Update release.yaml

[amankmr1607]

No description provided.

[github-actions]

Vulnerability check results:
Scanning your code and 432 packages across 42 dependent modules for known vulnerabilities...

Vulnerability #1: GO-2023-2382
Denial of service via chunk extensions in net/http
More info: https://pkg.go.dev/vuln/GO-2023-2382
Standard library
Found in: net/http/internal@go1.21.4
Fixed in: net/http/internal@go1.21.5
Example traces found:
#1: archive/tar/tar.go:181:20: tar.Archive.Extract calls tar.Reader.Next, which eventually calls internal.chunkedReader.Read

Vulnerability LambdaTest#2: GO-2023-2185
Insecure parsing of Windows paths with a ??\ prefix in path/filepath
More info: https://pkg.go.dev/vuln/GO-2023-2185
Standard library
Found in: path/filepath@go1.21.4
Fixed in: path/filepath@go1.21.5
Platforms: windows
Example traces found:
#1: storage/backend/sftp/sftp.go:142:27: sftp.Backend.Exists calls filepath.Abs
LambdaTest#2: test/assert.go:144:19: test.EqualDirs calls filepath.Base
LambdaTest#3: storage/backend/sftp/sftp.go:142:42: sftp.Backend.Exists calls filepath.Clean
LambdaTest#4: archive/tar/tar.go:204:37: tar.Archive.Extract calls filepath.Dir
LambdaTest#5: archive/tar/tar.go:181:20: tar.Archive.Extract calls tar.Reader.Next, which calls filepath.IsLocal
LambdaTest#6: archive/tar/tar.go:201:26: tar.Archive.Extract calls filepath.Join
LambdaTest#7: test/assert.go:213:27: test.relative calls filepath.Rel
LambdaTest#8: storage/backend/alioss/alioss.go:8:2: alioss.init calls oss.init, which eventually calls filepath.VolumeName
LambdaTest#9: archive/tar/tar.go:51:26: tar.Archive.Create calls filepath.Walk
LambdaTest#10: storage/backend/sftp/sftp.go:142:27: sftp.Backend.Exists calls filepath.Abs
LambdaTest#11: test/assert.go:144:19: test.EqualDirs calls filepath.Base
LambdaTest#12: storage/backend/sftp/sftp.go:142:42: sftp.Backend.Exists calls filepath.Clean
LambdaTest#13: archive/tar/tar.go:204:37: tar.Archive.Extract calls filepath.Dir
LambdaTest#14: archive/tar/tar.go:181:20: tar.Archive.Extract calls tar.Reader.Next, which calls filepath.IsLocal
LambdaTest#15: archive/tar/tar.go:201:26: tar.Archive.Extract calls filepath.Join
LambdaTest#16: test/assert.go:213:27: test.relative calls filepath.Rel
LambdaTest#17: storage/backend/alioss/alioss.go:8:2: alioss.init calls oss.init, which eventually calls filepath.VolumeName
#18: archive/tar/tar.go:51:26: tar.Archive.Create calls filepath.Walk

Vulnerability LambdaTest#3: GO-2023-1571
Denial of service via crafted HTTP/2 stream in net/http and golang.org/x/net
More info: https://pkg.go.dev/vuln/GO-2023-1571
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20220906165146-f3363e06e74c
Fixed in: golang.org/x/net@v0.7.0
Example traces found:
#1: internal/io.go:52:21: internal.closeIo calls http2.transportResponseBody.Close, which eventually calls hpack.Decoder.Write
LambdaTest#2: storage/backend/gcs/gcs.go:54:36: gcs.New calls storage.NewClient, which eventually calls http2.ConfigureTransports
LambdaTest#3: internal/errors.go:33:28: internal.MultiError.Error calls http2.ConnectionError.Error
LambdaTest#4: test/assert.go:86:21: test.Equals calls fmt.Sprintf, which eventually calls http2.ErrCode.String
LambdaTest#5: test/assert.go:86:21: test.Equals calls fmt.Sprintf, which eventually calls http2.FrameHeader.String
LambdaTest#6: test/assert.go:86:21: test.Equals calls fmt.Sprintf, which eventually calls http2.FrameType.String
LambdaTest#7: storage/backend/gcs/gcs.go:54:36: gcs.New calls storage.NewClient, which eventually calls http2.Framer.ReadFrame
LambdaTest#8: storage/backend/gcs/gcs.go:54:36: gcs.New calls storage.NewClient, which eventually calls http2.Framer.WriteContinuation
LambdaTest#9: storage/backend/gcs/gcs.go:54:36: gcs.New calls storage.NewClient, which eventually calls http2.Framer.WriteData
LambdaTest#10: storage/backend/gcs/gcs.go:54:36: gcs.New calls storage.NewClient, which eventually calls http2.Framer.WriteHeaders
LambdaTest#11: storage/backend/gcs/gcs.go:54:36: gcs.New calls storage.NewClient, which eventually calls http2.Framer.WritePing
LambdaTest#12: storage/backend/gcs/gcs.go:54:36: gcs.New calls storage.NewClient, which eventually calls http2.Framer.WriteRSTStream
LambdaTest#13: storage/backend/gcs/gcs.go:54:36: gcs.New calls storage.NewClient, which eventually calls http2.Framer.WriteSettings
LambdaTest#14: storage/backend/gcs/gcs.go:54:36: gcs.New calls storage.NewClient, which eventually calls http2.Framer.WriteSettingsAck
LambdaTest#15: storage/backend/gcs/gcs.go:54:36: gcs.New calls storage.NewClient, which eventually calls http2.Framer.WriteWindowUpdate
LambdaTest#16: internal/errors.go:33:28: internal.MultiError.Error calls http2.GoAwayError.Error
LambdaTest#17: test/assert.go:86:21: test.Equals calls fmt.Sprintf, which eventually calls http2.Setting.String
#18: test/assert.go:86:21: test.Equals calls fmt.Sprintf, which eventually calls http2.SettingID.String
meltwater#19: storage/backend/gcs/gcs.go:54:36: gcs.New calls storage.NewClient, which eventually calls http2.SettingsFrame.ForeachSetting
meltwater#20: internal/errors.go:33:28: internal.MultiError.Error calls http2.StreamError.Error
meltwater#21: internal/errors.go:25:14: internal.MultiError.Error calls fmt.Fprintf, which eventually calls http2.chunkWriter.Write
meltwater#22: internal/errors.go:33:28: internal.MultiError.Error calls http2.connError.Error
meltwater#23: internal/errors.go:33:28: internal.MultiError.Error calls http2.duplicatePseudoHeaderError.Error
meltwater#24: internal/io.go:52:21: internal.closeIo calls http2.gzipReader.Close
meltwater#25: archive/tar/tar.go:181:20: tar.Archive.Extract calls tar.Reader.Next, which eventually calls http2.gzipReader.Read
meltwater#26: internal/errors.go:33:28: internal.MultiError.Error calls http2.headerFieldNameError.Error
meltwater#27: internal/errors.go:33:28: internal.MultiError.Error calls http2.headerFieldValueError.Error
meltwater#28: storage/backend/s3/s3.go:165:44: s3.Backend.Exists calls s3.S3.HeadObjectWithContext, which eventually calls http2.noDialH2RoundTripper.RoundTrip
meltwater#29: internal/errors.go:33:28: internal.MultiError.Error calls http2.pseudoHeaderError.Error
meltwater#30: internal/errors.go:25:14: internal.MultiError.Error calls fmt.Fprintf, which eventually calls http2.stickyErrWriter.Write
meltwater#31: internal/io.go:52:21: internal.closeIo calls http2.transportResponseBody.Close
meltwater#32: archive/tar/tar.go:181:20: tar.Archive.Extract calls tar.Reader.Next, which eventually calls http2.transportResponseBody.Read
meltwater#33: test/assert.go:86:21: test.Equals calls fmt.Sprintf, which eventually calls http2.writeData.String

=== Informational ===

Found 3 vulnerabilities in packages that you import, but there are no call
stacks leading to the use of these vulnerabilities. You may not need to
take any action. See https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck
for details.

Vulnerability #1: GO-2023-2153
Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc
More info: https://pkg.go.dev/vuln/GO-2023-2153
Module: google.golang.org/grpc
Found in: google.golang.org/grpc@v1.48.0
Fixed in: google.golang.org/grpc@v1.58.3

Vulnerability LambdaTest#2: GO-2023-2102
HTTP/2 rapid reset can cause excessive work in net/http
More info: https://pkg.go.dev/vuln/GO-2023-2102
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20220906165146-f3363e06e74c
Fixed in: golang.org/x/net@v0.17.0

Vulnerability LambdaTest#3: GO-2022-1144
Excessive memory growth in net/http and golang.org/x/net/http2
More info: https://pkg.go.dev/vuln/GO-2022-1144
Module: golang.org/x/net
Found in: golang.org/x/net@v0.0.0-20220906165146-f3363e06e74c
Fixed in: golang.org/x/net@v0.4.0

Your code is affected by 3 vulnerabilities from 1 module and the Go standard library.

Share feedback at https://go.dev/s/govulncheck-feedback.