diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index a72f28f3..1badd9b1 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -11,7 +11,7 @@ repos: # You are encouraged to use static refs such as tags, instead of branch name # # Running "pre-commit autoupdate" would automatically updates rev to latest tag - rev: 0.13.1+ibm.48.dss + rev: 0.13.1+ibm.61.dss hooks: - id: detect-secrets # pragma: whitelist secret # Add options for detect-secrets-hook binary. You can run `detect-secrets-hook --help` to list out all possible options. diff --git a/.secrets.baseline b/.secrets.baseline index c3b13df9..cc9aa2b8 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "go.*|^.secrets.baseline$", "lines": null }, - "generated_at": "2024-12-04T15:31:55Z", + "generated_at": "2025-02-13T15:51:39Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -1170,7 +1170,7 @@ } ] }, - "version": "0.13.1+ibm.62.dss", + "version": "0.13.1+ibm.61.dss", "word_list": { "file": null, "hash": null diff --git a/CHANGELOG.md b/CHANGELOG.md index 1301a7d0..3d3b3a30 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,11 @@ This project adheres to [Semantic Versioning](http://semver.org/). ## v-next +## v0.13.24 +Released: 2025-02-13 + +* Update to github.com/golang/glog:v1.24.0 for CVE-2024-45339 + ## v0.13.23 Released: 2025-01-02 diff --git a/Makefile b/Makefile index d3936028..7d2d1fb7 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ GOFILES=$(shell find . -type f -name '*.go' -not -path "./code-generator/*" -not -path "./pkg/apis/*") GOPACKAGES=$(shell go list ./... | grep -v test/ | grep -v pkg/apis/) -VERSION=v0.13.23 +VERSION=v0.13.24 TAG=$(VERSION) GOTAGS='containers_image_openpgp' diff --git a/go.mod b/go.mod index 6e17eede..4e802e2f 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/containers/image/v5 v5.30.1 github.com/docker/distribution v2.8.3+incompatible github.com/gofrs/uuid v4.2.0+incompatible - github.com/golang/glog v1.2.0 + github.com/golang/glog v1.2.4 github.com/gorilla/mux v1.8.1 github.com/onsi/ginkgo v1.16.5 github.com/onsi/gomega v1.29.0 diff --git a/go.sum b/go.sum index 284d155d..58def785 100644 --- a/go.sum +++ b/go.sum @@ -123,8 +123,8 @@ github.com/gogo/protobuf v1.0.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7a github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= -github.com/golang/glog v1.2.0 h1:uCdmnmatrKCgMBlM4rMuJZWOkPDqdbZPnrMXDY4gI68= -github.com/golang/glog v1.2.0/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= +github.com/golang/glog v1.2.4 h1:CNNw5U8lSiiBk7druxtSHHTsRWcxKoac6kZKm2peBBc= +github.com/golang/glog v1.2.4/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.4/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= diff --git a/helm/portieris/Chart.yaml b/helm/portieris/Chart.yaml index a819abb4..cbac8c87 100644 --- a/helm/portieris/Chart.yaml +++ b/helm/portieris/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: portieris -version: v0.13.23 +version: v0.13.24 description: Admission Controller webhook for enforcing image trust in your cluster maintainers: - name: Stuart Hayton @@ -9,5 +9,3 @@ maintainers: email: jack.baines@uk.ibm.com - name: Michael Hough email: michaelh@uk.ibm.com - - name: Aaron Collins - email: aaron.collins1@ibm.com diff --git a/helm/portieris/values.yaml b/helm/portieris/values.yaml index 525b42e5..e59fb286 100644 --- a/helm/portieris/values.yaml +++ b/helm/portieris/values.yaml @@ -15,7 +15,7 @@ image: host: icr.io/portieris pullSecret: image: portieris - tag: v0.13.23 + tag: v0.13.24 pullPolicy: Always service: