search

openshift / origin-aggregated-logging

139 stars 231 forks source link

Vendoring in minimist 1.2.5 #2131

Closed ewolinetz closed 3 years ago

ewolinetz commented 3 years ago

Description

To address CVE vendoring in minimist 1.2.5 which contains fix

Will need a manual 4.6.z cherry-pick too

/cc @jcantrill

/cherry-pick 5.1

Links

jcantrill commented 3 years ago

/lgtm /retest

openshift-ci[bot] commented 3 years ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ewolinetz, jcantrill

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/openshift/origin-aggregated-logging/blob/master/OWNERS)~~ [ewolinetz,jcantrill] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

openshift-bot commented 3 years ago

/retest

Please review the full test history for this PR and help us cut down flakes.

ewolinetz commented 3 years ago

/cherry-pick release-5.1

openshift-cherrypick-robot commented 3 years ago

@ewolinetz: #2131 failed to apply on top of branch "release-5.1":

Applying: vendoring in minimist 1.2.5
.git/rebase-apply/patch:126: trailing whitespace.

.git/rebase-apply/patch:140: trailing whitespace.

.git/rebase-apply/patch:159: trailing whitespace.

.git/rebase-apply/patch:164: trailing whitespace.

.git/rebase-apply/patch:186: trailing whitespace.

warning: squelched 35 whitespace errors
warning: 40 lines add whitespace errors.
Using index info to reconstruct a base tree...
M   kibana/Dockerfile
M   kibana/Dockerfile.in
Falling back to patching base and 3-way merge...
Auto-merging kibana/Dockerfile.in
CONFLICT (content): Merge conflict in kibana/Dockerfile.in
Auto-merging kibana/Dockerfile
CONFLICT (content): Merge conflict in kibana/Dockerfile
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 vendoring in minimist 1.2.5
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".
In response to [this](https://github.com/openshift/origin-aggregated-logging/pull/2131#issuecomment-868761854): >/cherry-pick release-5.1 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.
ewolinetz commented 3 years ago

cherrypick dependent on https://github.com/openshift/origin-aggregated-logging/pull/2124 merging first...

ewolinetz commented 3 years ago

/cherry-pick release-5.1

openshift-cherrypick-robot commented 3 years ago

@ewolinetz: new pull request created: #2140

In response to [this](https://github.com/openshift/origin-aggregated-logging/pull/2131#issuecomment-871405052): >/cherry-pick release-5.1 Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.