulnerability (SNYK-GOLANG-GITHUBCOMPKGSFTP-569475)