forked from statping/statping
-
Notifications
You must be signed in to change notification settings - Fork 134
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update go version to > 1.20.5 #287
Labels
Build
build-related changes
Comments
hey, thanks for bringing this up. upgrading go versions can sometimes be a bit of a pain, but I'll try it and see what breaks soon™ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Due to https://nvd.nist.gov/vuln/detail/CVE-2023-29404, https://nvd.nist.gov/vuln/detail/CVE-2023-29405, https://nvd.nist.gov/vuln/detail/CVE-2023-24540, https://nvd.nist.gov/vuln/detail/CVE-2023-24538 and several other CVE's statping is getting flagged in our security scanners. It seems go 1.20.14 is the highest released version in the 1.20 minor version branch; I am not knowledgeable enough to know if you can or want to go any higher. Nevertheless, the 1.20.0 version used in the Dockerfile build shouldn't be used.
The text was updated successfully, but these errors were encountered: