Skip to content

Update Go v1.24 #66

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
a8m merged 1 commit into from
Feb 24, 2025
Merged

Update Go v1.24 #66

a8m merged 1 commit into from
Feb 24, 2025

Conversation

@VietND96
Copy link
Contributor

@VietND96 VietND96 commented Feb 24, 2025
edited
Loading

Hello maintainers,

We have used envsubst in one project docker image built. However, once image gets scanned on Docker hub, it shows lots of CVEs due to the old Go version.
I tried to upgrade to the latest Go version as of now v1.24, could see CI test get passed.
I also updated the workflow with deps version latest to deploy the binaries. It also get passed in my fork.
So, it is cool if you consider this PR and release a new version in main stream.
Fixes #62

image

Here is the result after upgrading. There is no Go CVE

image

@VietND96
Update Go v1.24
f7f65d3 
Signed-off-by: Viet Nguyen Duc <[email protected]>
@VietND96
Copy link
Contributor Author

VietND96 commented Feb 24, 2025

@a8m, tagging you here for priority.

@a8m
Copy link
Owner

a8m commented Feb 24, 2025

Thanks for the contribution, @VietND96

@VietND96
Copy link
Contributor Author

VietND96 commented Feb 24, 2025

You're welcome. My PR also made changes in workflow release binaries, it was running well, you can checkout the result here for the merge decision https://github.com/NDViet/envsubst/actions/runs/13491653620

@a8m a8m merged commit 2aa6422 into a8m:master Feb 24, 2025
2 checks passed
@VietND96
Copy link
Contributor Author

VietND96 commented Feb 25, 2025

@a8m, thanks for merging. Can you please also create a tag and release it to bump a new version?

@jandubois jandubois mentioned this pull request May 12, 2025
Closed
allex pushed a commit to allex/envsubst that referenced this pull request Jun 30, 2025
@VietND96 @allex
go: update to v1.24 (a8m#66)
d527849 
Signed-off-by: Viet Nguyen Duc <[email protected]>
allex pushed a commit to allex/envsubst that referenced this pull request Jun 30, 2025
@VietND96 @allex
go: update to v1.24 (a8m#66)
d578702 
Signed-off-by: Viet Nguyen Duc <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Request for New Release Built with Go 1.20.5+ to Address Security Vulnerabilities

2 participants

@VietND96 @a8m