Skip to content

Commit

Permalink
CHANGELOG, ignore CVE-2022-27664
Browse files Browse the repository at this point in the history
  • Loading branch information
@majodev
majodev committed Sep 13, 2022
1 parent 4cf20ba commit 7b3b476
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 1 deletion.
4 changes: 3 additions & 1 deletion .trivyignore
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,4 @@
# Allow https://nvd.nist.gov/vuln/detail/CVE-2020-26160 (JWT unused, still waiting for child deps upgrade)
CVE-2020-26160
CVE-2020-26160
# https://avd.aquasec.com/nvd/2022/cve-2022-27664/ golang.org/x/net is a peer dep of many of our dependencies, require Go 1.18.6+
CVE-2022-27664
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,9 @@
## Unreleased
- ...

## 2022-09-13
- Hotfix: Previously there was a chance of recursive error wrapping within our [`internal/api/router/error_handler.go`](https://github.com/allaboutapps/go-starter/blob/master/internal/api/router/error_handler.go) in combination with `*echo.HTTPError`. We currently disable this wrapping (as not used anyways) and will schedule a cleaner update regarding this error augmentation approach.

## 2022-04-15
- Switch [from Go 1.17.1 to Go 1.17.9](https://go.dev/doc/devel/release#go1.17.minor) (requires `./docker-helper.sh --rebuild`).
- **BREAKING** Add [`tenv`](https://github.com/sivchari/tenv) and [`errorlint`](https://github.com/polyfloyd/go-errorlint) linter to our default `.golangci.yml` configuration.
Expand Down

0 comments on commit 7b3b476

Please sign in to comment.