Thanks Matthias for the input, yes, I was expecting K8S client libraries would need go-restful, but if you look at the go-restful versions client-go and kube-openapi depend on, they are different from what Prometheus’s one, which is v2.16.0. It looks like Prometheus uses it somewhere under the hood, but I could not figure out that dependancy chain yet. As to the trigger of this question, yeah, Tristan is right, couples of vulnerabilities are reported on go-restful, and I want to know whether Prometheus is affected or not. Thanks BRs /Gavin
-- On 11 Feb 2023, at 02:10, Tristan Colgate <tcolg...@gmail.com> wrote:
You received this message because you are subscribed to the Google Groups "Prometheus Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-developers+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-developers/78662C2C-3E8C-432A-9513-91514FFB9E8A%40gmail.com. |
- [prometheus-developers] How Prometheus uses go-restful ? Gavin
- Re: [prometheus-developers] How Prometheus uses go-re... Matthias Rampke
- Re: [prometheus-developers] How Prometheus uses g... Tristan Colgate
- Re: [prometheus-developers] How Prometheus us... Jian Xue
- Re: [prometheus-developers] How Prometheu... Matthias Rampke