[pull] master from kserve:master #162
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
* Handles s3 download for object name starts with folder name. Signed-off-by: Andrews Arokiam <[email protected]> * Fix storage test. Signed-off-by: Andrews Arokiam <[email protected]> * Added s3 storage test. Signed-off-by: Andrews Arokiam <[email protected]> * Simplified logic Signed-off-by: Andrews Arokiam <[email protected]> --------- Signed-off-by: Andrews Arokiam <[email protected]>
|
Hi @pull[bot]. Thanks for your PR. I'm waiting for a opendatahub-io member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
* fix: Add missing --timeout flag in batcher Signed-off-by: Yuan Tang <[email protected]> * removal Signed-off-by: Yuan Tang <[email protected]> --------- Signed-off-by: Yuan Tang <[email protected]>
* ci: Automate release process Signed-off-by: Yuan Tang <[email protected]> * Update changes to release branch Signed-off-by: Yuan Tang <[email protected]> * update Signed-off-by: Yuan Tang <[email protected]> * Push tag Signed-off-by: Yuan Tang <[email protected]> * udpate Signed-off-by: Yuan Tang <[email protected]> * Split wf Signed-off-by: Yuan Tang <[email protected]> * monitor tags Signed-off-by: Yuan Tang <[email protected]> * fix Signed-off-by: Yuan Tang <[email protected]> * Use softprops/action-gh-release Signed-off-by: Yuan Tang <[email protected]> * Update automated-release.yml Signed-off-by: Yuan Tang <[email protected]> --------- Signed-off-by: Yuan Tang <[email protected]>
fixes critical vulnerabiolities on ray chore: fix the following CVEs - [CVE-2023-6019](https://www.cve.org/CVERecord?id=CVE-2023-6019): Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') - [CVE-2023-6020](https://www.cve.org/CVERecord?id=CVE-2023-6020): Use of GET Request Method With Sensitive Query Strings There are no fix for [CVE-2023-48023](https://www.cve.org/CVERecord?id=CVE-2023-48023) yet Signed-off-by: Spolti <[email protected]>
* Bump versions Signed-off-by: Yuan Tang <[email protected]> * Bump versions Signed-off-by: Yuan Tang <[email protected]> --------- Signed-off-by: Yuan Tang <[email protected]>
|
/approve |
spolti
approved these changes
Jan 9, 2024
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: pull[bot], spolti The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Signed-off-by: Pitos <[email protected]>
|
New changes are detected. LGTM label has been removed. |
* Fixes CVE-2023-48795 chore: Fixes [CVE-2023-48795](https://www.cve.org/CVERecord?id=CVE-2023-48795) - golang.org/x/crypto Authentication Bypass by Capture-replay Signed-off-by: Spolti <[email protected]> * review - run go mod tidy Signed-off-by: Spolti <[email protected]> --------- Signed-off-by: Spolti <[email protected]>
Fix Stack-based Buffer Overflow on protobuf chore: Fix Stack-based Buffer Overflow on protobuf on protobuf - https://security.snyk.io/vuln/SNYK-GOLANG-GOOGLEGOLANGORGPROTOBUFENCODINGPROTOJSON-6137908 Signed-off-by: Spolti <[email protected]>
chore: The purpose of this pull request is to addres [this](https://security.snyk.io/vuln/SNYK-GOLANG-KNATIVEDEVSERVINGPKGAUTOSCALERMETRICS-6091906) vulnerability. In the Snyk report it says that the version 0.39.3 still affected, however it seems to be a false positive, since the fix can be found merged as this [commit](knative/serving@fff40ef) shows. Signed-off-by: Spolti <[email protected]>
chore: Fixes the following vulnerabilities in the go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp dependency: - [CVE-2022-21698](https://www.cve.org/CVERecord?id=CVE-2022-21698) / [CVE-2023-45142](https://www.cve.org/CVERecord?id=CVE-2023-45142): Allocation of Resources Without Limits or Throttling Signed-off-by: Spolti <[email protected]>
|
/ok-to-test |
|
/retest |
1 similar comment
|
/retest |
|
Manually merging due the "Trusted App Pipeline" blocking the auto-merge. |
israel-hdez
pushed a commit
to israel-hdez/kserve
that referenced
this pull request
Mar 8, 2024
…p/component-updates/kserve-controller-28 Update kserve-controller-28 to 5a22f4a
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )