Skip to content

Commit 53bb6bf

Browse files
authored
fix opentelemetry-collector cve: GHSA-cfpf-hrx2-8rv6 update expr deps (#76770)
Signed-off-by: Debasish Biswas <debasishbsws.dev@gmail.com>
1 parent 3069cfa commit 53bb6bf

File tree

1 file changed

+6
-1
lines changed

1 file changed

+6
-1
lines changed

opentelemetry-collector.yaml

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
package:
22
name: opentelemetry-collector
33
version: "0.142.0"
4-
epoch: 0 # CVE-2025-61729
4+
epoch: 1 # GHSA-cfpf-hrx2-8rv6
55
description: OpenTelemetry Collector
66
copyright:
77
- license: Apache-2.0
@@ -29,6 +29,11 @@ pipeline:
2929
tag: v${{package.version}}
3030
expected-commit: b579eb1cd7f4334b0f460eb05a81373e5635942f
3131

32+
- runs: |
33+
set -x
34+
# Use the builder to compile opentelemetry-collector
35+
yq eval '.replaces += ["github.com/expr-lang/expr => github.com/expr-lang/expr v1.17.7"]' builder-config.yaml -i
36+
3237
- uses: go/build
3338
with:
3439
packages: .

0 commit comments

Comments
 (0)