Merge pull request #1881 from justaugustus/cleanup

Update image versions, add release notes block, update guidance on reporting security issues

.github/PULL_REQUEST_TEMPLATE.md

@@ -7,10 +7,12 @@ Thank you for sending a pull request! Here some tips for contributors:
 4. If the Pull Request is a work in progress, make use of GitHub's "Draft PR" feature and mark it as such.
 -->
 
-**Overview**:
+#### Overview
+
 <!-- Describe your changes briefly here. -->
 
-**What problem does it solve?**:
+#### What this PR does / why we need it
+
 <!--
 - Please state in detail why we need this PR and what it solves.
 - If your PR closes some of the existing issues, please add links to them here.
@@ -18,4 +20,16 @@ Thank you for sending a pull request! Here some tips for contributors:
   Usage: "Closes #<issue number>", or "Closes (paste link of issue)"
 -->
 
-**Special notes for a reviewer**:
+#### Special notes for your reviewer
+
+#### Does this PR introduce a user-facing change?
+
+<!--
+If no, just write "NONE" in the release-note block below.
+If yes, a release note is required:
+Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".
+-->
+
+```release-note
+
+```

Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.15-alpine
+FROM golang:1.15.6-alpine3.12
 
 ARG TARGETOS
 ARG TARGETARCH

README.md

@@ -103,7 +103,11 @@ All changes or deprecations of connector features will be announced in the [rele
 
 ## Reporting a security vulnerability
 
-Due to their public nature, GitHub and mailing lists are NOT appropriate places for reporting vulnerabilities. Please refer to CoreOS's [security disclosure][disclosure] process when reporting issues that may be security related.
+Due to their public nature, GitHub and mailing lists are NOT appropriate places
+for reporting vulnerabilities.
+
+Please email the [maintainers list][maintainers-list] to report issues that may
+be security-related.
 
 ## Getting help
 
@@ -126,4 +130,4 @@ on the Kubernetes Slack, or join the [dex-dev][dex-dev] mailing list.
 [issues]: https://github.com/dexidp/dex/issues
 [dex-dev]: https://groups.google.com/forum/#!forum/dex-dev
 [slack]: slack://channel?team=T09NY5SBT&id=C011URMR41W
-[disclosure]: https://coreos.com/security/disclosure/
+[maintainers-list]: mailto:cncf-dex-maintainers@lists.cncf.io

docker-compose.yaml

@@ -19,7 +19,7 @@ services:
       - "127.0.0.1:3306:3306"
 
   postgres:
-    image: postgres:10.8
+    image: postgres:10.15
     environment:
       POSTGRES_DB: dex
       POSTGRES_USER: postgres
@@ -28,7 +28,7 @@ services:
       - "127.0.0.1:5432:5432"
 
   etcd:
-    image: gcr.io/etcd-development/etcd:v3.2.9
+    image: gcr.io/etcd-development/etcd:v3.4.9
     environment:
       ETCD_LISTEN_CLIENT_URLS: http://0.0.0.0:2379
       ETCD_ADVERTISE_CLIENT_URLS: http://0.0.0.0:2379