github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
105,139 Commits 1 Branch 31 Tags
51b94de68f0889e4e9bd5bc7673041f1275ca175
Commit Graph

22 Commits

Author SHA1 Message Date
Pushkar Joglekar
63a23f1ed7 Transitive dependency: high CVE fix 
heketi that is dependency for glusterfs was updated to import a fork of jwt-go that fixes
a high severity CVE-2020-26160 by importing a forked repo (form3tech-oss/jwt-go) that fixes
the CVE as the original repo (dgrijalva/jwt-go) has a fix with breaking changes and
the repo is generally loosely maintained.

This fork is already being used in other places in kubernetes. Heketi 10.3.0 includes this fix.

NOTE: The vulnerable function is not used by heketi or kubernetes. So the vulnerable package is a
transitive dependency and this fix will reduce false postive CVE alerts on kubernetes

Bumped github.com/auth0/go-jwt-middleware to v1.0.0 which removes dgrijalva/jwt-go cleanly

Fixing test failures: pull-kubernetes-dependencies

Removing unused dependencies in replace block to fix test failures: pull-kubernetes-dependencies

Bump go-jwt-middleware to v1.0.1 to *not* pull in examples only deps
 2021-06-22 07:35:13 -07:00
Benjamin Elder
56e092e382 hack/update-bazel.sh 2021-02-28 15:17:29 -08:00
Jordan Liggitt
8ddd9ef759 bump github.com/heketi/heketi v10.2.0 2021-01-11 11:07:05 -05:00
Jordan Liggitt
a1b31aaf74 Bump github.com/heketi/heketi to c2e2a4ab7ab9 2019-09-17 16:54:46 -04:00
Humble Chirammal
387a4131ca Update heketi vendor dependency to v9.0.0 
Fix# https://github.com/kubernetes/kubernetes/issues/79234

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2019-06-21 17:15:23 +05:30
Humble Chirammal
92fa290ead Update heketi dependencies to sha@558b29266ce0a873991ecfb3edc41a668a998514. 
Fixes #
https://github.com/kubernetes/kubernetes/issues/70802

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2018-11-09 21:08:56 +05:30
Jeff Grafton
23ceebac22 Run hack/update-bazel.sh 2018-06-22 16:22:57 -07:00
Jeff Grafton
a725660640 Update to gazelle 0.12.0 and run hack/update-bazel.sh 2018-06-22 16:22:18 -07:00
Jeff Grafton
aee5f457db update BUILD files 2017-10-15 18:18:13 -07:00
Jeff Grafton
653d05c169 Regenerate all BUILD files in vendor/ from scratch using gazelle 2017-08-16 15:48:25 -07:00
Jeff Grafton
a7f49c906d Use buildozer to delete licenses() rules except under third_party/ 2017-08-11 09:32:39 -07:00
Jeff Grafton
33276f06be Use buildozer to remove deprecated automanaged tags 2017-08-11 09:31:50 -07:00
Humble Chirammal
777789ac93 Update heketi vendor dependencies. 
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2017-07-09 21:47:27 +05:30
Vishnu kannan
d1b4dba440 adding support for gpus in node e2e 
Signed-off-by: Vishnu kannan <vishnuk@google.com>
 2017-05-13 16:35:54 -07:00
Humble Chirammal
1a2de0ee60 Update Bazel build. 
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2017-05-02 12:45:08 +05:30
Humble Chirammal
cfdd17a896 Update glusterfs vendor dependencies to sha@7a54b6f 
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2017-05-02 11:19:45 +05:30
Mike Danese
a05c3c0efd autogenerated 2017-04-14 10:40:57 -07:00
Timothy St. Clair
93c051e28f Level sets dependency graph to consume etcd 3.1.5 2017-04-11 08:34:40 -05:00
Saad Ali
d41b3b0929 Revert "Add missing vendor files to make godeps happy" 2016-11-02 20:56:06 -07:00
saadali
e9afbd5cdf Add missing vendor files to make godeps happy 2016-11-02 18:55:10 -07:00
Humble Chirammal
e07863e239 Update heketi dependency to release3. 
commit hash#28b5cc4cc6d2b9bdfa91ed1b93efaab4931aa697

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2016-10-24 22:36:28 +05:30
Humble Chirammal
836ac6e403 GlusterFS dynamic provisioner and deleter interface based on StorageClass claims 
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
 2016-08-19 23:03:32 +05:30