Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

[BUG] Continuesly upgrade go dependencies' version to resolve CVE #791

Open
1 task done
zhoufenqin opened this issue Mar 11, 2025 · 1 comment
Open
1 task done

[BUG] Continuesly upgrade go dependencies' version to resolve CVE #791

zhoufenqin opened this issue Mar 11, 2025 · 1 comment
Labels
kind/bug Categorizes issue or PR as related to a bug. needs-priority Indicates an issue or PR lacks a `priority/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.

Comments

@zhoufenqin
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Konveyor version

v0.6.1

Priority

Critical

Current Behavior

I see the previous upgrade go dependencies is 5 months ago, there are CVEs for current go dependency packages.

Do we have a plan to upgrade do dependencies regularlly? for example, write a github action pipeline to upgrade it automatically.

Expected Behavior

The go dependencies should be upgraded regularrly

How Reproducible

Always (Default)

Steps To Reproduce

No response

Environment

- **Analyzer Image SHA** 
- **JDTLS  base image SHA**
- **Provider Settings JSON**

Anything else?

No response
@zhoufenqin zhoufenqin added kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Mar 11, 2025
@konveyor-ci-bot
Copy link

This issue is currently awaiting triage.
If contributors determine this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.
The triage/accepted label can be added by org members.

@konveyor-ci-bot konveyor-ci-bot bot added the needs-priority Indicates an issue or PR lacks a `priority/foo` label and requires one. label Mar 11, 2025
@github-project-automation github-project-automation bot moved this to 🆕 New in Planning Mar 11, 2025
@zhoufenqin zhoufenqin mentioned this issue Mar 11, 2025
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. needs-priority Indicates an issue or PR lacks a `priority/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.
Projects
Planning
Status: 🆕 New
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zhoufenqin