Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add link to pkg.go.dev to listed Go packages with vulnerabilities #1813

Merged
merged 1 commit into from
Feb 26, 2025
Merged

Add link to pkg.go.dev to listed Go packages with vulnerabilities #1813

merged 1 commit into from
Feb 26, 2025

Conversation

SaschaSchwarze0
Copy link
Member

Changes

When looking at issues such as #1810, when I see Go vulnerabilities and Dependabot suddenly has not yet opened a PR, then I open it myself. When doing so, I prefer to check if the fixed version is actually also the latest version or if there is already something newer, and if so go to latest. To check what the latest version is I usually go to pkg.go.dev. Hereby making the package name a link so that this can be done faster.

Submitter Checklist

  • Includes tests if functionality changed/was added
  • Includes docs if changes are user-facing
  • Set a kind label on this PR
  • Release notes block has been filled in, or marked NONE

Release Notes

NONE

@SaschaSchwarze0 SaschaSchwarze0 added the kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. label Feb 26, 2025
@SaschaSchwarze0 SaschaSchwarze0 added this to the release-v0.16.0 milestone Feb 26, 2025
@openshift-ci openshift-ci bot added the release-note-none Label for when a PR does not need a release note label Feb 26, 2025
@pull-request-size pull-request-size bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Feb 26, 2025
@SaschaSchwarze0 SaschaSchwarze0 changed the title Add link to gopkg.dev to listed Go packages with vulnerabilities Add link to pkg.go.dev to listed Go packages with vulnerabilities Feb 26, 2025
HeavyWombat
HeavyWombat approved these changes Feb 26, 2025
View reviewed changes
Copy link
Contributor

@HeavyWombat HeavyWombat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Feb 26, 2025
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Feb 26, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: HeavyWombat

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 26, 2025
@SaschaSchwarze0 SaschaSchwarze0 merged commit 98cb0ed into shipwright-io:main Feb 26, 2025
14 of 20 checks passed
@SaschaSchwarze0 SaschaSchwarze0 deleted the sascha-add-gopkg-link branch February 26, 2025 11:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@HeavyWombat HeavyWombat HeavyWombat approved these changes

@adambkaplan adambkaplan Awaiting requested review from adambkaplan

Assignees

@HeavyWombat HeavyWombat

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. kind/cleanup Categorizes issue or PR as related to cleaning up code, process, or technical debt. lgtm Indicates that a PR is ready to be merged. release-note-none Label for when a PR does not need a release note size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
Shipwright Overview
Status: Done
Milestone
release-v0.16.0
Development

Successfully merging this pull request may close these issues.
2 participants
@SaschaSchwarze0 @HeavyWombat