Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

suppressing vulnerability GO-2022-0635 for release #4460

Closed
wants to merge 1 commit into from
Closed

suppressing vulnerability GO-2022-0635 for release #4460

wants to merge 1 commit into from
+82 −75

Conversation

nitin-sachdev-29
Copy link
Collaborator

Changes proposed in this PR

  • suppressing vulnerability GO-2022-0635 for release

How I've tested this PR

How I expect reviewers to test this PR

Checklist

@nitin-sachdev-29
Preparing for 1.1.18 release (#4459)
069d095 
preparing for release 1.1.18 and updated golang.org/x/net dependency to 0.34.0 to fix vulnerability https://pkg.go.dev/vuln/GO-2024-3333 in CNI, acceptance and control-plane submodule.
@nitin-sachdev-29 nitin-sachdev-29 added pr/no-changelog PR does not need a corresponding .changelog entry pr/no-backport signals that a PR will not contain a backport label labels Jan 15, 2025
@nitin-sachdev-29 nitin-sachdev-29 requested review from a team as code owners January 15, 2025 14:40
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 15, 2025
View reviewed changes
acceptance/tests/cloud/fakeserver_client.go Outdated
// newfakeServerClient returns a fakeServerClient to be used in tests to communicate with the fake Telemetry Gateway.
func newfakeServerClient(tunnel string) *fakeServerClient {
tr := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},

Check warning

Code scanning / Go Modules Scanner

TLS configuration is insecure Warning test

skipping TLS verification, don't use in production
control-plane/connect-inject/webhook/consul_dataplane_sidecar.go Outdated
seconds, _ = strconv.Atoi(v)
}
if seconds > 0 {
return int32(seconds)

Check warning

Code scanning / Go Modules Scanner

String conversion integer overflow Warning

detected potential integer overflow
@nitin-sachdev-29 nitin-sachdev-29 changed the base branch from main to prep-1.1.18 January 15, 2025 14:40
@hashicorp-cla-app HashiCorp CLA App
Copy link

hashicorp-cla-app bot commented Jan 15, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

@hashicorp-cla-app HashiCorp CLA App
Copy link

CLA assistant check

Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement

Learn more about why HashiCorp requires a CLA and what the CLA includes

10 out of 11 committers have signed the CLA.

  • NiniOak
  • ndhanushkodi
  • xwa153
  • zalimeni
  • missylbytes
  • sarahalsmiller
  • nathancoleman
  • jm96441n
  • jmurret
  • nitin-sachdev-29
  • Chris S. Kim

Chris S. Kim seems not to be a GitHub user.
You need a GitHub account to be able to sign the CLA.
If you have already a GitHub account, please add the email address used for this commit to your account.

Have you signed the CLA already but the status is still pending? Recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
pr/no-backport signals that a PR will not contain a backport label pr/no-changelog PR does not need a corresponding .changelog entry
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@nitin-sachdev-29