Skip to content

Clean up dependabot replaces#1970

Merged
openshift-merge-robot merged 2 commits intoopenshift:masterfrom
2uasimojo:dependabot-cleanup
Mar 8, 2023
Merged

Clean up dependabot replaces#1970
openshift-merge-robot merged 2 commits intoopenshift:masterfrom
2uasimojo:dependabot-cleanup

Conversation

@2uasimojo
Copy link
Copy Markdown
Member

@2uasimojo 2uasimojo commented Mar 6, 2023

Commit acc096f in #1965 added a bunch of replace directives to scrub library versions with known vulnerabilities out of go.sum. Turns out dependabot doesn't actually care about those -- just the ones in go.mod -- so remove them.

2uasimojo added 2 commits March 6, 2023 16:35
@2uasimojo
Upgrade build-machinery-go for make vulncheck
b24e430 
Bring in the latest BMG so we can now `make vulncheck` to get a preview
of what dependabot might complain about.
@2uasimojo
Clean up dependabot replaces
be9ff84 
Commit acc096f in openshift#1965 added a bunch of `replace` directives to scrub
library versions with known vulnerabilities out of go.sum. Turns out
dependabot doesn't actually care about those -- just the ones in go.mod
-- so remove them.
@openshift-ci openshift-ci Bot requested review from abutcher and lleshchi March 6, 2023 22:46
@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 6, 2023
@2uasimojo
Copy link
Copy Markdown
Member Author

2uasimojo commented Mar 6, 2023

/hold until #1969 merges.

@openshift-ci openshift-ci Bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 6, 2023
@2uasimojo
Copy link
Copy Markdown
Member Author

2uasimojo commented Mar 6, 2023

/assign @abutcher

@abutcher
Copy link
Copy Markdown
Member

abutcher commented Mar 7, 2023

/retest
/lgtm

@openshift-ci openshift-ci Bot added the lgtm Indicates that a PR is ready to be merged. label Mar 7, 2023
@openshift-ci
Copy link
Copy Markdown
Contributor

openshift-ci Bot commented Mar 7, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: 2uasimojo, abutcher

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@2uasimojo
Copy link
Copy Markdown
Member Author

2uasimojo commented Mar 8, 2023

/unhold

@openshift-ci openshift-ci Bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 8, 2023
@openshift-ci
Copy link
Copy Markdown
Contributor

openshift-ci Bot commented Mar 8, 2023

@2uasimojo: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@openshift-merge-robot openshift-merge-robot merged commit 8ea4577 into openshift:master Mar 8, 2023
@2uasimojo 2uasimojo deleted the dependabot-cleanup branch March 8, 2023 20:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@abutcher abutcher Awaiting requested review from abutcher

@lleshchi lleshchi Awaiting requested review from lleshchi

Assignees

@abutcher abutcher

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@2uasimojo @abutcher @openshift-merge-robot