Skip to content

🌱 Bump the all-github-actions group across 1 directory with 13 updates#264

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/all-github-actions-1ca7446eb0
Open

🌱 Bump the all-github-actions group across 1 directory with 13 updates#264
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/all-github-actions-1ca7446eb0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 23, 2026
edited
Loading

Copy link
Copy Markdown

Bumps the all-github-actions group with 13 updates in the / directory:

Package From To
sqren/backport-github-action 9.2.2 11.0.0
actions/checkout 3 6
actions/setup-go 5.3.0 6.3.0
actions/cache 4.2.0 5.0.4
EndBug/add-and-commit 9.1.4 10.0.0
actions/github-script 7.0.1 8.0.0
golangci/golangci-lint-action 6.3.2 9.2.0
gaurav-nelson/github-action-markdown-link-check 1.0.16 1.0.17
tj-actions/changed-files dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 3d37a7ff08a7ce64b4cab9669eac39b0709cdac9
softprops/action-gh-release 2.2.1 2.6.1
docker/setup-buildx-action 1 4
docker/login-action 1 4
mukunku/tag-exists-action 1.2.0 1.7.0

Updates sqren/backport-github-action from 9.2.2 to 11.0.0

Release notes

Sourced from sqren/backport-github-action's releases.

v11.0.0

Update backport to 11.0.0

v10.4.0

Update backport to 10.4.0

v10.2.0

What's Changed

Bump to Backport 9.5.1

No release notes provided.

Bump to Node 20

Require Node 20

v9.3.0

Bump to backport 9.3.0

v9.3.0-a

No release notes provided.

Commits
  • 9460b71 chore: release v11.0.0
  • c0d1fb5 feat: upgrade to backport@11 with smoke test suite (#177)
  • e086778 Convert to ESM, replace Jest with Vitest, align dependencies with backport
  • 6840073 Replace RELEASE.md with cursor rule and skill
  • 566ba6c Add feature-specific validation docs to RELEASE.md
  • 576c0c8 Skip backport gracefully when PR is not merged
  • 7c4cc75 Add RELEASE.md documenting the release and validation workflow
  • d196c79 Update backport to 10.4.0
  • 516854e Bump Node 24 (#175)
  • 099cc6f Bump backport to 10.2.0 (#174)
  • Additional commits viewable in compare view

Updates actions/checkout from 3 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

... (truncated)

Commits

Updates actions/setup-go from 5.3.0 to 6.3.0

Release notes

Sourced from actions/setup-go's releases.

v6.3.0

What's Changed

Full Changelog: actions/setup-go@v6...v6.3.0

v6.2.0

What's Changed

Enhancements

Dependency updates

New Contributors

Full Changelog: actions/setup-go@v6...v6.2.0

v6.1.0

What's Changed

Enhancements

Dependency updates

New Contributors

Full Changelog: actions/setup-go@v6...v6.1.0

v6.0.0

What's Changed

... (truncated)

Commits

Updates actions/cache from 4.2.0 to 5.0.4

Release notes

Sourced from actions/cache's releases.

v5.0.4

What's Changed

New Contributors

Full Changelog: actions/cache@v5...v5.0.4

v5.0.3

What's Changed

Full Changelog: actions/cache@v5...v5.0.3

v.5.0.2

v5.0.2

What's Changed

When creating cache entries, 429s returned from the cache service will not be retried.

v5.0.1

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

If you are using self-hosted runners, ensure they are updated before upgrading.

v5.0.1

What's Changed

v5.0.0

What's Changed

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

  1. Switch to a new branch from main.
  2. Run npm test to ensure all tests are passing.
  3. Update the version in https://github.com/actions/cache/blob/main/package.json.
  4. Run npm run build to update the compiled files.
  5. Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.
  6. Run licensed cache to update the license report.
  7. Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.
  8. Commit your changes and push your branch upstream.
  9. Open a pull request against main and get it reviewed and merged.
  10. Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json
    1. Create a new tag with the version number.
    2. Auto generate release notes and update them to match the changes you made in RELEASES.md.
    3. Toggle the set as the latest release option.
    4. Publish the release.
  11. Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml
    1. There should be a workflow run queued with the same version number.
    2. Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.4

  • Bump minimatch to v3.1.5 (fixes ReDoS via globstar patterns)
  • Bump undici to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)
  • Bump fast-xml-parser to v5.5.6

5.0.3

5.0.2

  • Bump @actions/cache to v5.0.3 #1692

5.0.1

  • Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

... (truncated)

Commits

Updates EndBug/add-and-commit from 9.1.4 to 10.0.0

Release notes

Sourced from EndBug/add-and-commit's releases.

v10.0.0

What's Changed

... (truncated)

Commits
  • 290ea2c 10.0.0
  • 5190a0a docs: prepare for v10
  • 9ac3878 chore: npm audit fix
  • 7b015bd docs: add CodeReaper as a contributor for maintenance (#723)
  • 300836d chore(deps-dev): bump flatted from 3.3.3 to 3.4.2 (#722)
  • f6e20ed feat!: use node version 24 (#720)
  • 6280653 chore(deps-dev): bump jest from 30.2.0 to 30.3.0 (#721)
  • 1539a6a chore(deps): bump @​actions/core from 2.0.2 to 3.0.0 (#716)
  • af611dd chore(deps): bump minimatch (#718)
  • 2df77c1 chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (#712)
  • Additional commits viewable in compare view

Updates actions/github-script from 7.0.1 to 8.0.0

Release notes

Sourced from actions/github-script's releases.

v8.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

New Contributors

Full Changelog: actions/github-script@v7.1.0...v8.0.0

v7.1.0

What's Changed

New Contributors

Full Changelog: actions/github-script@v7...v7.1.0

Commits
  • ed59741 Merge pull request #653 from actions/sneha-krip/readme-for-v8
  • 2dc352e Bold minimum Actions Runner version in README
  • 01e118c Update README for Node 24 runtime requirements
  • 8b222ac Apply suggestion from @​salmanmkc
  • adc0eea README for updating actions/github-script from v7 to v8
  • 20fe497 Merge pull request #637 from actions/node24
  • e7b7f22 update licenses
  • 2c81ba0 Update Node.js version support to 24.x
  • f28e40c Merge pull request #610 from actions/nebuk89-patch-1
  • 1ae9958 Update README.md
  • Additional commits viewable in compare view

Updates golangci/golangci-lint-action from 6.3.2 to 9.2.0

Release notes

Sourced from golangci/golangci-lint-action's releases.

v9.2.0

What's Changed

Changes

Dependencies

Full Changelog: golangci/golangci-lint-action@v9.1.0...v9.2.0

v9.1.0

What's Changed

Changes

Documentation

Dependencies

Full Changelog: golangci/golangci-lint-action@v9.0.0...v9.1.0

v9.0.0

In the scope of this release, we change Nodejs runtime from node20 to node24 (https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/).

What's Changed

Changes

Full Changelog: golangci/golangci-lint-action@v8.0.0...v9.0.0

v8.0.0

Requires golangci-lint version >= v2.1.0

... (truncated)

Commits

Updates gaurav-nelson/github-action-markdown-link-check from 1.0.16 to 1.0.17

Release notes

Sourced from gaurav-nelson/github-action-markdown-link-check's releases.

1.0.17

What's Changed

New Contributors

Full Changelog: gaurav-nelson/github-action-markdown-link-check@1.0.16...1.0.17

Commits
  • 3c3b66f Merge pull request #205 from Okabe-Junya/bump/markdown-link-check
  • dd5abb6 bump markdown-link-check
  • 9574206 Add bug report and feature request templates with Linkspector update
  • See full diff in compare view

Updates tj-actions/changed-files from dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 to 3d37a7ff08a7ce64b4cab9669eac39b0709cdac9

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

47.0.5 - (2026-03-03)

🔄 Update

  • Updated README.md (#2805)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> (35dace0) - (github-actions[bot])

  • Updated README.md (#2803)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> Co-authored-by: Tonye Jack jtonye@ymail.com (

@dependabot
🌱 Bump the all-github-actions group across 1 directory with 13 updates
a5a66b3 
Bumps the all-github-actions group with 13 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [sqren/backport-github-action](https://github.com/sqren/backport-github-action) | `9.2.2` | `11.0.0` |
| [actions/checkout](https://github.com/actions/checkout) | `3` | `6` |
| [actions/setup-go](https://github.com/actions/setup-go) | `5.3.0` | `6.3.0` |
| [actions/cache](https://github.com/actions/cache) | `4.2.0` | `5.0.4` |
| [EndBug/add-and-commit](https://github.com/endbug/add-and-commit) | `9.1.4` | `10.0.0` |
| [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` |
| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `6.3.2` | `9.2.0` |
| [gaurav-nelson/github-action-markdown-link-check](https://github.com/gaurav-nelson/github-action-markdown-link-check) | `1.0.16` | `1.0.17` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `dcc7a0cba800f454d79fff4b993e8c3555bcc0a8` | `3d37a7ff08a7ce64b4cab9669eac39b0709cdac9` |
| [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.2.1` | `2.6.1` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `1` | `4` |
| [docker/login-action](https://github.com/docker/login-action) | `1` | `4` |
| [mukunku/tag-exists-action](https://github.com/mukunku/tag-exists-action) | `1.2.0` | `1.7.0` |



Updates `sqren/backport-github-action` from 9.2.2 to 11.0.0
- [Release notes](https://github.com/sqren/backport-github-action/releases)
- [Commits](sorenlouv/backport-github-action@v9.2.2...v11.0.0)

Updates `actions/checkout` from 3 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](actions/checkout@v3...v6)

Updates `actions/setup-go` from 5.3.0 to 6.3.0
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@f111f33...4b73464)

Updates `actions/cache` from 4.2.0 to 5.0.4
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@1bd1e32...6682284)

Updates `EndBug/add-and-commit` from 9.1.4 to 10.0.0
- [Release notes](https://github.com/endbug/add-and-commit/releases)
- [Commits](EndBug/add-and-commit@a94899b...290ea2c)

Updates `actions/github-script` from 7.0.1 to 8.0.0
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](actions/github-script@60a0d83...ed59741)

Updates `golangci/golangci-lint-action` from 6.3.2 to 9.2.0
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@051d919...1e7e51e)

Updates `gaurav-nelson/github-action-markdown-link-check` from 1.0.16 to 1.0.17
- [Release notes](https://github.com/gaurav-nelson/github-action-markdown-link-check/releases)
- [Commits](gaurav-nelson/github-action-markdown-link-check@1b916f2...3c3b66f)

Updates `tj-actions/changed-files` from dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 to 3d37a7ff08a7ce64b4cab9669eac39b0709cdac9
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](tj-actions/changed-files@dcc7a0c...3d37a7f)

Updates `softprops/action-gh-release` from 2.2.1 to 2.6.1
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](softprops/action-gh-release@c95fe14...153bb8e)

Updates `docker/setup-buildx-action` from 1 to 4
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@v1...v4)

Updates `docker/login-action` from 1 to 4
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v1...v4)

Updates `mukunku/tag-exists-action` from 1.2.0 to 1.7.0
- [Release notes](https://github.com/mukunku/tag-exists-action/releases)
- [Commits](mukunku/tag-exists-action@v1.2.0...v1.7.0)

---
updated-dependencies:
- dependency-name: sqren/backport-github-action
  dependency-version: 11.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-github-actions
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-github-actions
- dependency-name: actions/setup-go
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-github-actions
- dependency-name: actions/cache
  dependency-version: 5.0.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-github-actions
- dependency-name: EndBug/add-and-commit
  dependency-version: 10.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-github-actions
- dependency-name: actions/github-script
  dependency-version: 8.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-github-actions
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-github-actions
- dependency-name: gaurav-nelson/github-action-markdown-link-check
  dependency-version: 1.0.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-github-actions
- dependency-name: tj-actions/changed-files
  dependency-version: 3d37a7ff08a7ce64b4cab9669eac39b0709cdac9
  dependency-type: direct:production
  dependency-group: all-github-actions
- dependency-name: softprops/action-gh-release
  dependency-version: 2.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-github-actions
- dependency-name: docker/setup-buildx-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-github-actions
- dependency-name: docker/login-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-github-actions
- dependency-name: mukunku/tag-exists-action
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Mar 23, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: area/ci. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot mentioned this pull request Mar 23, 2026
Closed
@spectro-prow

spectro-prow commented Mar 23, 2026

Copy link
Copy Markdown

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a spectrocloud member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@spectro-prow

spectro-prow commented Mar 23, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
To complete the pull request process, please assign after the PR has been reviewed.
You can assign the PR to them by writing /assign in a comment when ready.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

bulwark-spectrocloud[bot]
bulwark-spectrocloud Bot requested changes Mar 23, 2026
View reviewed changes

@bulwark-spectrocloud bulwark-spectrocloud Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ GoVulnCheck scan found vulnerabilities:

  1. GO-2026-4394
    • Module: go.opentelemetry.io/otel/sdk
    • Found in: v1.28.0
    • Fixed in: v1.40.0
    • Example Traces:
      1. internal/topology/variables/clusterclass_variable_validation.go:28:2: variables.init calls validation.init, which eventually calls tracing.init
      2. cmd/clusterctl/client/repository/repository_gitlab.go:157:34: repository.GetFile calls http.Do, which eventually calls noop.Start
      3. cmd/clusterctl/client/repository/repository_gitlab.go:157:34: repository.GetFile calls http.Do, which eventually calls otelhttp.RoundTrip
      4. util/record/recorder.go:42:13: record.InitFromRecorder calls sync.Do, which eventually calls sync.doSlow
      5. cmd/clusterctl/client/repository/repository_gitlab.go:157:34: repository.GetFile calls http.Do, which eventually calls otelhttp.RoundTrip
  2. GO-2025-3754
    • Module: github.com/cloudflare/circl
    • Found in: v1.3.7
    • Fixed in: v1.6.1
    • Example Traces:
      1. cmd/clusterctl/internal/test/fake_github.go:24:2: test.init calls github.init, which eventually calls ed25519.init
      2. cmd/clusterctl/internal/test/fake_github.go:24:2: test.init calls github.init, which eventually calls ecc.init
      3. cmd/clusterctl/internal/test/fake_github.go:24:2: test.init calls github.init, which eventually calls ecc.init
      4. cmd/clusterctl/internal/test/fake_github.go:24:2: test.init calls github.init, which eventually calls ecc.init
      5. cmd/clusterctl/internal/test/fake_github.go:24:2: test.init calls github.init, which eventually calls ed448.init
  3. GO-2026-4550
    • Module: github.com/cloudflare/circl
    • Found in: v1.3.7
    • Fixed in: v1.6.3
    • Example Traces:
      1. cmd/clusterctl/internal/test/fake_github.go:24:2: test.init calls github.init, which eventually calls ed25519.init
      2. cmd/clusterctl/internal/test/fake_github.go:24:2: test.init calls github.init, which eventually calls ecc.init
      3. cmd/clusterctl/internal/test/fake_github.go:24:2: test.init calls github.init, which eventually calls ecc.init
      4. cmd/clusterctl/internal/test/fake_github.go:24:2: test.init calls github.init, which eventually calls ed448.init
      5. cmd/clusterctl/internal/test/fake_github.go:24:2: test.init calls github.init, which eventually calls x25519.init

Please review these findings and fix the issues before merging.

bulwark-spectrocloud[bot]
bulwark-spectrocloud Bot requested changes Mar 23, 2026
View reviewed changes

@bulwark-spectrocloud bulwark-spectrocloud Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ GoSec scan found code issues:

  1. G115: integer overflow conversion int64 -> int32, Severity: HIGH
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/cluster/cluster_controller_status.go:107:63
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/cluster/cluster_controller_status.go:104:70
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/contract/types.go:129:22
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/test/envtest/environment.go:93:47
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/machineset/machineset_controller_status.go:189:26
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/machineset/machineset_controller_status.go:123:26
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/machineset/machineset_controller.go:1211:28
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/machinehealthcheck/machinehealthcheck_controller.go:678:26
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/machinehealthcheck/machinehealthcheck_controller.go:666:27
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/machinehealthcheck/machinehealthcheck_controller.go:241:33
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/machinehealthcheck/machinehealthcheck_controller.go:226:35
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/machinedeployment/mdutil/util.go:726:14
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/machinedeployment/mdutil/util.go:655:58
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/machinedeployment/machinedeployment_sync.go:622:15
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/internal/controllers/machinedeployment/machinedeployment_rollout_ondelete.go:122:29
    • ... (truncated), run gosec locally to capture all failure for the rule G115
  2. G404: Use of weak random number generator (math/rand or math/rand/v2 instead of crypto/rand), Severity: HIGH
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/util/util.go:61:8
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/util/conversion/conversion.go:160:18
  3. G402: TLS InsecureSkipVerify set to true., Severity: HIGH
      1. File: /home/runner/_work/bulwark/bulwark/target-repo/controlplane/kubeadm/internal/workload_cluster.go:469:62

Please review these findings and fix the issues before merging.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bulwark-spectrocloud bulwark-spectrocloud[bot] bulwark-spectrocloud[bot] requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

needs-ok-to-test ok-to-test size/M

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@spectro-prow