Skip to content

[release-1.21] Bump golang.org/x/crypto to v0.45.0 #5988

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
k8s-ci-robot merged 1 commit into from
Dec 1, 2025
Merged

[release-1.21] Bump golang.org/x/crypto to v0.45.0 #5988

k8s-ci-robot merged 1 commit into from
Dec 1, 2025
+24 −24

Conversation

@mboersma
Copy link
Contributor

@mboersma mboersma commented Dec 1, 2025
edited
Loading

What type of PR is this?

/kind cleanup

What this PR does / why we need it:

Fixes CVE-2025-47914 (already fixed in main branch by #5980)

Which issue(s) this PR fixes:

See the weekly security scan action: https://github.com/kubernetes-sigs/cluster-api-provider-azure/actions/runs/19821912976/job/56785978084

Special notes for your reviewer:

TODOs:

  • squashed commits
  • includes documentation
  • adds unit tests
  • cherry-pick candidate

Release note:

NONE

@k8s-ci-robot k8s-ci-robot added the release-note-none Denotes a PR that doesn't merit a release note. label Dec 1, 2025
@k8s-ci-robot k8s-ci-robot added the kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. label Dec 1, 2025
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Dec 1, 2025
@codecov
Copy link

codecov bot commented Dec 1, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 44.58%. Comparing base (0736b4a) to head (d9a9235).
⚠️ Report is 3 commits behind head on release-1.21.

Additional details and impacted files 
@@              Coverage Diff              @@
##           release-1.21    #5988   +/-   ##
=============================================
  Coverage         44.58%   44.58%           
=============================================
  Files               279      279           
  Lines             25127    25127           
=============================================
  Hits              11204    11204           
  Misses            13110    13110           
  Partials            813      813

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

nojnhuh
nojnhuh approved these changes Dec 1, 2025
View reviewed changes
Copy link
Contributor

@nojnhuh nojnhuh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Dec 1, 2025
@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Dec 1, 2025

LGTM label has been added.

Git tree hash: 08e5fdb0209eb9df71fc42a3185817db5f7825a8

@k8s-ci-robot
Copy link
Contributor

k8s-ci-robot commented Dec 1, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: nojnhuh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Dec 1, 2025
@nojnhuh
Copy link
Contributor

nojnhuh commented Dec 1, 2025

#5690

/retest

@k8s-ci-robot k8s-ci-robot merged commit 9385871 into kubernetes-sigs:release-1.21 Dec 1, 2025
24 checks passed
@github-project-automation github-project-automation bot moved this from Todo to Done in CAPZ Planning Dec 1, 2025
@mboersma mboersma deleted the bump-crypto-dep branch December 1, 2025 20:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nojnhuh nojnhuh nojnhuh approved these changes

@Jont828 Jont828 Awaiting requested review from Jont828

@marosset marosset Awaiting requested review from marosset

Assignees

@nojnhuh nojnhuh

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.

Projects

CAPZ Planning
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mboersma @k8s-ci-robot @nojnhuh