Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

go.mod: fix security issues reported by dependabot #139

Merged
merged 1 commit into from
Feb 27, 2024
Merged

go.mod: fix security issues reported by dependabot #139

merged 1 commit into from
Feb 27, 2024

Conversation

kevinburkesegment
Copy link
Contributor

Not sure if we are actually affected but seems like good practice to keep dependencies up to date.

@kevinburkesegment kevinburkesegment requested a review from a team as a code owner February 7, 2024 22:05
@kevinburkesegment kevinburkesegment requested review from kalamay and erikdw and removed request for a team February 7, 2024 22:06
@kevinburkesegment
Copy link
Contributor Author

The build is failing due to the same Alpine compile issue that I've tried to fix in my other PR

@kalamay
Copy link
Contributor

kalamay commented Feb 7, 2024

The build is failing due to the same Alpine compile issue that I've tried to fix in my other PR

The quick fix for this is to set CGO_CFLAGS="-D_LARGEFILE64_SOURCE" which gets musl to define pread64 and pwrite64. However, this isn't really a sustainable solution for everyone to do. I'm just putting this here for some visibility.

@kevinburkesegment kevinburkesegment force-pushed the kevinburke-update-dependabot branch from bb50858 to c8c63ad Compare February 9, 2024 19:32
@kevinburkesegment kevinburkesegment force-pushed the kevinburke-update-dependabot branch from c8c63ad to 496938a Compare February 26, 2024 22:18
@kevinburkesegment
go.mod: fix security issues reported by dependabot
9bb6b76 
Not sure if we are actually affected but seems like good practice to
keep dependencies up to date.
@kevinburkesegment kevinburkesegment force-pushed the kevinburke-update-dependabot branch from 496938a to 9bb6b76 Compare February 26, 2024 22:19
@kevinburkesegment
Copy link
Contributor Author

Alpine build issue has been fixed so this is ready for another look.

kalamay
kalamay approved these changes Feb 27, 2024
View reviewed changes
Copy link
Contributor

@kalamay kalamay left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me!

@kevinburkesegment kevinburkesegment merged commit 9bb6b76 into master Feb 27, 2024
7 of 8 checks passed
@kevinburkesegment kevinburkesegment deleted the kevinburke-update-dependabot branch February 27, 2024 04:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kalamay kalamay kalamay approved these changes

@erikdw erikdw Awaiting requested review from erikdw

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kevinburkesegment @kalamay