Niccolò Fei

Here's a diff of the CVE scanning between bullseye and bookworm images (using trivy): ``` ghcr.io/cloudnative-pg/postgresql-testing:16.2-16-bullseye@sha256:40b5ef1783c137223709f3423b1af470a4b142c52faf8edb123395165ca70865 (debian 11.9) ================================================================================================================================================ Total: 300 (UNKNOWN: 0, LOW: 143, MEDIUM: 80, HIGH: 71, CRITICAL:...

It seems like that's the case for all the "previous" minor versions: 16.1 / 15.5 / 14.10 / 13.13 / 12.17 Though the CNPG images don't install the PG packages...

Hi @xt0rted It seems like there has been some Github API changes recently, and the REST API has now started returning these 2 roles as well. That currently makes the...

Attaching the SARIF content below: Sarif content: ``` { "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", "version": "2.1.0", "runs": [ { "tool": { "driver": { "name": "Snyk Container", "properties": { "artifactsScanned": 169 }, "rules": [...

> Doesn't `linux/arm64` refer to `v8` variant by default? I thought `v8` is the first variant to support 64 bit instructions yeah this turned out to be a totally different...

/ok-to-merge

Because the query mapping needs to be unique (even though the 2 queries are mutually exclusive), I've distinguished the bgwriter metric's name in the following way: * for PG17 and...

> This change will reveal sensitive information because of the base64 encoding, am I right ? It seems fine [here](https://github.com/cloudnative-pg/cloudnative-pg/actions/runs/9080834361/job/24953667506?pr=4383#step:5:27), the base64 encoded token is still being obfuscated