Skip to content

fix: bump go version to 1.23.6 for CVE#1106

Merged
Arvindthiru merged 1 commit intoAzure:mainfrom
Arvindthiru:bumpGo1.23.6
Apr 7, 2025
Merged

fix: bump go version to 1.23.6 for CVE#1106
Arvindthiru merged 1 commit intoAzure:mainfrom
Arvindthiru:bumpGo1.23.6

Conversation

@Arvindthiru
Copy link
Copy Markdown
Contributor

@Arvindthiru Arvindthiru commented Apr 4, 2025
edited
Loading

Description of your changes

Fixing CVEs,

I have:

  • Run make reviewable to ensure this PR is ready for review.

How has this code been tested

Special notes for your reviewer

@kaito-pr-agent
Copy link
Copy Markdown

kaito-pr-agent Bot commented Apr 4, 2025

Title

fix: bump go version to 1.23.6 for CVE

User description

Description of your changes

Fixes #

I have:

  • Run make reviewable to ensure this PR is ready for review.

How has this code been tested

Special notes for your reviewer

PR Type

bug_fix

Description

  • Bumped Go version to 1.23.6 across multiple workflows and Dockerfiles.

  • Updated Go version in golangci.yml configuration.

  • No functional changes, purely version update.

Changes walkthrough 📝

Relevant files
Bug_fix
4 files
upgrade.yml
Bumped Go version in CI workflows                                               
.golangci.yml
Bumped Go version in golangci.yml                                               
+1/-1     
refresh-token.Dockerfile
Bumped Go version in Dockerfiles                                                 
go.mod
Bumped Go version in go.mod                                                           
+1/-1     
Additional files
7 files
ci.yml +1/-1     
code-lint.yml +1/-1     
trivy.yml +1/-1     
upgrade.yml +1/-1     
hub-agent.Dockerfile +1/-1     
member-agent.Dockerfile +1/-1     
refresh-token.Dockerfile +1/-1     
Need help?
  • Type /help how to ... in the comments thread for any questions about PR-Agent usage.
  • Check out the documentation for more information.
    		•

    @kaito-pr-agent
    Copy link
    Copy Markdown

    kaito-pr-agent Bot commented Apr 4, 2025

    PR Reviewer Guide 🔍

    Here are some key observations to aid the review process:

    🎫 Ticket compliance analysis 🔶

    500 - Partially compliant

    Compliant requirements:

    • Bump Go version to 1.23.6 for CVE

    Non-compliant requirements:

    • None

    Requires further human verification:

    • None
     Estimated effort to review: 1 🔵⚪⚪⚪⚪
    🧪 PR contains tests
    🔒 No security concerns identified
    ⚡ Recommended focus areas for review

    @kaito-pr-agent
    Copy link
    Copy Markdown

    kaito-pr-agent Bot commented Apr 4, 2025

    PR Code Suggestions ✨

    No code suggestions found for the PR.

    zhiying-lin
    zhiying-lin reviewed Apr 7, 2025
    View reviewed changes
    Comment thread .github/workflows/ci.yml
    zhiying-lin
    zhiying-lin approved these changes Apr 7, 2025
    View reviewed changes
    Copy link
    Copy Markdown
    Contributor

    @zhiying-lin zhiying-lin left a comment

    Choose a reason for hiding this comment

    The reason will be displayed to describe this comment to others. Learn more.

    Please update your PR description to include all the CVEs

    @Arvindthiru Arvindthiru merged commit 4c3b5b5 into Azure:main Apr 7, 2025
    18 checks passed
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

    Reviewers

    @zhiying-lin zhiying-lin zhiying-lin approved these changes

    Assignees

    No one assigned

    Labels

    None yet

    Projects

    None yet

    Milestone

    No milestone

    Development

    Successfully merging this pull request may close these issues.

    2 participants

    @Arvindthiru @zhiying-lin