Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Update gh cli to 2.67.0 #219

Merged
merged 1 commit into from
Mar 6, 2025
Merged

fix: Update gh cli to 2.67.0 #219

merged 1 commit into from
Mar 6, 2025

Conversation

isuftin
Copy link
Contributor

@isuftin isuftin commented Feb 28, 2025

No description provided.

@isuftin
fix: Update gh cli to 2.67.0
9dd9b51 
Signed-off-by: Ivan Suftin <[email protected]>
@isuftin
Copy link
Contributor Author

isuftin commented Feb 28, 2025

The installed version of gh-cli includes several vulnerabilities:

CRITICAL:
CVE-2024-24790
GHSA-v778-237x-gjrc

HIGH:
CVE-2023-45288
CVE-2024-24784
CVE-2024-24791
CVE-2024-34156
CVE-2024-34158
GHSA-p2h2-3vg9-4p87
GHSA-w32m-9786-jp63

There are also a number of medium vulnerabilities.

This update should clear some or all vulnerabilities

svor
svor approved these changes Mar 6, 2025
View reviewed changes
Copy link
Collaborator

@svor svor left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

(update-gh)> docker run -it --entrypoint /bin/sh quay.io/devfile/base-developer-image:ubi9-latest
sh-5.1$ 
sh-5.1$ 
sh-5.1$ gh --version
gh version 2.67.0 (2025-02-11)
https://github.com/cli/cli/releases/tag/v2.67.0

@openshift-ci openshift-ci bot added the lgtm label Mar 6, 2025
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Mar 6, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: isuftin, svor

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@svor svor merged commit 9cc669d into devfile:main Mar 6, 2025
6 of 8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@svor svor svor approved these changes

@SDawley SDawley Awaiting requested review from SDawley SDawley is a code owner

@dkwon17 dkwon17 Awaiting requested review from dkwon17 dkwon17 is a code owner

Assignees

@svor svor

Labels
lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@isuftin @svor