Dependabot/go modules/golang.org/x/crypto 0.45.0#371
Dependabot/go modules/golang.org/x/crypto 0.45.0#371hlipsig wants to merge 21 commits intorelease-4.19from
Conversation
[ARO-20321] Don't check for availability zones in bad regions (like centraluseuap)
ARO-14269 Fluentbit update to latest support version 4.0.4
Add red-hat-managed: true tag to install-config
Remove jewzaam from OWNERS
- GHSA-qxp5-gwg8-xv66 - GHSA-vvgc-356p-c3xw (CVE-2025-22872) - Updated related dependencies (x/crypto, x/sync, x/sys, x/term, x/text) System library vulnerabilities (glibc, krb5, libxml2) will be fixed on image rebuild.
ARO-21088: Installer vulnerabilities September 2025
This reverts commit 326633f.
Revert "Add red-hat-managed: true tag to install-config"
Signed-off-by: Daniel J. Holmes (jaitaiwan) <daholmes@redhat.com>
Signed-off-by: Daniel J. Holmes (jaitaiwan) <daholmes@redhat.com>
Signed-off-by: Daniel J. Holmes (jaitaiwan) <daholmes@redhat.com>
Signed-off-by: Daniel J. Holmes (jaitaiwan) <daholmes@redhat.com>
Signed-off-by: Daniel J. Holmes (jaitaiwan) <daholmes@redhat.com>
Remove pkg/api in favour of ARO-RP/pkg/api
Split image configuration into granular build args for better flexibility: Builder image args: - BUILDER_REGISTRY (default: registry.ci.openshift.org) - BUILDER_REPOSITORY (default: ocp/builder) - BUILDER_TAG (default: rhel-9-golang-1.24-openshift-4.20) Base image args: - REGISTRY (default: registry.access.redhat.com) - REPOSITORY (default: ubi9/ubi-minimal) - TAG (default: latest) This allows customizing individual components (registry, repository, or tag) without modifying the Dockerfile, making it more flexible for different environments (e.g., using MCR images for OneBranch pipelines). Defaults maintain existing behavior.
…d-images Make builder and base images configurable via build args
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.36.0 to 0.45.0. - [Commits](golang/crypto@v0.36.0...v0.45.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.45.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
|
PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
openshift-merge-robot
added
the
needs-rebase
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: hlipsig The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
Bot
added
the
approved
|
@hlipsig: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
Issues go stale after 90d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle stale |
openshift-ci
Bot
added
the
lifecycle/stale
|
Stale issues rot after 30d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle rotten |
openshift-ci
Bot
added
lifecycle/rotten
11 participants
Dependency bumps should be double checked against the active release branch before merge to main.