Skip to content

Bump golang.org/x/net from 0.7.0 to 0.38.0 in /hack/tools #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from

Bump golang.org/x/net from 0.7.0 to 0.38.0 in /hack/tools

df29b64
Select commit
Loading
Failed to load commit list.
Open

Bump golang.org/x/net from 0.7.0 to 0.38.0 in /hack/tools #27

Bump golang.org/x/net from 0.7.0 to 0.38.0 in /hack/tools
df29b64
Select commit
Loading
Failed to load commit list.
Bulwark-SpectroCloud / security-scans/govulncheck failed Jan 14, 2026 in 1m 8s

Govulncheck scan completed

⚠️ GoVulnCheck scan found vulnerabilities:

  1. GO-2024-2687
    • Module: golang.org/x/net
    • Found in: v0.7.0
    • Fixed in: v0.23.0
    • Example Traces:
      1. pkg/cloud/services/compute/instance.go:733:21: compute.GetInstanceStatusByName calls fmt.Sprintf, which eventually calls fmt.handleMethods
      2. pkg/utils/hash/hash.go:39:30: hash.SpewHashObject calls spew.Fprintf, which eventually calls bufio.Write
      3. controllers/openstackmachine_controller.go:155:26: controllers.Reconcile calls controllers.reconcileNormal, which eventually calls controllers.getOrCreate
      4. pkg/clients/networking.go:438:60: clients.ListExtensions calls pagination.AllPages, which eventually calls pagination.PageResultFrom
      5. controllers/openstackmachine_controller.go:155:26: controllers.Reconcile calls controllers.reconcileNormal, which eventually calls controllers.getOrCreate

Please review these findings and fix the issues before merging.

Click 'View more details' to see the workflow run and detailed results in the Bulwark repository.

View more details on Bulwark-SpectroCloud