[release-4.17] OCPBUGS-80063: Bump google.golang.org/grpc to v1.79.3

[ocp-sustaining-admins]

This is an automated PR from the ARC system.

Go version used: go1.22.12

Patch applied: github.com/openshift-sustaining/grpc-go@v1.71.3-sec.1

Modules affected: .

The commands used to generate this PR were:

go mod edit -replace google.golang.org/grpc=github.com/openshift-sustaining/grpc-go@v1.71.3-sec.1
go mod tidy
go mod vendor

A member of the Red Hat Openshift Sustaining Team will review the PR and take appropriate action.

Summary by CodeRabbit

• Chores
  • Updated Go toolchain to version 1.22.0 with toolchain 1.22.12
  • Upgraded project dependencies to latest compatible versions
  • Increased CI linter timeout threshold for improved build reliability

[openshift-ci-robot]

@ocp-sustaining-admins: This pull request references Jira Issue OCPBUGS-80063, which is invalid:

• release note text must be set and not match the template OR release note type must be set to "Release Note Not Required". For more information you can reference the OpenShift Bug Process.
• expected Jira Issue OCPBUGS-80063 to depend on a bug targeting a version in 4.18.0, 4.18.z and in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA), but no dependents were found

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

This is an automated PR from the ARC system.

Go version used: go1.22.12

Patch applied: github.com/openshift-sustaining/grpc-go@v1.71.3-sec.1

Modules affected: .

The commands used to generate this PR were:

go mod edit -replace google.golang.org/grpc=github.com/openshift-sustaining/grpc-go@v1.71.3-sec.1
go mod tidy
go mod vendor

A member of the Red Hat Openshift Sustaining Team will review the PR and take appropriate action.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

Walkthrough

CI linter timeout configuration is increased from 4 minutes to 10 minutes. Go toolchain is bumped from 1.22/1.22.1 to 1.22.0/1.22.12, and multiple dependencies are updated including golang.org/x/text, OpenTelemetry, and Google packages, with a replace directive added for grpc.

Changes

CI Linter Configuration

Layer / File(s)	Summary
Linter timeout adjustment .golangci.yaml	Global run.timeout increases from 4m to 10m with corresponding comment update.

Go Toolchain and Dependencies Update

Layer / File(s)	Summary
Go version and toolchain bump go.mod (lines 3–5)	Go language version updated to 1.22.0 and toolchain to go1.22.12 (from 1.22 and go1.22.1 respectively).
Direct dependency upgrades go.mod (lines 14, 32–40, 52)	golang.org/x/text upgraded to v0.21.0, github.com/go-logr/logr to v1.4.2, and github.com/google/uuid to v1.6.0.
OpenTelemetry, Google, and stdlib indirect dependency updates go.mod (lines 76–101)	Mass update to OpenTelemetry modules (targeting v1.34.0), Google packages (google.golang.org/grpc, google.golang.org/protobuf, GenProto families), and golang.org/x/* modules to newer versions.
gRPC replacement directive go.mod (lines 116–117)	Adds replace google.golang.org/grpc => github.com/openshift-sustaining/grpc-go v1.71.3-sec.1 to redirect gRPC imports.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

🚥 Pre-merge checks | ✅ 11 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title references bumping google.golang.org/grpc, but the actual change implements a replace directive to github.com/openshift-sustaining/grpc-go v1.71.3-sec.1, not a direct version bump to the stated v1.79.3.	Update the title to accurately reflect the actual change: replace google.golang.org/grpc with github.com/openshift-sustaining/grpc-go v1.71.3-sec.1, or clarify the relationship between v1.79.3 and the actual patch version used.

✅ Passed checks (11 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	The custom check targets Ginkgo test names (It(), Describe(), Context(), etc.). The repository uses only standard Go testing and has no Ginkgo tests. The check is not applicable to this codebase.
Test Structure And Quality	✅ Passed	Custom check is for Ginkgo test code quality. PR adds a standard Go unit test using testing.T, not Ginkgo. No Ginkgo tests present in PR changes.
Microshift Test Compatibility	✅ Passed	No Ginkgo e2e tests are added in this PR. The only test file added is builder_test.go, which contains standard Go unit tests using the testing package, not Ginkgo tests. The check is not applicable.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	This PR only modifies .golangci.yaml and go.mod. No Ginkgo e2e tests are added. The custom check applies only when new Ginkgo tests are added, so it is inapplicable here.
Topology-Aware Scheduling Compatibility	✅ Passed	PR only modifies .golangci.yaml and go.mod. The check applies only to deployment manifests, operator code, or controllers—none of which are modified here.
Ote Binary Stdout Contract	✅ Passed	PR does not introduce new stdout writes in process-level code. Changes are dependency/config updates only. Pre-existing fmt.Println calls in main.go are unchanged.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	No new Ginkgo e2e tests added. Changes limited to dependency updates and CI configuration. Check not applicable.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 golangci-lint (2.12.2)

Error: can't load config: unsupported version of the configuration: "" See https://golangci-lint.run/docs/product/migration-guide for migration instructions
The command is terminated due to an error: can't load config: unsupported version of the configuration: "" See https://golangci-lint.run/docs/product/migration-guide for migration instructions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

Hi @ocp-sustaining-admins. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[MrSanketkumar]

/ok-to-test

[MrSanketkumar]

/retest-require

[MrSanketkumar]

/retest-require

[MrSanketkumar]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@go.mod`:
- Line 77: Update the vulnerable dependency versions in go.mod: bump
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to
v0.46.0, go.opentelemetry.io/otel/sdk to a patched release (e.g., v1.43.0),
golang.org/x/crypto to v0.35.0, and golang.org/x/oauth2 to v0.27.0; then run `go
get`/`go get module@version` (or edit go.mod and run `go mod tidy`) to refresh
go.sum, rebuild and run tests, and re-run the OSV/security scanner to confirm
the vulnerabilities for these modules (otelgrpc, go.opentelemetry.io/otel/sdk,
golang.org/x/crypto, golang.org/x/oauth2) are resolved.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: a2ed8656-8a3c-48a4-ab56-fe25feecd9b0

📥 Commits

Reviewing files that changed from the base of the PR and between e31b777 and a0e132a.

⛔ Files ignored due to path filters (298)

• go.sum is excluded by !**/*.sum
• vendor/github.com/cespare/xxhash/v2/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/cespare/xxhash/v2/xxhash.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/cespare/xxhash/v2/xxhash_asm.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/cespare/xxhash/v2/xxhash_other.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/cespare/xxhash/v2/xxhash_safe.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/context.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/context_noslog.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/context_slog.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/funcr/funcr.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/funcr/slogsink.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/logr.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/sloghandler.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/slogr.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/slogr/slogr.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/slogsink.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/jsonpb/decode.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/jsonpb/encode.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/jsonpb/json.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/uuid/CHANGELOG.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/uuid/CONTRIBUTING.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/uuid/hash.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/uuid/time.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/uuid/uuid.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/uuid/version6.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/uuid/version7.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/CONTRIBUTING.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/VERSIONING.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/internal/telemetry/attr.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/internal/telemetry/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/internal/telemetry/id.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/internal/telemetry/number.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/internal/telemetry/resource.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/internal/telemetry/scope.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/internal/telemetry/span.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/internal/telemetry/status.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/internal/telemetry/traces.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/internal/telemetry/value.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/limit.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/span.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/tracer.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/auto/sdk/tracer_provider.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/.codespellignore is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/.codespellrc is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/.gitignore is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/.gitmodules is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/.golangci.yml is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/CHANGELOG.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/CODEOWNERS is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/CONTRIBUTING.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/Makefile is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/RELEASING.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/VERSIONING.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/attribute/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/attribute/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/attribute/encoder.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/attribute/filter.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/attribute/iterator.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/attribute/key.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/attribute/kv.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/attribute/set.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/attribute/value.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/baggage/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/baggage/baggage.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/baggage/context.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/baggage/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/codes/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/codes/codes.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/codes/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/error_handler.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/get_main_pkgs.sh is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/handler.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/attribute/attribute.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/baggage/baggage.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/baggage/context.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/gen.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/global/handler.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/global/instruments.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/global/internal_logging.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/global/meter.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/global/propagator.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/global/state.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/global/trace.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal/rawhelpers.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/internal_logging.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric/asyncint64.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric/config.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric/embedded/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric/embedded/embedded.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric/instrument.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric/meter.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric/syncfloat64.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/metric/syncint64.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/propagation.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/propagation/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/propagation/baggage.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/propagation/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/propagation/propagation.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/propagation/trace_context.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/renovate.json is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/requirements.txt is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/instrumentation/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/instrumentation/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/instrumentation/library.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/instrumentation/scope.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/internal/env/env.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/internal/gen.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/internal/internal.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/internal/x/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/internal/x/x.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/auto.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/builtin.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/config.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/container.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/env.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id_bsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id_darwin.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id_exec.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id_linux.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id_readfile.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id_unsupported.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/host_id_windows.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/os.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/os_release_darwin.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/os_release_unix.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/os_unix.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/os_unsupported.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/os_windows.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/process.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/resource/resource.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/batch_span_processor.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/event.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/evictedqueue.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/id_generator.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/link.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/provider.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/sampler_env.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/sampling.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/simple_span_processor.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/snapshot.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/span.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/span_exporter.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/span_limits.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/span_processor.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/tracer.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/trace/version.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/sdk/version.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/internal/http.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.12.0/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.12.0/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.12.0/exception.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.12.0/http.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.12.0/resource.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.12.0/schema.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.12.0/trace.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.17.0/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.17.0/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.17.0/event.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.17.0/exception.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.17.0/http.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.17.0/resource.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.17.0/schema.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.17.0/trace.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.21.0/attribute_group.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.21.0/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.21.0/event.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.21.0/exception.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.21.0/resource.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.21.0/schema.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.21.0/trace.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.26.0/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.26.0/attribute_group.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.26.0/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.26.0/exception.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.26.0/metric.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/semconv/v1.26.0/schema.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/config.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/context.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/embedded/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/embedded/embedded.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/nonrecording.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/noop.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/noop/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/noop/noop.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/provider.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/span.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/trace.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/tracer.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/trace/tracestate.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/verify_examples.sh is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/verify_readmes.sh is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/verify_released_changelog.sh is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/version.go is excluded by !**/vendor/**, !vendor/**
• vendor/go.opentelemetry.io/otel/versions.yaml is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/cryptobyte/string.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/hkdf/hkdf.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/internal/poly1305/bits_compat.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/internal/poly1305/bits_go1.13.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/internal/poly1305/sum_generic.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.s is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/nacl/secretbox/secretbox.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/salsa20/salsa/hsalsa20.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/crypto/salsa20/salsa/salsa20_amd64.s is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http/httpguts/httplex.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/client_conn_pool.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/config.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/config_go124.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/config_pre_go124.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/frame.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/http2.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/pipe.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/server.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/timer.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/transport.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/unencrypted.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/write.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/writesched_priority.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/websocket/client.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/websocket/dial.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/websocket/hybi.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/websocket/websocket.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/oauth2/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/oauth2/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/oauth2/deviceauth.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/oauth2/internal/client_appengine.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/oauth2/internal/token.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/oauth2/internal/transport.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/oauth2/oauth2.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/oauth2/pkce.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/oauth2/token.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sync/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sync/singleflight/singleflight.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_arm64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_arm64.s is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_gc_x86.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_gc_x86.s is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_linux_riscv64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_other_x86.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_riscv64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/cpu_x86.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/aliases.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/asm_zos_s390x.s is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/bpxsvc_zos.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/bpxsvc_zos.s is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/epoll_zos.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/fstatfs_zos.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/ioctl_linux.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/mkerrors.sh is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/mmap_nomremap.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/mremap.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/pagesize_unix.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/readdirent_getdirentries.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/sockcmsg_zos.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/symaddr_zos_s390x.s is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_aix.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_darwin.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_dragonfly.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_freebsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_hurd.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_linux.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_linux_arm64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_linux_loong64.go is excluded by !**/vendor/**, !vendor/**

📒 Files selected for processing (2)

• .golangci.yaml
• go.mod

[coderabbitai]

⚠️ Potential issue | 🟠 Major | 🏗️ Heavy lift

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Check for security advisories and newer versions of flagged dependencies

echo "=== Checking for OpenTelemetry otelgrpc updates ==="
gh api graphql -f query='
{
  securityVulnerabilities(first: 5, ecosystem: GO, package: "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc") {
    nodes {
      advisory {
        summary
        severity
        publishedAt
      }
      vulnerableVersionRange
      firstPatchedVersion {
        identifier
      }
    }
  }
}'

echo -e "\n=== Checking for OpenTelemetry SDK updates ==="
gh api graphql -f query='
{
  securityVulnerabilities(first: 5, ecosystem: GO, package: "go.opentelemetry.io/otel/sdk") {
    nodes {
      advisory {
        summary
        severity
      }
      vulnerableVersionRange
      firstPatchedVersion {
        identifier
      }
    }
  }
}'

echo -e "\n=== Checking for golang.org/x/crypto updates ==="
gh api graphql -f query='
{
  securityVulnerabilities(first: 5, ecosystem: GO, package: "golang.org/x/crypto") {
    nodes {
      advisory {
        summary
        severity
      }
      vulnerableVersionRange
      firstPatchedVersion {
        identifier
      }
    }
  }
}'

echo -e "\n=== Checking for golang.org/x/oauth2 updates ==="
gh api graphql -f query='
{
  securityVulnerabilities(first: 5, ecosystem: GO, package: "golang.org/x/oauth2") {
    nodes {
      advisory {
        summary
        severity
      }
      vulnerableVersionRange
      firstPatchedVersion {
        identifier
      }
    }
  }
}'

Repository: openshift/cluster-olm-operator

Length of output: 2517

---

🏁 Script executed:

head -95 go.mod | tail -25

Repository: openshift/cluster-olm-operator

Length of output: 1370

---

Update multiple HIGH severity vulnerabilities in dependencies.

OSV Scanner has identified 5 HIGH severity vulnerabilities in the current dependency versions:

1. Line 77 - go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.44.0:

   • DoS vulnerability due to unbound cardinality metrics (patched in v0.46.0)

2. Line 83 - go.opentelemetry.io/otel/sdk v1.34.0:

   • Arbitrary Code Execution via PATH hijacking (patched in v1.40.0 or v1.43.0)

3. Line 89 - golang.org/x/crypto v0.32.0:

   • DoS via slow or incomplete key exchange (patched in v0.35.0)

4. Line 92 - golang.org/x/oauth2 v0.25.0:

   • Improper validation vulnerability (patched in v0.27.0)

All flagged versions are within vulnerable ranges. Consider updating these dependencies to their respective patched versions, either in this PR or as a follow-up security update.

🧰 Tools

🪛 OSV Scanner (2.3.8)

[HIGH] 77-77: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc 0.44.0: Denial of service in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc

(GO-2023-2331)

---

[HIGH] 77-77: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc 0.44.0: otelgrpc DoS vulnerability due to unbound cardinality metrics

(GHSA-8pgv-569h-w5rw)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@go.mod` at line 77, Update the vulnerable dependency versions in go.mod: bump
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to
v0.46.0, go.opentelemetry.io/otel/sdk to a patched release (e.g., v1.43.0),
golang.org/x/crypto to v0.35.0, and golang.org/x/oauth2 to v0.27.0; then run `go
get`/`go get module@version` (or edit go.mod and run `go mod tidy`) to refresh
go.sum, rebuild and run tests, and re-run the OSV/security scanner to confirm
the vulnerabilities for these modules (otelgrpc, go.opentelemetry.io/otel/sdk,
golang.org/x/crypto, golang.org/x/oauth2) are resolved.

[tmshort]

This is v1.71.3, whereas the fix is looking for v1.79.3; does this contain the proper fix?

[MrSanketkumar]

Yes, this version includes the gRPC CVE fix (v1.79.3). We have created patched versions based on the Go version used by each component, so the fix is already included and compatible.

[MrSanketkumar]

/test lint

[tmshort]

/lgtm
/approve

I looked at the go.mod/go.sum files. The replacement line ought to contain the patch; as the recommended fix requires upgrading to a more recent version of golang.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ocp-sustaining-admins, tmshort

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [tmshort]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@ocp-sustaining-admins: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.