Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Small fixes in project #20

Merged
merged 12 commits into from
Oct 4, 2024
Merged

Small fixes in project #20

merged 12 commits into from
Oct 4, 2024

Conversation

peczenyj
Copy link
Member

@peczenyj peczenyj commented Oct 4, 2024
edited
Loading

here I am fixing 3 vulnerabilities and update go.mod to use latest go version.

among other small things

it take me some effort to fix the github workflow / mage / etc, but now it works :)

@peczenyj
update go version in go.mod file
c3540f0
@peczenyj
fix vulnerabilites GO-2024-2456 and GO-2024-2466
2b9ee44 
Vulnerability #1: GO-2024-2466
Vulnerability #2: GO-2024-2456
  Module: github.com/go-git/go-git/v5
    Found in: github.com/go-git/go-git/[email protected]
    Fixed in: github.com/go-git/go-git/[email protected]
@peczenyj
fix vulnerability GO-2023-2402
8169722 
Vulnerability #3: GO-2023-2402
    Man-in-the-middle attacker can compromise integrity of secure channel in
    golang.org/x/crypto
  More info: https://pkg.go.dev/vuln/GO-2023-2402
  Module: golang.org/x/crypto
    Found in: golang.org/x/[email protected]
    Fixed in: golang.org/x/[email protected]
    Example traces found:
      #1: cmd/gomarkdoc/command.go:290:30: gomarkdoc.buildConfig calls viper.ReadInConfig, which eventually calls ssh.extChannel.Read
@peczenyj
update vendors (cobra,viper, go-git) to latest stable versions
c8dc57c
@peczenyj
fix github workflows
280e40c
@peczenyj
improve versions of github actions
f584609
@peczenyj
fix lint issues
1aa3ac1
@peczenyj
fix tests
50722e9
@peczenyj
fix mage doc verify
22ea701
@peczenyj
try fix macos tests because magefile/mage-action#332
658e92f
@peczenyj
remove macos tests, since mage action has some sort of bug
4f0b589
@peczenyj
use latest mage-action version
6073c20
@gglachant gglachant merged commit c78cd87 into master Oct 4, 2024
2 checks passed
@gglachant gglachant deleted the small-fixes-in-project branch October 4, 2024 09:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@gglachant gglachant

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@peczenyj @gglachant