Skip to content

chore: bump git-sync to v4.4.2-gke.10 #1991

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
google-oss-prow merged 1 commit into from
Jan 13, 2026
Merged

chore: bump git-sync to v4.4.2-gke.10 #1991

google-oss-prow merged 1 commit into from
Jan 13, 2026

Conversation

@Camila-B
Copy link
Contributor

@Camila-B Camila-B commented Jan 13, 2026

This includes CVE fixes

@Camila-B
chore: bump git-sync to v4.4.2-gke.10
98971e9 
This includes CVE fixes
@gemini-code-assist
Copy link

gemini-code-assist bot commented Jan 13, 2026

Summary of Changes

Hello @Camila-B, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on a routine but critical dependency update for git-sync. The primary goal is to integrate the latest version, which specifically addresses and resolves known security vulnerabilities. This ensures that the project benefits from improved security posture and maintains compatibility with the most recent stable releases of its components.

Highlights

  • Dependency Update: The git-sync dependency has been updated to version v4.4.2-gke.10.
  • Security Fixes: This version bump includes important CVE (Common Vulnerabilities and Exposures) fixes to enhance security.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Jan 13, 2026
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the git-sync version to v4.4.2-gke.10 in the Makefile. The change is intended to incorporate security fixes, as mentioned in the description. The version bump is applied correctly. I have one suggestion to improve the consistency of version variable definitions, which could be addressed in a future refactoring.

Makefile
COSIGN := $(BIN_DIR)/cosign

GIT_SYNC_VERSION := v4.4.2-gke.9__linux_amd64
GIT_SYNC_VERSION := v4.4.2-gke.10__linux_amd64
Copy link

@gemini-code-assist gemini-code-assist bot Jan 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The GIT_SYNC_VERSION variable includes the platform suffix __linux_amd64 directly in its value. This is inconsistent with other version variables in this file, like HELM_VERSION (line 84) and KUSTOMIZE_VERSION (line 80), where platform-specific parts are handled separately. To improve consistency and maintainability, consider refactoring this in the future. For example:

GIT_SYNC_BASE_VERSION := v4.4.2-gke.10
GIT_SYNC_VERSION := $(GIT_SYNC_BASE_VERSION)__linux_amd64

This would align the approach with other version definitions and make future updates clearer.

@google-oss-prow
Copy link

google-oss-prow bot commented Jan 13, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cowsking

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@cowsking
Copy link
Contributor

cowsking commented Jan 13, 2026

/lgtm

@google-oss-prow google-oss-prow bot added the lgtm label Jan 13, 2026
@google-oss-prow google-oss-prow bot merged commit 96142ab into main Jan 13, 2026
9 checks passed
Camila-B added a commit to Camila-B/kpt-config-sync that referenced this pull request Jan 13, 2026
@Camila-B
chore: bump git-sync to v4.4.2-gke.10 (GoogleContainerTools#1991)
9e7d465 
This includes CVE fixes
google-oss-prow bot pushed a commit that referenced this pull request Jan 13, 2026
@Camila-B
chore: bump git-sync to v4.4.2-gke.10 (#1991) (#1993)
cde875e 
This includes CVE fixes
@Camila-B Camila-B deleted the Camila-B-patch-1 branch January 13, 2026 23:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cowsking cowsking cowsking approved these changes

@tiffanny29631 tiffanny29631 Awaiting requested review from tiffanny29631

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@cowsking cowsking

Labels

approved lgtm size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Camila-B @cowsking