Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stricter dependency/security review #3429

Merged

Conversation

dims
Copy link
Member

@dims dims commented Oct 14, 2023

  • Add new GH action for dependency review
  • Add new GH action for govulncheck
  • update golang version in Makefile to 1.21.3 (need this to match version in deps.yaml)

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Oct 14, 2023
@dims dims force-pushed the stricter-dependency-security-review branch from 10d2a73 to aba3ee4 Compare October 14, 2023 23:26
@k8s-ci-robot k8s-ci-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Oct 14, 2023
@codecov-commenter
Copy link

codecov-commenter commented Oct 14, 2023

Codecov Report

All modified lines are covered by tests ✅

Comparison is base (1abc9bb) 55.76% compared to head (19e855e) 55.76%.

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #3429   +/-   ##
=======================================
  Coverage   55.76%   55.76%           
=======================================
  Files         149      149           
  Lines        8827     8827           
=======================================
  Hits         4922     4922           
  Misses       3571     3571           
  Partials      334      334           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Signed-off-by: Davanum Srinivas <[email protected]>
@dims dims force-pushed the stricter-dependency-security-review branch from aba3ee4 to 19e855e Compare October 14, 2023 23:32
@dims
Copy link
Member Author

dims commented Oct 14, 2023

/assign @oliviassss @M00nF1sh

@oliviassss
Copy link
Collaborator

Thanks for this PR!
/lgtm
/assign @M00nF1sh

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 16, 2023
Copy link
Collaborator

@M00nF1sh M00nF1sh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dims, M00nF1sh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 16, 2023
@k8s-ci-robot k8s-ci-robot merged commit 22ce8e9 into kubernetes-sigs:main Oct 16, 2023
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants