argo-cd
argo-cd copied to clipboard
Published
20 hours ago •
argoproj
argoproj
feat: update dexIDP docker image to from v2.38.0 to v2.39.1
Summary
A new version of dexIDP got released last month and there some security issues fixed with that release. https://github.com/dexidp/dex/releases/tag/v2.39.1
Currently, argo-cd appears to be running on 2.38.0
Motivation
There are a lot of dependency version updates in 2.39.0, some bug fixes and enchancements. 2.39.1 adds some additional bug fixes. Additionally there are some fixed security issues with the image.
Proposal
I think we should replace all occurrences of dex:v2.38.0 with dex:v2.39.1 and press thumbs that argo-cd is still working.
Checklist:
- [x] Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
- [x] The title of the PR states what changed and the related issues number (used for the release note).
- [x] The title of the PR conforms to the Toolchain Guide
- [ ] I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
- [ ] I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
- [ ] Does this PR require documentation updates?
- [ ] I've updated documentation as required by this PR.
- [ ] I have signed off all my commits as required by DCO
- [ ] I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
- [x] My build is green (troubleshooting builds).
- [x] My new feature complies with the feature status guidelines.
- [x] I have added a brief description of why this PR is necessary and/or what this PR solves.
- [ ] Optional. My organization is added to USERS.md.
- [ ] Optional. For bug fixes, I've indicated what older releases this fix should be cherry-picked into (this may or may not happen depending on risk/complexity).
