Tags: tektoncd/pipeline
Tags
Fix: Identify workspace usage in a Task Manual cherry-pick to avoid conflict with step-params. Prior to this, when identifying whether a Task used a workspace, we limited the check to command, args and scripts in steps, stepTemplates and sidecars. However, the workspace path could also be used as a param to a StepAction or env cariables in steps and sidecars and also workingDirs. This PR fixes that. Fixes #8008.
Fix: Identify workspace usage in a Task Prior to this, when identifying whether a Task used a workspace, we limited the check to command, args and scripts in steps, stepTemplates and sidecars. However, the workspace path could also be used as a param to a StepAction or env cariables in steps and sidecars and also workingDirs. This PR fixes that. Fixes #8008.
Fix: Identify workspace usage in a Task Prior to this, when identifying whether a Task used a workspace, we limited the check to command, args and scripts in steps, stepTemplates and sidecars. However, the workspace path could also be used as a param to a StepAction or env cariables in steps and sidecars and also workingDirs. This PR fixes that. Fixes #8008.
Fix: Identify workspace usage in a Task Prior to this, when identifying whether a Task used a workspace, we limited the check to command, args and scripts in steps, stepTemplates and sidecars. However, the workspace path could also be used as a param to a StepAction or env cariables in steps and sidecars and also workingDirs. This PR fixes that. Fixes #8008.
chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/o… …tlptracehttp Bumps [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) from 1.25.0 to 1.26.0. - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.25.0...v1.26.0) --- updated-dependencies: - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
chore(deps): Migrate to github.com/go-jose/go-jose/v3 Stop using archived gopkg.in/square/go-jose.v2 pkg Switch to github.com/go-jose/go-jose/v3 instead Fixes CVE-2024-28180 (cherry picked from commit c19b6e6) Signed-off-by: Vincent Demeester <[email protected]>
chore(deps): Migrate to github.com/go-jose/go-jose/v3 Stop using archived gopkg.in/square/go-jose.v2 pkg Switch to github.com/go-jose/go-jose/v3 instead Fixes CVE-2024-28180 (cherry picked from commit c19b6e6) Signed-off-by: Vincent Demeester <[email protected]>
chore(deps): Migrate to github.com/go-jose/go-jose/v3 Stop using archived gopkg.in/square/go-jose.v2 pkg Switch to github.com/go-jose/go-jose/v3 instead Fixes CVE-2024-28180 (cherry picked from commit c19b6e6) Signed-off-by: Vincent Demeester <[email protected]>
PreviousNext