Skip to content

update .govulncheck.yaml #708

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
openshift-merge-bot merged 2 commits into from
Nov 4, 2025
Merged

update .govulncheck.yaml #708

openshift-merge-bot merged 2 commits into from
Nov 4, 2025

Conversation

@rsoaresd
Copy link
Contributor

@rsoaresd rsoaresd commented Nov 3, 2025
edited
Loading

Description

We are hitting a lot of vuns in govulncheck. This PR adds them to .govulncheck.yaml to ignore them. This is just temporary since we will upgrade go version to 1.24 once we have our clusters using Openshift 4.20

Related PR

codeready-toolchain/api#490
codeready-toolchain/toolchain-common#497
codeready-toolchain/host-operator#1212
codeready-toolchain/registration-service#556
codeready-toolchain/toolchain-e2e#1219
kubesaw/ksctl#131

Summary by CodeRabbit

  • Chores
    • Updated configuration with populated vulnerability entries and associated metadata, including IDs, information URLs, and date references.

@openshift-ci openshift-ci bot added the approved label Nov 3, 2025
@coderabbitai
Copy link

coderabbitai bot commented Nov 3, 2025
edited
Loading

Walkthrough

The .govulncheck.yaml file is updated to replace an empty ignored-vulnerabilities list with a structured set of GO-2025 vulnerability entries. Each entry includes a vulnerability ID, corresponding info URL, and silence-until date, with descriptive comments explaining each vulnerability, affected package, and fixed version information.

Changes

Cohort / File(s) Summary
Vulnerability Ignore List Configuration
\.govulncheck.yaml		 Populated ignored-vulnerabilities from empty list to structured entries containing 4 GO-2025 vulnerability definitions (IDs 4013–4006) with metadata: info URLs, silence-until dates, and vulnerability descriptions

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

  • Verify each vulnerability ID (GO-2025-4013, 4012, 4011, 4006) is accurate and corresponds to actual Go vulnerabilities
  • Confirm silence-until dates are appropriate for the project's maintenance timeline
  • Ensure info URLs are correct and accessible

Possibly related PRs

Suggested reviewers

  • alexeykazakov
  • jrosental
  • xcoulon
  • mfrancisc

Poem

🐰 A rabbit hops through the config so fine,
Patching vulnerabilities, line by line,
GO-2025 entries now stand tall,
With silence-until dates protecting us all! 🛡️

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The pull request title 'update .govulncheck.yaml' is directly related to the main change in the changeset. The raw summary confirms that the primary modification is replacing the ignored-vulnerabilities list in the .govulncheck.yaml file with a populated list containing multiple GO-2025 vulnerability entries. The title accurately reflects this core change, though it could be slightly more descriptive about what the update entails.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

This was referenced Nov 3, 2025
Merged
Merged
Merged
Merged
Merged
Merged
@codecov
Copy link

codecov bot commented Nov 3, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.50%. Comparing base (ff94ed6) to head (a005314).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master     #708   +/-   ##
=======================================
  Coverage   82.50%   82.50%           
=======================================
  Files          48       48           
  Lines        3589     3589           
=======================================
  Hits         2961     2961           
  Misses        477      477           
  Partials      151      151
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Nov 4, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

MatousJobanek
MatousJobanek approved these changes Nov 4, 2025
View reviewed changes
Copy link
Contributor

@MatousJobanek MatousJobanek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks
/lgtm

@openshift-ci openshift-ci bot added the lgtm label Nov 4, 2025
@openshift-ci
Copy link

openshift-ci bot commented Nov 4, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alexeykazakov, MatousJobanek, rsoaresd, xcoulon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:
  • OWNERS [MatousJobanek,alexeykazakov,rsoaresd,xcoulon]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit 610d5f0 into codeready-toolchain:master Nov 4, 2025
15 checks passed
@coderabbitai coderabbitai bot mentioned this pull request Dec 10, 2025
Merged
@coderabbitai coderabbitai bot mentioned this pull request Dec 18, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xcoulon xcoulon xcoulon approved these changes

@alexeykazakov alexeykazakov alexeykazakov approved these changes

@MatousJobanek MatousJobanek MatousJobanek approved these changes

@metlos metlos Awaiting requested review from metlos

Assignees

@MatousJobanek MatousJobanek

Labels

approved lgtm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rsoaresd @xcoulon @alexeykazakov @MatousJobanek