Skip to content

[Snyk] Security upgrade io.kubernetes:client-java from 14.0.1 to 21.0.2#14

Open
VaniHaripriya wants to merge 139 commits into
mainfrom
snyk-fix-cca87a7f3d140b1490ace21338361734
Open

[Snyk] Security upgrade io.kubernetes:client-java from 14.0.1 to 21.0.2#14
VaniHaripriya wants to merge 139 commits into
mainfrom
snyk-fix-cca87a7f3d140b1490ace21338361734

Conversation

@VaniHaripriya
Copy link
Copy Markdown
Owner

@VaniHaripriya VaniHaripriya commented Oct 12, 2024

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

  • sdks/java/pom.xml

Vulnerabilities that will be fixed with an upgrade:

Issue Score Upgrade
high severity Stack-based Buffer Overflow
SNYK-JAVA-COMGOOGLEPROTOBUF-8055227		   649   io.kubernetes:client-java:
14.0.1 -> 21.0.2
Major version upgrade No Known Exploit

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

sarabala1979 and others added 30 commits March 3, 2022 21:21
@sarabala1979
fix: e2e
5d8651d 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
fix: lint
e2c53e6 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
fix: test
4decbea 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
Merge remote-tracking branch 'upstream/master' into release-3.3
15afec4 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
chore: Refactor the leader election (argoproj#8130)
c6f1e4a 
* chore: Refactor the leader election

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>

* fix: codegen

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
fix: pod deleted due to delayed cleanup. Fixes argoproj#8022 (argopro…
0cec273 
…j#8061)

Signed-off-by: Vignesh Rajasekaran <vignesh@rvignesh.io>
@sarabala1979
fix: Fix the TestStopBehavior flackiness (argoproj#8096)
049d3d1 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@alexec @sarabala1979
fix: Remove need for get pods from Emissary (argoproj#8133)
dfca6f1 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@blkperl @sarabala1979
fix: Limit workflows to 128KB and return a friendly error message (ar…
26471c8 
…goproj#8169)

Signed-off-by: William Van Hevelingen <william.vanhevelingen@acquia.com>
@Mins @sarabala1979
fix: add /etc/mime.types mapping table (argoproj#8171)
2b87f86 
Signed-off-by: Ming Yu <mingyu.shi@zendesk.com>
@alexec @sarabala1979
fix: Add instance ID to workflowtaskresults (argoproj#8150)
442096b 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@alexec @sarabala1979
fix: Correctly order emissary combined output. Fixes argoproj#8159 (a…
d10a731 
…rgoproj#8175)

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>
@sarabala1979
fix: workflow.duration' is not available as a real time metric (argop…
ea36c33 
…roj#8181)

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@wujayway @alexec
fix(executor): Retry kubectl on internal transient error (argoproj#8092)
845a244 
* fix(executor): Retry kubectl on internal transient error

fix(executor): Retry kubectl on internal transient error
Signed-off-by: wujayway <wujayway@gmail.com>

* add ut

add ut
Signed-off-by: wujayway <wujayway@gmail.com>

* add ut

add ut
Signed-off-by: wujayway <wujayway@gmail.com>
@Shark @alexec
fix(plugins): UX improvements (argoproj#8122)
4e543f2 
* fix(plugins): set Content-Type request header

Signed-off-by: Felix Seidel <felix@seidel.me>

* fix(plugins): keep namespace from plugin manifest

Signed-off-by: Felix Seidel <felix@seidel.me>
@rohankmr414 @alexec
feat: add TLS config option to HTTP template. Fixes argoproj#7390 (ar…
5b14e15 
…goproj#7929)

Signed-off-by: Rohan Kumar <rohankmr414@gmail.com>
@alexec
fix: Authentication for plugins. Fixes argoproj#8144 (argoproj#8147)
ad7d905 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@Shark @sarabala1979
fix(plugins): UX improvements (argoproj#8122)
47b78d4 
* fix(plugins): set Content-Type request header

Signed-off-by: Felix Seidel <felix@seidel.me>

* fix(plugins): keep namespace from plugin manifest

Signed-off-by: Felix Seidel <felix@seidel.me>
@wujayway @sarabala1979
fix(executor): Retry kubectl on internal transient error (argoproj#8092)
4c61c8d 
* fix(executor): Retry kubectl on internal transient error

fix(executor): Retry kubectl on internal transient error
Signed-off-by: wujayway <wujayway@gmail.com>

* add ut

add ut
Signed-off-by: wujayway <wujayway@gmail.com>

* add ut

add ut
Signed-off-by: wujayway <wujayway@gmail.com>
@rohankmr414 @sarabala1979
feat: add TLS config option to HTTP template. Fixes argoproj#7390 (ar…
76ff748 
…goproj#7929)

Signed-off-by: Rohan Kumar <rohankmr414@gmail.com>
@sarabala1979
Merge branch 'release-3.3' of https://github.com/argoproj/argo-workflows
3d60693 
 into release-3.3

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@dpadhiar @sarabala1979
fix: reduce number of workflows displayed in UI by default. Fixes arg…
aa460b9 
…oproj#8297 (argoproj#8303)

Signed-off-by: Dillen Padhiar <dpadhiar99@gmail.com>
@dpadhiar @sarabala1979
fix: fix: git artifact will be checked out even if local file matches…
3475831 
… name of tracking branch (argoproj#8287)

Signed-off-by: Dillen Padhiar <dpadhiar99@gmail.com>
@alexec @sarabala1979
fix: taskresults owned by pod rather than workflow. (argoproj#8284)
7e88021 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@mikutas @sarabala1979
fix: improve error message when the controller is set `templateRefere…
79a9a5b 
…ncing: Secure` (argoproj#8277)

Signed-off-by: mikutas <23391543+mikutas@users.noreply.github.com>
@alexec @sarabala1979
fix: Add instance ID to workflowtaskresults (argoproj#8150)
22c203f 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@alexec @sarabala1979
fix: Correctly order emissary combined output. Fixes argoproj#8159 (a…
cdd1633 
…rgoproj#8175)

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>

* fix: Correctly order emissary combined output. Fixes argoproj#8168

Signed-off-by: Alex Collins <alex_collins@intuit.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@alexec @sarabala1979
fix: Authentication for plugins. Fixes argoproj#8144 (argoproj#8147)
3a425ec 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@alexec @sarabala1979
fix: Update workflowtaskresult code have own reconciliation loop. (a…
af0cfab 
…rgoproj#8135)

Signed-off-by: Alex Collins <alex_collins@intuit.com>
@alexec @sarabala1979
fix: Add instance ID to workflowtaskresults (argoproj#8150)
918c273 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
sarabala1979 and others added 27 commits August 8, 2022 16:49
@sarabala1979
fix: add containerRuntimeExecutor: emissary in ci
151432f 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@alexec @sarabala1979
fix: SignalsSuite test
e4dca01 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
fix: Skip TestRunAsNonRootWithOutputParams
b7b37d5 
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@sarabala1979
Revert "fix: Correct kill command. Fixes argoproj#8687 (argoproj#8908)"
5db53aa 
This reverts commit ef3fb42.
@isubasinghe @sarabala1979
fix: cleaned key paths in gcs driver. Fixes argoproj#9958 (argoproj#9959
33bba51 
)

Signed-off-by: Isitha Subasinghe <isitha@pipekit.io>
@crenshaw-dev @sarabala1979
fix: assume plugins may produce outputs.result and outputs.exitCode (F…
859bcb1 
…ixes argoproj#9966) (argoproj#9967)

Signed-off-by: Michael Crenshaw <350466+crenshaw-dev@users.noreply.github.com>
@terrytangyuan @sarabala1979
fix: Upgrade kubectl to v1.24.8 to fix vulnerabilities (argoproj#10008)
fd31eb8 
Signed-off-by: Yuan Tang <terrytangyuan@gmail.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@terrytangyuan @sarabala1979
fix(operator): Workflow stuck at running when init container failed. F…
b19870d 
…ixes argoproj#10045 (argoproj#10047)

Signed-off-by: Yuan Tang <terrytangyuan@gmail.com>
Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>
@gmfrasca
UPSTREAM: <carry>: Update ui/package.json to use gitref for argo-ui d…
d96730c 
…ependency
UPSTREAM: <carry>: Add staticfiles to Go module file
eb37984
Merge pull request #2 from rimolive/rmartine
9743dda 
UPSTREAM: <carry>: Add staticfiles to Go module file
@DharmitD
UPSTREAM: <carry>: update go.mod packages
d60f5c7
@DharmitD
Merge pull request #5 from DharmitD/snyk-3.3-3
b02ca59 
UPSTREAM: <carry>: update go.mod packages
@DharmitD
UPSTREAM: <carry>: Update go version to 1.21
ac5cb18
@HumairAK
Merge pull request #7 from DharmitD/argo-wf-go-1.21
c18871b 
Update go version to 1.21
@VaniHaripriya
UPSTREAM: <carry>: Upgrade go.mod package versions
11c6657 
Signed-off-by: vmudadla <vmudadla@redhat.com>
@gregsheremeta
Merge pull request #10 from VaniHaripriya/RHOAIENG-10033-NEW
c65043a 
UPSTREAM: <carry>: Upgrade go.mod package versions
Add CPaaS images for argoexec and workflowcontroller
7b2d430 
Signed-off-by: Ricardo M. Oliveira <rmartine@redhat.com>
@HumairAK
Merge pull request #1 from rimolive/rmartine-rhds
8c78135 
Add CPaaS images for argoexec and workflowcontroller
Remove CPaaS lines from Argo images
69b2a31 
Signed-off-by: Ricardo M. Oliveira <rmartine@redhat.com>
@HumairAK
Merge pull request #2 from rimolive/rmartine-rhds
70769a4 
Remove CPaaS lines from Argo images
@MohammadiIram
Update Dockerfile.workflowcontroller
81fbd67 
Signed-off-by: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com>
@MohammadiIram
Update Dockerfile.workflowcontroller
19fc17c 
Signed-off-by: Mohammadi Iram <89964724+MohammadiIram@users.noreply.github.com>
@VaniHaripriya
fix: Upgrade go.mod package versions
5b38479 
Signed-off-by: vmudadla <vmudadla@redhat.com>
@VaniHaripriya
fix: update go.mod packages
61896f7 
Signed-off-by: vmudadla <vmudadla@redhat.com>
@VaniHaripriya
Merge pull request #13 from VaniHaripriya/RHOAIENG-13747-CVE-FIX
abf7b5a 
Rhoaieng 13747 CVE fix
@snyk-bot
fix: sdks/java/pom.xml to reduce vulnerabilities
279ed53 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227
@VaniHaripriya VaniHaripriya force-pushed the main branch 2 times, most recently from 19fc17c to cfa1672 Compare October 16, 2024 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.