Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pulumi/3.136.1 package update #30317

Merged
merged 1 commit into from
Oct 8, 2024
Merged

pulumi/3.136.1 package update #30317

merged 1 commit into from
Oct 8, 2024
+2 −2

Conversation

octo-sts[bot]
Copy link
Contributor

@octo-sts octo-sts bot commented Oct 8, 2024

@octo-sts octo-sts bot added request-version-update request for a newer version of a package automated pr P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. labels Oct 8, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 8, 2024

Package pulumi: Click to expand/collapse

Package pulumi:
Modified: /usr/bin/pulumi

Package pulumi-language-go: Click to expand/collapse

Package pulumi-language-go:
Modified: /usr/bin/pulumi-language-go

Package pulumi-language-nodejs: Click to expand/collapse

Package pulumi-language-nodejs:
Modified: /usr/bin/pulumi-language-nodejs

Package pulumi-language-python: Click to expand/collapse

Package pulumi-language-python:
Modified: /usr/bin/pulumi-language-python

malcontent found differences: Click to expand/collapse

Deleted: pulumi-language-go/var/lib/db/sbom/pulumi-language-go-3.136.0-r0.spdx.json [⚠️ MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/download download files downloadLocation
-LOW ref/site/url contains embedded HTTPS URLs https://spdx.org/spdxdocs/chainguard/melange/345c93169d8321b76fdd8583ebf4

Deleted: pulumi-language-python/var/lib/db/sbom/pulumi-language-python-3.136.0-r0.spdx.json [⚠️ MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/download download files downloadLocation
-LOW ref/site/url contains embedded HTTPS URLs https://spdx.org/spdxdocs/chainguard/melange/7dc0b8b1abc32b2961f75eb5f75c

Deleted: pulumi-language-nodejs/var/lib/db/sbom/pulumi-language-nodejs-3.136.0-r0.spdx.json [⚠️ MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
-MEDIUM net/download download files downloadLocation
-LOW ref/site/url contains embedded HTTPS URLs https://spdx.org/spdxdocs/chainguard/melange/9d93ea8bf4b14d7dee2600fccda5

Added: pulumi-language-python/var/lib/db/sbom/pulumi-language-python-3.136.1-r0.spdx.json [⚠️ MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/download download files downloadLocation
+LOW ref/site/url contains embedded HTTPS URLs https://spdx.org/spdxdocs/chainguard/melange/00e77d6784dbe3397befdb7ad61e

Added: pulumi-language-nodejs/var/lib/db/sbom/pulumi-language-nodejs-3.136.1-r0.spdx.json [⚠️ MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/download download files downloadLocation
+LOW ref/site/url contains embedded HTTPS URLs https://spdx.org/spdxdocs/chainguard/melange/2a7d921c19a622f3a260fcba29f3

Added: pulumi-language-go/var/lib/db/sbom/pulumi-language-go-3.136.1-r0.spdx.json [⚠️ MEDIUM]

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/download download files downloadLocation
+LOW ref/site/url contains embedded HTTPS URLs https://spdx.org/spdxdocs/chainguard/melange/58b7365b866be59d34bb32b2e580

Changed: /tmp/wolfictl-apk-2199572520/pulumi-language-go/usr/bin/pulumi-language-go

Changed: /tmp/wolfictl-apk-2199572520/pulumi-language-python/usr/bin/pulumi-analyzer-policy-python

Changed: /tmp/wolfictl-apk-2199572520/pulumi/usr/bin/pulumi

Changed: /tmp/wolfictl-apk-2199572520/pulumi-language-nodejs/usr/bin/pulumi-language-nodejs

Changed: /tmp/wolfictl-apk-2199572520/pulumi-language-python/usr/bin/pulumi-language-python

Changed: /tmp/wolfictl-apk-2199572520/pulumi-language-python/usr/bin/pulumi-language-python-exec

Changed: /tmp/wolfictl-apk-2199572520/pulumi-language-python/usr/bin/pulumi-resource-pulumi-python

Moved: pulumi/var/lib/db/sbom/pulumi-3.136.0-r0.spdx.json -> /tmp/wolfictl-apk-2199572520/pulumi/var/lib/db/sbom/pulumi-3.136.1-r0.spdx.json (similarity: 0.99)

@octo-sts octo-sts bot added the bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. label Oct 8, 2024
@mamccorm mamccorm merged commit 34b072a into main Oct 8, 2024
15 checks passed
@mamccorm mamccorm deleted the wolfictl-7f4c3ab4-aba7-4102-a09a-d29a92bac8f3 branch October 8, 2024 18:55
gdonval pushed a commit to gdonval/wolfi-os that referenced this pull request Oct 9, 2024
@octo-sts @wolfi-bot
pulumi/3.136.1 package update (wolfi-dev#30317)
d5bc41f 
<p align="center">
<img
src="https://raw.githubusercontent.com/wolfi-dev/.github/b535a42419ce0edb3c144c0edcff55a62b8ec1f8/profile/wolfi-logo-light-mode.svg"
/>
</p>

Signed-off-by: wolfi-bot <[email protected]>
Co-authored-by: wolfi-bot <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mamccorm mamccorm mamccorm approved these changes

Assignees
No one assigned
Labels
automated pr bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. request-version-update request for a newer version of a package
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mamccorm @wolfi-bot