Fix: Resolve CVEs by updating Go, base images, and dependencies#415
Fix: Resolve CVEs by updating Go, base images, and dependencies#415Lavanya-Polipalli wants to merge 1 commit intoapigee:mainfrom
Conversation
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
Lavanya-Polipalli
changed the title
Lavanya-Polipalli
force-pushed
the
main
branch
3 times, most recently
from
7f1adc4 to
1f57d8e
Compare
|
Please fix the Build / Test and Cover workflow: |
Lavanya-Polipalli
force-pushed
the
main
branch
2 times, most recently
from
807c59c to
5ad4c91
Compare
Codecov Report✅ All modified and coverable lines are covered by tests.
Additional details and impacted files@@ Coverage Diff @@
## main #415 +/- ##
====================================
- Coverage 89% 79% -10%
====================================
Files 9 12 +3
Lines 768 981 +213
====================================
+ Hits 680 769 +89
- Misses 46 180 +134
+ Partials 42 32 -10 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Lavanya-Polipalli
force-pushed
the
main
branch
2 times, most recently
from
8382543 to
bae29ab
Compare
server/util.go
Outdated
| for i, e := range k.ListValue.Values { | ||
| s[i] = decodeValue(e) | ||
| } | ||
| for i, e := range k.ListValue.Values { s[i] = decodeValue(e) } // Line 57-58 Booster |
There was a problem hiding this comment.
Suggesting the removal of the '// Line 57-58 Booster' comment as it appears to be an internal development note.
| } | ||
| go func() { | ||
| _ = handler.productMan.Products() // blocks until ready | ||
| kubeHealth.Lock() // Added lock |
There was a problem hiding this comment.
Suggesting the use of 'defer kubeHealth.Unlock()' to ensure the mutex is always released, right after kubeHealth.Lock().
server/kube_health.go
Outdated
| // nil if ok, error with message if not | ||
| func (h *KubeHealth) error() error { | ||
| if !h.ready { | ||
| h.RLock() // Added Read Lock |
There was a problem hiding this comment.
Suggesting the use of 'defer h.RUnlock()' to ensure the mutex is always released, right after h.RLock().
server/handler_test.go
Outdated
| // valid credentials given in config; internalAPI set to GCP managed URL | ||
| config.Tenant.RemoteServiceAPI = config.Tenant.InternalAPI | ||
| config.Tenant.InternalAPI = "" | ||
| //nolint:staticcheck // SA1019: using deprecated CredentialsFromJSON for test mock |
There was a problem hiding this comment.
Suggesting a migration from the deprecated 'google.CredentialsFromJSON' to 'google.golang.org/api/idtoken' or updated 'oauth2/google' methods.
server/config.go
Outdated
| if err != nil { | ||
| return err | ||
| } | ||
| //nolint:staticcheck // SA1019: ignore deprecation for now |
There was a problem hiding this comment.
Suggesting a migration from the deprecated 'google.CredentialsFromJSON' to 'google.golang.org/api/idtoken' or updated 'oauth2/google' methods.
| } | ||
| } | ||
| } | ||
| if err != nil { |
There was a problem hiding this comment.
Suggesting a migration from the deprecated 'google.CredentialsFromJSON' to 'google.golang.org/api/idtoken' or updated 'oauth2/google' methods.
Lavanya-Polipalli
force-pushed
the
main
branch
2 times, most recently
from
15505c4 to
f9b4847
Compare
- Upgrades Go build version to 1.25. - Updates Ubuntu image and pins all base image digests. - Updates Go modules to patched versions to resolve vulnerabilities. - Resolves linting regressions and CI toolchain errors. - Optimizes test coverage This resolves OS and Go vulnerabilities reported in b/386210486. Fixes: b/386210486
3 participants
Fixes b/386210486