Skip to content

build: fix cross-span and setuptools CVEs #1581

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

build: fix cross-span and setuptools CVEs #1581

wants to merge 6 commits into from

Conversation

gcf-owl-bot[bot]
Copy link
Contributor

@gcf-owl-bot gcf-owl-bot bot commented Jul 15, 2025

Fixes CVE-2024-21538 and CVE-2024-6345 .
b/430729479

  • use python:3.10.18-bullseye for PHP base to fix Kokoro failure

Source-Link: googleapis/synthtool@65d4020
Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-nodejs:latest@sha256:a52bd494fc1fe28479d7982db3d0f8bd49d862b4184c4574ca0931e99ac1ffee

@gcf-owl-bot
build: fix cross-span and setuptools CVEs
a9dc557 
Fixes  CVE-2024-21538 and CVE-2024-6345 .
b/430729479

* use python:3.10.18-bullseye for PHP base to fix Kokoro failure

Source-Link: googleapis/synthtool@65d4020
Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-nodejs:latest@sha256:a52bd494fc1fe28479d7982db3d0f8bd49d862b4184c4574ca0931e99ac1ffee
@gcf-owl-bot gcf-owl-bot bot requested review from a team as code owners July 15, 2025 17:27
@gcf-owl-bot gcf-owl-bot bot requested a review from gkevinzheng July 15, 2025 17:27
@product-auto-label product-auto-label bot added the size: xl Pull request size is extra large. label Jul 15, 2025
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Jul 15, 2025
@product-auto-label product-auto-label bot added the api: logging Issues related to the googleapis/nodejs-logging API. label Jul 15, 2025
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Jul 15, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 15, 2025
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Jul 15, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 15, 2025
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Jul 15, 2025
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Jul 15, 2025
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Jul 15, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 15, 2025
@trusted-contributions-gcf trusted-contributions-gcf bot added kokoro:force-run Add this label to force Kokoro to re-run the tests. owlbot:run Add this label to trigger the Owlbot post processor. labels Jul 15, 2025
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Jul 15, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 15, 2025
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 15, 2025
@trusted-contributions-gcf trusted-contributions-gcf bot added the owlbot:run Add this label to trigger the Owlbot post processor. label Jul 15, 2025
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Jul 15, 2025
@trusted-contributions-gcf trusted-contributions-gcf bot added the owlbot:run Add this label to trigger the Owlbot post processor. label Jul 15, 2025
@gcf-owl-bot gcf-owl-bot bot removed the owlbot:run Add this label to trigger the Owlbot post processor. label Jul 15, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 15, 2025
@product-auto-label product-auto-label bot added the stale: old Pull request is old and needs attention. label Aug 15, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gkevinzheng gkevinzheng Awaiting requested review from gkevinzheng gkevinzheng is a code owner automatically assigned from googleapis/api-logging

At least 1 approving review is required to merge this pull request.

Assignees

@cindy-peng cindy-peng

Labels
api: logging Issues related to the googleapis/nodejs-logging API. owl-bot-update-lock size: xl Pull request size is extra large. stale: old Pull request is old and needs attention.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yoshi-kokoro @cindy-peng