CVEs on goss

[mstopa-splunk]

Describe the bug
1 High, 2 Medium CVEs on goss

How To Reproduce
Use trivy to detect CVE

Expected Behavior
Clear CVE report

Actual Behavior
Reported CVEe

Environment:
goss v0.4.8
alpine 3.20.3

[ikheifets-splunk]

@dklimpel @aelsabbahy we ready to help add CVE detection on CI.
As I remember @dklimpel already started that, please let me know if I can help with that :)
If it's needed we ready to help with PR

[mstopa-splunk]

hi @dklimpel @aelsabbahy did you have some time to look at this?

[aelsabbahy]

Please let me know if the newest version resolves the issue for you.

[ikheifets-splunk]

Please let me know if the newest version resolves the issue for you.

@aelsabbahy unfortunately we replaced goss to another solution, because we have strict SLA on fixing critical CVEs.
Anyway thank you for fixing.

[aelsabbahy]

Curious which solution you ended up going with.

I'll let you know once we have nightly CVE checks in case that changes anything in the future.

Many thanks for filing these and bringing this aspect to my attention as an enhancement to the release process.

[ikheifets-splunk]

Many thanks for filing these and bringing this aspect to my attention as an enhancement to the release process.

Thank you too, I super glad that we have such good communication :)

Curious which solution you ended up going with.

Instead of using generic tools for healthchecking, we found optimised for our use case - health check for syslog server by syslog-ng