CSPL-4153: Update dependencies to fix security vulnerabilities#1809
Merged
gabrielm-splunk merged 3 commits intodevelopfrom Apr 8, 2026
Merged
CSPL-4153: Update dependencies to fix security vulnerabilities#1809gabrielm-splunk merged 3 commits intodevelopfrom
gabrielm-splunk merged 3 commits intodevelopfrom
Conversation
Collaborator
Author
|
✅ Unit Tests Passed All unit tests completed successfully:
🔍 Container Scan Pipeline Triggered
|
kasiakoziol
approved these changes
Apr 2, 2026
kasiakoziol
reviewed
Apr 2, 2026
kasiakoziol
requested changes
Apr 2, 2026
Collaborator
Author
|
✅ Go Version Updated in All Locations Updated additional Go version references as requested: Files Updated:
Verification:
Changes pushed in: 269658b Ready for re-review! 🚀 |
- Update google.golang.org/grpc from v1.78.0 to v1.79.3 (VULN-67797) - Update github.com/buger/jsonparser from v1.1.1 to v1.1.2 (VULN-67794) - Update Go stdlib from 1.25.7 to 1.25.8 (VULN-65734) - Update gnutls via explicit microdnf update (VULN-69140) - Update other dependencies to latest compatible versions Fixes: VULN-67797, VULN-67794, VULN-65734, VULN-69140 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Gabriel Mendoza <gabrielm@splunk.com>
- Update GO_VERSION in .env: 1.25.7 → 1.25.8 - Update Dockerfile.distroless FROM golang:1.25.7 → 1.25.8 Addresses review comment to update all Go version occurrences. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Gabriel Mendoza <gabrielm@splunk.com>
gabrielm-splunk
force-pushed
the
cspl-4153-update-dependencies
branch
from
269658b to
5a463a1
Compare
Collaborator
Author
|
🔄 Commits Updated Force-pushed to clean up commit history with proper author name and DCO signoff for GitLab compatibility. All changes remain the same:
Ready for re-review! |
kasiakoziol
approved these changes
Apr 3, 2026
- Updated Dockerfile: ARG BASE_IMAGE_VERSION - Updated Makefile: comment and BASE_IMAGE_VERSION variable - Latest version pulled from registry.access.redhat.com/ubi8/ubi-minimal:8.10 Addresses review comment on PR #1809 Signed-off-by: Gabriel Mendoza <gabmendo@splunk.com>
Collaborator
Author
|
✅ UBI Base Image Updated Updated to latest UBI 8 minimal base image as requested: Changes:
Verification: docker pull registry.access.redhat.com/ubi8/ubi-minimal:8.10
# release: 1775152441 (built 2026-04-02)All instances of the old version have been updated. Ready for re-review! 🚀 |
rlieberman-splunk
approved these changes
Apr 8, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Updates dependencies to address security vulnerabilities identified in VULN tickets.
Changes
go get -uTesting
Next Steps
Related Issues
🤖 Generated with Claude Code