Skip to content

Backport patch-safe fixes for v0.1.1#60

Merged
eguzki merged 4 commits into
release-0.1from
backport-0.1.1-patches
May 20, 2026
Merged

Backport patch-safe fixes for v0.1.1#60
eguzki merged 4 commits into
release-0.1from
backport-0.1.1-patches

Conversation

@thomasmaas
Copy link
Copy Markdown
Contributor

@thomasmaas thomasmaas commented May 20, 2026

Summary

Cherry-picked patch-safe fixes from main for the v0.1.1 patch release (Kuadrant 1.4.4).

The release-0.1 branch was created from release-v0.1 as part of the RFC 0018 migration.

Changes

  • Go 1.25.5 → 1.25.9 — aligns with all other Kuadrant 1.4.4 components
  • gRPC-Go → 1.79.3 — dependency upgrade
  • fix: do not set latest tag for tag events — CI fix preventing accidental latest image tag on release builds

Skipped (depend on features added after v0.1.0)

  • nil-checks for nested pointer fields (apikey_secret_controller.go — file doesn't exist at v0.1.0)
  • Orphaned enforcement secrets cleanup (same file)
  • GH Actions security fixes (composite actions don't exist at v0.1.0)
  • APIKeyRequest naming pattern change (feature)

Test plan

  • CI passes on the release-0.1 branch

🤖 Generated with Claude Code

KevFan and others added 4 commits May 20, 2026 09:50
@KevFan @thomasmaas
fix: do not set latest tag for tag events
60f942f 
Signed-off-by: KevFan <kevin_fan@hotmail.co.uk>
Signed-off-by: Thomas Maas <thomas@webtypes.com>
@thomasmaas
Upgrade Go to 1.25.8
ff9bf2a 
Fixes CVE-2026-25679 (net/url) and CVE-2026-27137 (crypto/x509).

Signed-off-by: Thomas Maas <thomas@webtypes.com>
@thomasmaas
Upgrade gRPC-Go to 1.79.3
1bab58e 
Fixes CVE-2026-33186: authorization bypass due to improper HTTP/2
path validation (CVSS 9.1 Critical).

Signed-off-by: Thomas Maas <thomas@webtypes.com>
@thomasmaas @claude
Upgrade Go to 1.25.9
1702746 
Signed-off-by: Thomas Maas <tmaas@redhat.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Thomas Maas <thomas@webtypes.com>
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented May 20, 2026

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f4d49f17-34ae-4583-8896-8add3c189718

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch backport-0.1.1-patches

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@thomasmaas thomasmaas requested a review from eguzki May 20, 2026 08:39
@eguzki eguzki merged commit e3b6560 into release-0.1 May 20, 2026
20 checks passed
@eguzki eguzki deleted the backport-0.1.1-patches branch May 20, 2026 08:42
@thomasmaas thomasmaas mentioned this pull request May 20, 2026
Open
35 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eguzki eguzki eguzki approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@thomasmaas @eguzki @KevFan