Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix CVE-2024-21626 #34

Merged
merged 1 commit into from
Mar 8, 2024
Merged

fix CVE-2024-21626 #34

merged 1 commit into from
Mar 8, 2024

Conversation

tarilabs
Copy link
Member

@tarilabs tarilabs commented Mar 8, 2024

see also: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERD-6219724

How Has This Been Tested?

make test

Merge criteria:

  • The commits and have meaningful messages; the author will squash them after approval or will ask to merge with squash.
  • [n/a] Testing instructions have been added in the PR body (for PRs involving changes that are not immediately obvious).
  • The developer has manually tested the changes and verified that the changes work

@tarilabs tarilabs requested a review from rareddy March 8, 2024 13:35
rareddy
rareddy approved these changes Mar 8, 2024
View reviewed changes
Copy link
Contributor

@rareddy rareddy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve
/lgtm

@google-oss-prow google-oss-prow bot added the lgtm label Mar 8, 2024
@google-oss-prow Google OSS Prow
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rareddy, tarilabs

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@google-oss-prow google-oss-prow bot merged commit 83ef5e8 into kubeflow:main Mar 8, 2024
11 checks passed
openshift-merge-bot bot referenced this pull request in opendatahub-io/model-registry Mar 8, 2024
@pull @dependabot
@lampajr @tarilabs
[pull] main from kubeflow:main (#23)
37385f0 
* build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#27)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add first draft of model registry kserve custom storage initializer (#25)

* Add first draft of model registry custom storage initializer

Signed-off-by: Andrea Lamparelli <[email protected]>

* Add documentation and get started guide

Signed-off-by: Andrea Lamparelli <[email protected]>

---------

Signed-off-by: Andrea Lamparelli <[email protected]>

* fix: ensure consistency ns(omitted) for istio manifests (#31)

* fix: ensure consistency ns(omitted) for istio manifests

Signed-off-by: Matteo Mortari <[email protected]>

* add default ns to kustomization for consistency

with manifests/kustomize/overlays/{db} kustomizations

Signed-off-by: Matteo Mortari <[email protected]>

---------

Signed-off-by: Matteo Mortari <[email protected]>

* fix CVE-2024-21626 (#34)

see also: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERDCONTAINERD-6219724

Signed-off-by: Matteo Mortari <[email protected]>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Andrea Lamparelli <[email protected]>
Signed-off-by: Matteo Mortari <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Andrea Lamparelli <[email protected]>
Co-authored-by: Matteo Mortari <[email protected]>
rkubis pushed a commit to rkubis/model-registry that referenced this pull request Mar 27, 2024
@tonyxrmdavidson
This commit makes changes to use the comminuty ODH operator from the …
785e8f1 
…community operators in openshift marketplace. (kubeflow#34)
dhirajsb pushed a commit to dhirajsb/model-registry-kfp that referenced this pull request May 22, 2024
@tarilabs @lampajr
Add first draft of Data Access Layer, with test (kubeflow#34)
57395c7 
* Add first draft of Data Access Layer, with test

* implement code review feedback

* move code into file structure as requested

* Move DB fn into db_context.go

* Reuse enum from db/type.go

* Use :memory: sqlite as requested

---------

Co-authored-by: Andrea Lamparelli <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rareddy rareddy rareddy approved these changes

@andreyvelich andreyvelich Awaiting requested review from andreyvelich

@ckadner ckadner Awaiting requested review from ckadner

@zijianjoy zijianjoy Awaiting requested review from zijianjoy

Assignees

@rareddy rareddy

Labels
approved lgtm size/XS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tarilabs @rareddy