Skip to content

chore: resolve CVE-2025-57319 by upgrading pino #3924

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
alizard0 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore: resolve CVE-2025-57319 by upgrading pino #3924

alizard0 wants to merge 1 commit into from

Conversation

@alizard0
Copy link
Member

@alizard0 alizard0 commented Dec 17, 2025

It resolves CVE-2025-57319 by upgrading pino (using resolution) to v10.1.0 which drops the usage of fast-redact.

@openshift-ci openshift-ci bot requested a review from nickboldt December 17, 2025 09:35
@openshift-ci
Copy link

openshift-ci bot commented Dec 17, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign christoph-jerolimov for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot requested a review from rm3l December 17, 2025 09:35
@alizard0
fix(security): resolve CVE-2025-57319 by upgrading (resolution) pino…
7384fab 
… to v10.1.0 which drops the usage of fast-redact
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 17, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@alizard0 alizard0 changed the title Resolve CVE-2025-57319 by upgrading pino chore: resolve CVE-2025-57319 by upgrading pino Dec 17, 2025
@alizard0
Copy link
Member Author

alizard0 commented Dec 22, 2025

/test e2e-ocp-helm

@rhdh-qodo-merge
Copy link

rhdh-qodo-merge bot commented Dec 22, 2025

You are above your monthly Qodo Merge usage quota. If you are a paying user, please link your GitHub/GitLab/Bitbucket account with your qodo account here to claim your seat. To allow usage organization-wide without linking, please reach to Qodo.

@alizard0
Copy link
Member Author

alizard0 commented Dec 23, 2025

/test e2e-ocp-helm

@rhdh-qodo-merge
Copy link

rhdh-qodo-merge bot commented Dec 23, 2025 

ⓘ Your monthly quota for Qodo has expired. Upgrade your plan
ⓘ Paying users. Check that your Qodo account is linked with this Git user account

@openshift-ci
Copy link

openshift-ci bot commented Dec 23, 2025

@alizard0: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e-ocp-helm 7384fab link true /test e2e-ocp-helm

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nickboldt nickboldt Awaiting requested review from nickboldt

@rm3l rm3l Awaiting requested review from rm3l

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@alizard0