Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Upgrade github.com/hashicorp/go-retryablehttp #31499

Merged
merged 2 commits into from
Jun 26, 2024
Merged

Upgrade github.com/hashicorp/go-retryablehttp #31499

merged 2 commits into from
Jun 26, 2024

Conversation

silverwind
Copy link
Member

@silverwind silverwind commented Jun 26, 2024
edited
Loading

Result of go get -u github.com/hashicorp/go-retryablehttp && make tidy.
Fixes: https://pkg.go.dev/vuln/GO-2024-2947

Only 1.22 branch is affected, main branch already has the fixed version.

@pull-request-size pull-request-size bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Jun 26, 2024
@GiteaBot GiteaBot added this to the 1.22.1 milestone Jun 26, 2024
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Jun 26, 2024
@silverwind silverwind mentioned this pull request Jun 26, 2024
Merged
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Jun 26, 2024
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Jun 26, 2024
@techknowlogick techknowlogick enabled auto-merge (squash) June 26, 2024 12:46
@techknowlogick techknowlogick added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. and removed lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. labels Jun 26, 2024
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Jun 26, 2024
@techknowlogick techknowlogick merged commit d9e6657 into go-gitea:release/v1.22 Jun 26, 2024
26 checks passed
@GiteaBot GiteaBot removed the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Jun 26, 2024
@silverwind silverwind deleted the vulnup branch June 26, 2024 13:16
@go-gitea go-gitea locked as resolved and limited conversation to collaborators Sep 24, 2024
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Reviewers

@techknowlogick techknowlogick techknowlogick approved these changes

@wxiaoguang wxiaoguang wxiaoguang approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/dependencies size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
1.22.1
Development

Successfully merging this pull request may close these issues.
4 participants
@silverwind @techknowlogick @wxiaoguang @GiteaBot