Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update outdated dependencies (OBOL-12) #2083

Closed
2 tasks
xenowits opened this issue Apr 11, 2023 · 1 comment
Closed
2 tasks

update outdated dependencies (OBOL-12) #2083

xenowits opened this issue Apr 11, 2023 · 1 comment
Labels
protocol Protocol Team tickets sigp audit Issues identified by sigma prime audit

Comments

@xenowits
Copy link
Contributor

🎯 Problem to be solved

Update the outdated dependencies.

🛠️ Proposed solution

Update the following dependencies:

1. github.com/bufbuild/buf v1.14.0 (latest version is v1.17.1)
2. github.com/golang/snappy v0.0.4 (latest version is v0.0.5)
3. github.com/gorilla/mux v1.8.0 (latest version is v1.8.1)
4. github.com/spf13/cobra v1.6.1 (latest version is v1.6.3)
5. github.com/spf13/pflag v1.0.5 (latest version is v1.0.8)
6. github.com/spf13/viper v1.15.0 (latest version is v1.16.0)
7. github.com/stretchr/testify v1.8.1 (latest version is v1.8.3)
8. golang.org/x/oauth2 v0.5.0 (latest version is v0.5.2)
9. gopkg.in/cenkalti/backoff.v1 v1.1.0 (latest version is v2.2.1)

Describe the solution to be implemented

🧪 Tests

  • Manually tested on core team/canary/test clusters
  • Manually tested on local compose simnet
@xenowits xenowits added the sigp audit Issues identified by sigma prime audit label Apr 11, 2023
@github-actions github-actions bot added the protocol Protocol Team tickets label Apr 11, 2023
@xenowits
Copy link
Contributor Author

The latest version recommendations from the audit are wrong. In particular, all of them are "1 patch version" ahead of latest releases, so they are not released yet.

Closing this since dependabot already tracks the mentioned dependencies

@xenowits xenowits changed the title updated outdated dependencies (OBOL-12) update outdated dependencies (OBOL-12) Apr 12, 2023
@xenowits xenowits mentioned this issue Apr 12, 2023
Merged
obol-bulldozer bot pushed a commit that referenced this issue Apr 12, 2023
@xenowits
beaconmock: remove backoff dependency (#2089)
e755677 
Remove `gopkg.in/cenkalti/backoff.v1` direct dependency by removing its usage in `headproducer_internal_test.go`. Though it is still present as an indirect dependency since `sse/v2` uses it.

category: refactor
ticket: #2083
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
protocol Protocol Team tickets sigp audit Issues identified by sigma prime audit
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@xenowits