Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CP-24317: Resolve GHSA-w32m-9786-jp63 #77

Merged
merged 2 commits into from
Dec 19, 2024
Merged

CP-24317: Resolve GHSA-w32m-9786-jp63 #77

merged 2 commits into from
Dec 19, 2024

Conversation

josephbarnett
Copy link
Collaborator

@josephbarnett josephbarnett commented Dec 19, 2024
edited
Loading

Update versions to resolve CVEs

➜  ~ grype ghcr.io/cloudzero/cloudzero-agent-validator/cloudzero-agent-validator:dev-f62ae72592dad780e6f869e9cb6a5e952535a398
 ✔ Pulled image
 ✔ Loaded image                                                                                                                    ghcr.io/cloudzero/cloudzero-agent-validator/cloudzero-agent-validator:dev-f62ae72592dad780e6f869e9cb6a5e952535a398
 ✔ Parsed image                                                                                                                                                               sha256:790c5e279d6975321b12006249c02c577663efb5fbd2344540ef7be6680faa1a
 ✔ Cataloged contents                                                                                                                                                                7eb461aead430f3f22647121d5bd3ed4fcd73125115404f9468a86e4e457c601
   ├── ✔ Packages                        [54 packages]
   ├── ✔ File digests                    [2 files]
   ├── ✔ File metadata                   [2 locations]
   └── ✔ Executables                     [3 executables]
 ✔ Scanned for vulnerabilities     [1 vulnerability matches]
   ├── by severity: 0 critical, 1 high, 0 medium, 0 low, 0 negligible
   └── by status:   1 fixed, 0 not-fixed, 0 ignored
NAME              INSTALLED  FIXED-IN  TYPE       VULNERABILITY        SEVERITY
golang.org/x/net  v0.28.0    0.33.0    go-module  GHSA-w32m-9786-jp63  High
➜  ~ grype ghcr.io/cloudzero/cloudzero-agent-validator/cloudzero-agent-validator:dev-8d14f71cbce48c9ca5e829c811d0c3527ef09810
 ✔ Pulled image
 ✔ Loaded image                                                                                                                    ghcr.io/cloudzero/cloudzero-agent-validator/cloudzero-agent-validator:dev-8d14f71cbce48c9ca5e829c811d0c3527ef09810
 ✔ Parsed image                                                                                                                                                               sha256:d92d2d342fe648d8a5d6086722f95b063a37c3606d0b069e63f6839cb6424310
 ✔ Cataloged contents                                                                                                                                                                d1eb61322d67af1b25e4594f0533b7a83bca21fb0b63f13f0912e9d4a2ab57b0
   ├── ✔ Packages                        [54 packages]
   ├── ✔ File digests                    [2 files]
   ├── ✔ File metadata                   [2 locations]
   └── ✔ Executables                     [3 executables]
 ✔ Scanned for vulnerabilities     [0 vulnerability matches]
   ├── by severity: 0 critical, 0 high, 0 medium, 0 low, 0 negligible
   └── by status:   0 fixed, 0 not-fixed, 0 ignored
No vulnerabilities found

@josephbarnett josephbarnett marked this pull request as ready for review December 19, 2024 19:28
@josephbarnett josephbarnett requested a review from a team as a code owner December 19, 2024 19:28
@josephbarnett josephbarnett changed the title bump busybox version CP-24317: Resolve GHSA-w32m-9786-jp63 Dec 19, 2024
@josephbarnett josephbarnett merged commit cbb03f2 into develop Dec 19, 2024
6 checks passed
@josephbarnett josephbarnett deleted the GHSA-w32m-9786-jp63 branch December 19, 2024 19:32
evan-cz pushed a commit that referenced this pull request Jan 13, 2025
@josephbarnett
Merge pull request #77 from Cloudzero/CP-22734-basic-metrics
fd42236 
CP-22734: add basic application metrics
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@roberthocking roberthocking roberthocking approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@josephbarnett @roberthocking