|
Ran
|
Jobs
1
|
Files
7
|
Run time
1min
|
Badge
README BADGES
|
push
github
chore(deps): update dependencies (patch & digest) (#422) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/attest-build-provenance](https://redirect.github.com/actions/attest-build-provenance) ([changelog](https://redirect.github.com/actions/attest-build-provenance/compare/a2bbfa253..0f67c3f48)) | action | digest | `a2bbfa2` → `0f67c3f` | | [cert-manager/cert-manager](https://redirect.github.com/cert-manager/cert-manager) | | patch | `v1.20.2` → `v1.20.3` | | [release-drafter/release-drafter](https://redirect.github.com/release-drafter/release-drafter) ([changelog](https://redirect.github.com/release-drafter/release-drafter/compare/ed4bc48ec..4d75298e0)) | action | digest | `ed4bc48` → `4d75298` | --- ### Release Notes <details> <summary>cert-manager/cert-manager (cert-manager/cert-manager)</summary> ### [`v1.20.3`](https://redirect.github.com/cert-manager/cert-manager/releases/tag/v1.20.3) [Compare Source](https://redirect.github.com/cert-manager/cert-manager/compare/v1.20.2...v1.20.3) cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters. This patch release fixes a security issue ([`GHSA-8rvj-mm4h-c258`](https://redirect.github.com/cert-manager/cert-manager/security/advisories/GHSA-8rvj-mm4h-c258), HIGH) where the default `cert-manager-edit` aggregate ClusterRole granted namespace users permission to create ACME `Challenge` and `Order` resources directly. A user who could create a `Challenge` referencing a `ClusterIssuer` could supply attacker-controlled solver configuration while cert-manager loaded credentials from the `ClusterIssuer`'s namespace, bypassing Issuer solver selectors (`dnsZones`, `dnsNames`, `matchLabels`). With the acme-dns provider specifically, this could disclose DNS credentials to an attacker... (continued)
782 of 928 relevant lines covered (84.27%)
1346.0 hits per line
| ID | Job ID | Ran | Files | Coverage | |
|---|---|---|---|---|---|
| 1 | 28367811397.1 | 7 |
84.27 |
GitHub Action Run |
| Coverage | ∆ | File | Lines | Relevant | Covered | Missed | Hits/Line |
|---|