This release is to mitigate critical severity GHSA-pppg-cpfq-h7wr which allows remote code execution. Pepr is not vulnerable to RCE due to having no attack service area to expose the library and being that Pepr talks to kube-apiserver to accept AdmissionReview objects and Kubernetes events. None the less, it is our practice to do a release when we see a high severity CVE.
What's Changed
- chore: test matrix with unicorn flavor by @cmwylie19 in #1837
- chore: rename api-token to api-path by @cmwylie19 in #1830
- chore: remove version from build by @cmwylie19 in #1842
- chore: override jsonpath-plus cve by @cmwylie19 in #1847
Full Changelog: v0.45.1...v0.46.0
Contributors
cmwylie19