Cut 1.19.1 #1494
Cut 1.19.1 #1494
Conversation
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.16.0 to 0.17.0. - [Commits](golang/sys@v0.16.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: lukasauk <lukas.aukscionis@hostinger.com>
lukasauk
force-pushed
the
lukasauk/cut-1.19.1
branch
from
7e08225
to
b2b6d8d
Compare
|
@lukasauk, first and foremost, thank you for taking the initiative to open this pull request. Typically, a maintainer manages the release process to ensure consistency and alignment with the project's roadmap. Additionally, we tend to reserve minor releases for situations of urgency, such as critical bug fixes or addressing high-severity security vulnerabilities. Could you share more details about the objectives you aim to achieve with this release? |
|
What a warm welcome, @kakkoyun, basically would like to resolve security vulnerabilities on my repositories, thought if the next minor or major will come after a while, would be nice to have a patch for that. But totally understood your point, for reserving patches for more critical occasions. |
|
Sucks we missed this, added issue to track automation to get dependabot on latest releases. |
|
Released: https://github.com/prometheus/client_golang/releases/tag/v1.19.1 Thanks! |
|
Automation would massively help #1512 |
|
@bwplotka yeah, created this PR before 1502 looks like, but I do really appreciate that you released a minor with security patches, was waiting for that 💜 |
Cherry-picked two dependabot commits to apply security patches, did not update changelog since it has no user impacting changes.