Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade alpine to 3.18.6 for security fixes #996

Merged
merged 4 commits into from
Mar 23, 2024

Conversation

dependabot bot and others added 3 commits March 13, 2024 22:59
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
…bot/go_modules/v2/google.golang.org/protobuf-1.33.0
@Mzack9999 Mzack9999 changed the base branch from main to dev March 18, 2024 22:02
@Mzack9999 Mzack9999 self-requested a review March 18, 2024 22:04
Copy link
Member

@Mzack9999 Mzack9999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@alizademhdi Thanks for your PR. I noticed that docker/github-actions updates were disabled in dependant bot (they should cover automatically upgrading docker images and github actions to new versions), so I changed your PR to re-enable them and alpine will be automatically kept up to date as a consequence).

I'm requesting a review from @ehsandeep as I see this change in multiple projects and it seems incorrect to me (while it's optional to merge external go modules, docker images/GH actions should be preferably the latest)

@ehsandeep ehsandeep merged commit f0dbb07 into projectdiscovery:dev Mar 23, 2024
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants