mirror of
https://github.com/opencontainers/runc.git
synced 2026-07-11 06:03:57 +08:00
deps: update to github.com/opencontainers/selinux@v0.13.0
This new version includes the fixes for CVE-2025-52881, so we can remove the internal/third_party copy of the library we added in commited6b1693b8("selinux: use safe procfs API for labels") as well as the "replace" directive in go.mod (which is problematic for "go get" installs). Fixes:ed6b1693b8("selinux: use safe procfs API for labels") Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (cherry picked from commit96f1962f91) Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
This commit is contained in:
@@ -152,12 +152,9 @@ jobs:
|
||||
- name: no toolchain in go.mod # See https://github.com/opencontainers/runc/pull/4717, https://github.com/dependabot/dependabot-core/issues/11933.
|
||||
run: |
|
||||
if grep -q '^toolchain ' go.mod; then echo "Error: go.mod must not have toolchain directive, please fix"; exit 1; fi
|
||||
# FIXME: This check needed to be disabled for the go-selinux patch addded
|
||||
# when patching CVE-2025-52881. This needs to be removed as soon as
|
||||
# the embargo is lifted, along with the replace directive in go.mod.
|
||||
#- name: no exclude nor replace in go.mod
|
||||
# run: |
|
||||
# if grep -Eq '^\s*(exclude|replace) ' go.mod; then echo "Error: go.mod must not have exclude/replace directive, it breaks go install. Please fix"; exit 1; fi
|
||||
- name: no exclude nor replace in go.mod
|
||||
run: |
|
||||
if grep -Eq '^\s*(exclude|replace) ' go.mod; then echo "Error: go.mod must not have exclude/replace directive, it breaks go install. Please fix"; exit 1; fi
|
||||
|
||||
|
||||
commit:
|
||||
|
||||
Reference in New Issue
Block a user