[Housekeeping] upgrade github.com/mattn/go-sqlite3, golang.org/x/net #6152
Assignees
Labels
backlogged
For internal use. Reserved for contributor team workflow.
housekeeping
Issues that help maintain flyte and keep it tech-debt free
Comments
niole
added
the
housekeeping
|
Thank you for opening your first issue here! 🛠 |
wild-endeavor
added
the
backlogged
|
Similarly per CVE-2024-45337 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the issue
upgrade github.com/mattn/go-sqlite3 in datacatalog to at least 1.14.24
upgrade golang.org/x/net to at least 0.33.0
What if we do not do this?
You will have unmitigated CVEs in your codebase. For the sqlite3 dep: CVE-2023-7104, for the x/net dep: https://nvd.nist.gov/vuln/detail/CVE-2024-45338
Related component(s)
for x/net I believe it's all components, for sqlite I believe it's just datacatalog
Are you sure this issue hasn't been raised already?
Have you read the Code of Conduct?
The text was updated successfully, but these errors were encountered: