kubernetes-csi/csi-driver-nfs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,151 Commits 1 Branch 0 Tags
Commit Graph

47 Commits

Author SHA1 Message Date
andyzhangx
eec1fd54ec fix: CVE-2023-48795 2023-12-19 08:42:45 +00:00
dependabot[bot]
a0898e0b4c
chore(deps): bump golang.org/x/net from 0.18.0 to 0.19.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.18.0 to 0.19.0.
- [Commits](https://github.com/golang/net/compare/v0.18.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-04 23:00:23 +00:00
andyzhangx
8d1777490a chore: upgrade to k8s 1.28.4 lib 
fix
 2023-11-28 12:53:12 +00:00
dependabot[bot]
6ad5168898
chore(deps): bump golang.org/x/net from 0.17.0 to 0.18.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/net/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-11-09 22:58:09 +00:00
Pierre Prinetti
93be2ff7ac
Bump Go and golang.org/x/... to recent versions 
Mitigations to CVE-2023-44487 were added to golang.org/x/net v0.17
(c4e9120dde92bc2cce99f853d4f1c5afe1cbaa23) and in Go v1.20.10[1]. This PR
bumps Go to v1.20 to benefit from the patches to the standard library.

Aside, this patch also bump the pseudo-standard golang.org/x/...
libraries to their latest available version for good measure.

[1]: https://pkg.go.dev/vuln/GO-2023-2102
 2023-10-19 17:05:04 +02:00
dependabot[bot]
c70d7b6163
chore(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.3 to 1.59.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.58.3...v1.59.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-17 22:52:33 +00:00
dependabot[bot]
d6a65ac55a
chore(deps): bump golang.org/x/net from 0.16.0 to 0.17.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-10 23:04:37 +00:00
dependabot[bot]
8fc7c4a66f
chore(deps): bump golang.org/x/net from 0.15.0 to 0.16.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/net/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-06 22:13:49 +00:00
dependabot[bot]
3e3108e2f7
chore(deps): bump github.com/onsi/gomega from 1.27.10 to 1.28.0 
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.10 to 1.28.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.27.10...v1.28.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 01:18:13 +00:00
andyzhangx
3196a6d209 chore: upgrade k8s lib to 1.26 2023-10-03 03:31:38 +00:00
dependabot[bot]
29330cf27e
chore(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.2 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.57.0 to 1.58.2.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.57.0...v1.58.2)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-22 22:21:00 +00:00
dependabot[bot]
637cdf6649
chore(deps): bump golang.org/x/net from 0.14.0 to 0.15.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/net/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-05 23:03:50 +00:00
dependabot[bot]
76d66e2d5c
chore(deps): bump golang.org/x/net from 0.13.0 to 0.14.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/net/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-07 22:53:22 +00:00
dependabot[bot]
e74cb0505e
chore(deps): bump golang.org/x/net from 0.12.0 to 0.13.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/net/compare/v0.12.0...v0.13.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-03 23:00:03 +00:00
dependabot[bot]
6d41f01685
chore(deps): bump google.golang.org/grpc from 1.40.0 to 1.56.2 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.40.0 to 1.56.2.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.40.0...v1.56.2)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-18 22:16:59 +00:00
dependabot[bot]
36281fa581
chore(deps): bump golang.org/x/net from 0.10.0 to 0.12.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.10.0 to 0.12.0.
- [Commits](https://github.com/golang/net/compare/v0.10.0...v0.12.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-15 07:08:54 +00:00
andyzhangx
e4d0acedaa fix: CVE-2022-1996, CVE-2023-2431 2023-07-15 03:04:16 +00:00
dependabot[bot]
cbd1689e09
chore(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.8 
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.27.6 to 1.27.8.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.27.6...v1.27.8)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-29 22:33:35 +00:00
dependabot[bot]
b555128e70
chore(deps): bump github.com/onsi/gomega from 1.10.1 to 1.27.6 
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.10.1 to 1.27.6.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.10.1...v1.27.6)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-09 23:04:18 +00:00
dependabot[bot]
eb5b685f9f
chore(deps): bump golang.org/x/net from 0.7.0 to 0.9.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.7.0 to 0.9.0.
- [Commits](https://github.com/golang/net/compare/v0.7.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-05 23:02:56 +00:00
andyzhangx
90f207afdd fix: CVE-2022-41723 2023-02-17 13:56:44 +00:00
andyzhangx
f8ff3228f4 cleanup: vendor dependencies 2023-02-13 14:23:59 +00:00
andyzhangx
7bec83a83e cleanup: remove golang.org/x/text version dependency 2023-02-13 14:20:50 +00:00
fsl
40d7d5bca5 fix: upgrade package dependencies 2023-01-15 16:57:04 +08:00
fsl
1ddab947bc fix: upgrade package dependencies 2023-01-15 16:55:29 +08:00
andyzhangx
42bcb959a2 fix: CVE-2022-41717 2022-12-12 09:24:07 +00:00
andyzhangx
f5b5838ea1 fix: CVE-2022-32149 2022-10-12 02:49:43 +00:00
andyzhangx
0585d5e329 fix: CVE-2022-27664 2022-09-15 12:46:39 +00:00
andyzhangx
40e3d56201 fix: CVE-2022-29526 2022-08-04 12:32:20 +00:00
andyzhangx
4ed0c5d644 chore: Update golang.org/x/crypto for CVE-2022-27191 2022-04-13 08:31:45 +00:00
andyzhangx
fa463459a5 chore: upgrade to k8s v1.23.3 lib 2022-02-06 13:43:30 +00:00
andyzhangx
9cf4719a97 chore: upgrade to k8s 1.23 lib 2021-12-31 07:40:41 +00:00
andyzhangx
e34d2b0af0 fix: CVE-2021-38561 with golang lib 2021-12-21 08:31:04 +00:00
Pierre Prinetti
6abb111ac6
Bump k8s to v.0.22.3 
Fully address CVE-2021-3121 in the process.
 2021-11-15 14:59:23 +01:00
Matthew Booth
f60438f5bf Bump k8s to v0.21.0 2021-04-26 09:48:33 +01:00
andyzhangx
f7a1b9aec1 chore: upgrade k8s dependencies 2021-01-02 00:46:27 +00:00
Michelle Au
1238d27bad Update vendor to k8s 1.19 and csi-lib-utils to 0.9.0 
Change-Id: I607c182c09a88a7daf1e4ffb67a28ab16d1f23ae
 2020-11-30 18:23:47 -08:00
Jiaxun Song
bfdc82f398 fix: make verify checks 2020-11-18 19:02:49 +00:00
Mayank Shah
a43b9f831a Add E2E test 
- DynamicallyProvisionedCollocatedPodTest
- DynamicallyProvisionedReadOnlyVolumeTest
- DynamicallyProvisionedDeletePodTest
- DynamicallyProvisionedReclaimPolicyTest
- DynamicallyProvisionedPodWithMultiplePVTest

Signed-off-by: Mayank Shah <mayankshah1614@gmail.com>
 2020-11-12 15:24:23 +05:30
Mayank Shah
5747698dff Add DynamicallyProvisionedCmdVolumeTest 
Signed-off-by: Mayank Shah <mayankshah1614@gmail.com>
 2020-11-11 20:47:25 +05:30
Mayank Shah
21db7fafe6 Update vendor directory 
Signed-off-by: Mayank Shah <mayankshah1614@gmail.com>
 2020-11-03 23:56:05 +05:30
Mayank Shah
002b246eb0 Update k8s.io/kubernetes to use v1.18.0 
Signed-off-by: Mayank Shah <mayankshah1614@gmail.com>
 2020-11-02 20:33:59 +05:30
Jan Safranek
57a7112c3b Bump golang.org/x/text to 0.3.3 
To fix CVE-2020-14040.
 2020-08-17 12:39:12 +02:00
Jan Wozniak
aec3981aee Cleanup indirect dependencies 2020-02-02 16:05:40 +01:00
Jan Wozniak
0e6e8d1926 Update vendor from go modules 
$ go mod tidy
$ go mod vendor
 2020-02-02 15:55:23 +01:00
Mathusan Selvarajah
04b68cc678 update vendor files to kube 1.14 2019-04-23 15:42:44 -04:00
prateekpandey14
9e60b2f3c8 Add vendor dependencies 
Signed-off-by: prateekpandey14 <prateekpandey14@gmail.com>
 2019-02-07 14:49:15 +05:30