Merge pull request #1881 from justaugustus/cleanup

Update image versions, add release notes block, update guidance on reporting security issues
2020-12-14 03:40:49 -05:00 · 2020-12-14 03:40:49 -05:00 · 0f9e2888ab
parent 324b1c886b 8ed9ef8ad8
commit 0f9e2888ab
4 changed files with 26 additions and 8 deletions
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@ -7,10 +7,12 @@ Thank you for sending a pull request! Here some tips for contributors:
 4. If the Pull Request is a work in progress, make use of GitHub's "Draft PR" feature and mark it as such.
 -->
-**Overview**:
+#### Overview
 <!-- Describe your changes briefly here. -->
-**What problem does it solve?**:
+#### What this PR does / why we need it
 <!--
 - Please state in detail why we need this PR and what it solves.
 - If your PR closes some of the existing issues, please add links to them here.
@ -18,4 +20,16 @@ Thank you for sending a pull request! Here some tips for contributors:
  Usage: "Closes #<issue number>", or "Closes (paste link of issue)"
 -->
-**Special notes for a reviewer**:
+#### Special notes for your reviewer
 #### Does this PR introduce a user-facing change?
 <!--
 If no, just write "NONE" in the release-note block below.
 If yes, a release note is required:
 Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".
 -->
 ```release-note
 ```
--- a/2
+++ b/2
@ -1,4 +1,4 @@
-FROM golang:1.15-alpine
+FROM golang:1.15.6-alpine3.12
 ARG TARGETOS
 ARG TARGETARCH
--- a/README.md
+++ b/README.md
@ -103,7 +103,11 @@ All changes or deprecations of connector features will be announced in the [rele
 ## Reporting a security vulnerability
-Due to their public nature, GitHub and mailing lists are NOT appropriate places for reporting vulnerabilities. Please refer to CoreOS's [security disclosure][disclosure] process when reporting issues that may be security related.
+Due to their public nature, GitHub and mailing lists are NOT appropriate places
 for reporting vulnerabilities.
 Please email the [maintainers list][maintainers-list] to report issues that may
 be security-related.
 ## Getting help
@ -126,4 +130,4 @@ on the Kubernetes Slack, or join the [dex-dev][dex-dev] mailing list.
 [issues]: https://github.com/dexidp/dex/issues
 [dex-dev]: https://groups.google.com/forum/#!forum/dex-dev
 [slack]: slack://channel?team=T09NY5SBT&id=C011URMR41W
-[disclosure]: https://coreos.com/security/disclosure/
+[maintainers-list]: mailto:cncf-dex-maintainers@lists.cncf.io
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -19,7 +19,7 @@ services:
      - "127.0.0.1:3306:3306"
  postgres:
-    image: postgres:10.8
+    image: postgres:10.15
    environment:
      POSTGRES_DB: dex
      POSTGRES_USER: postgres
@ -28,7 +28,7 @@ services:
      - "127.0.0.1:5432:5432"
  etcd:
-    image: gcr.io/etcd-development/etcd:v3.2.9
+    image: gcr.io/etcd-development/etcd:v3.4.9
    environment:
      ETCD_LISTEN_CLIENT_URLS: http://0.0.0.0:2379
      ETCD_ADVERTISE_CLIENT_URLS: http://0.0.0.0:2379