Wilfred Spiegelenburg created YUNIKORN-3161:
-----------------------------------------------
Summary: Update Go depenedencies for CVE fixes
Key: YUNIKORN-3161
URL: https://issues.apache.org/jira/browse/YUNIKORN-3161
Project: Apache YuniKorn
Issue Type: Task
Components: core - common, release, scheduler-interface, shim -
kubernetes, webapp
Reporter: Wilfred Spiegelenburg
In preparation for the next release and branch we need to upgrade the
dependencies to CVE free versions (x/crypto) and or the latest versions.
available.
Looking at dependencies like these in all repositories: * golang.org/x/crypto
* golang.org/x/exp
* golang.org/x/net
* golang.org/x/oauth2
* golang.org/x/sync
* golang.org/x/sys
* golang.org/x/term
* golang.org/x/text
* golang.org/x/time
* golang.org/x/tools
Need to consider this in combination with the update of the go-repro version
via [YUNIKORN-3144|https://github.com/apache/yunikorn-k8shim/pull/991] to
1.25.x which could be 3, 4 or 5 depending one when exactly we change.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
