Bump github.com/jetstack/cert-manager from 1.7.1 to 1.7.2 #22

dependabot · 2022-03-23T22:14:25Z

Bumps github.com/jetstack/cert-manager from 1.7.1 to 1.7.2.

Release notes

Sourced from github.com/jetstack/cert-manager's releases.

v1.7.2 Release Notes

1.7.2 is a minor release rebuilding cert-manager 1.7 using the latest version of Go. This eliminates a few security vulnerabilities which have accumulated in Go since the last release.

We don't believe any of those vulnerabilities were practically exploitable or relevant to cert-manager, but we decided to rebuild to keep up to date anyway.

Changelog since cert-manager 1.7.1

Bug or Regression

Bumps the version of Go used to build the cert-manager binaries to 1.17.8, to fix a slew of CVEs (none of which were likely to be exploited) (#4976 , @vhosakot)

Fixes an expired hardcoded certificate which broke unit tests (#4978, @SgtCoDFish @jakexks)

Commits

2e0bfc8 Merge pull request #4976 from jetstack-bot/cherry-pick-4970-to-release-1.7
6365f37 Merge pull request #4978 from SgtCoDFish/release-1.7-kind-images
d3b5d76 Remove hardcoded cert from cmctl inspect secret unit tests
0babdf2 bump to latest available kind images
1c82749 Bump Go 1.17.1 --> 1.17.8 to fix CVEs
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/jetstack/cert-manager](https://github.com/jetstack/cert-manager) from 1.7.1 to 1.7.2. - [Release notes](https://github.com/jetstack/cert-manager/releases) - [Commits](cert-manager/cert-manager@v1.7.1...v1.7.2) --- updated-dependencies: - dependency-name: github.com/jetstack/cert-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 23, 2022

rkosegi approved these changes Mar 23, 2022

View reviewed changes

rkosegi merged commit 6c4bec0 into main Mar 23, 2022

dependabot bot deleted the dependabot/go_modules/github.com/jetstack/cert-manager-1.7.2 branch March 23, 2022 23:56

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump github.com/jetstack/cert-manager from 1.7.1 to 1.7.2 #22

Bump github.com/jetstack/cert-manager from 1.7.1 to 1.7.2 #22

dependabot bot commented on behalf of github Mar 23, 2022

Bump github.com/jetstack/cert-manager from 1.7.1 to 1.7.2 #22

Bump github.com/jetstack/cert-manager from 1.7.1 to 1.7.2 #22

Conversation

dependabot bot commented on behalf of github Mar 23, 2022

v1.7.2 Release Notes

Changelog since cert-manager 1.7.1

Bug or Regression