v0.30.2 Release 🎉
This is a patch release addressing a security issue on the golang.org/x/net and github.com/grpc/grpc-go dependency:
- HTTP/2 rapid reset can cause excessive work in net/http - commits
- This addresses GHSA-qppj-fm5r-hxr3 by not allowing more server handlers to be run than the HTTP/2 MAX_CONCURRENT_STREAMS setting.
ChangeLog 📋
Misc 🔨
- Bump tektoncd/pipeline to v0.44.5 acaf6b0
- Bump hub to v1.12.4 6e45473
- Bump grpc to v1.56.3 0c7e872
- Bump tektoncd/triggers to v0.23.2 2419aa6