Commit f4d3f2d
committed
chore(deps): update tektoncd/pipeline to v1.0.2
Upgrade github.com/tektoncd/pipeline to v1.0.2 to fix
CVE-2026-40161 (GHSA-wjxp-xrpv-xpff), a high-severity
credential exposure flaw in the git resolver API mode
that leaks configured Git API tokens to attacker-controlled
endpoints when users omit the token parameter with a
custom serverURL.
Signed-off-by: Akshay Pant <akpant@redhat.com>1 parent ddeeb41 commit f4d3f2d
5 files changed
Lines changed: 10 additions & 8 deletions
File tree
- vendor
- github.com/tektoncd/pipeline/pkg/apis/pipeline
- v1beta1
- v1
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
28 | 28 | | |
29 | 29 | | |
30 | 30 | | |
31 | | - | |
| 31 | + | |
32 | 32 | | |
33 | 33 | | |
34 | 34 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
458 | 458 | | |
459 | 459 | | |
460 | 460 | | |
461 | | - | |
462 | | - | |
| 461 | + | |
| 462 | + | |
463 | 463 | | |
464 | 464 | | |
465 | 465 | | |
| |||
Lines changed: 3 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Lines changed: 3 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
378 | 378 | | |
379 | 379 | | |
380 | 380 | | |
381 | | - | |
| 381 | + | |
382 | 382 | | |
383 | 383 | | |
384 | 384 | | |
| |||
0 commit comments