Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade prometheus client to 1.11.1 #738

Merged
merged 1 commit into from Feb 26, 2022

Conversation

nicoloboschi
Copy link
Contributor

Motivation

The current version (1.11.0) is vulnerable to http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21698

Modifications

  • Upgrade github.com/prometheus/client_golang from 1.11.0 to 1.11.1

@nicoloboschi
Copy link
Contributor Author

@shoothzj would you mind to enable the workflows ?

@eolivelli
Copy link

Started

@merlimat merlimat added this to the v0.9.0 milestone Feb 26, 2022
@merlimat merlimat merged commit 1be07f9 into apache:master Feb 26, 2022
freeznet pushed a commit that referenced this pull request Mar 8, 2022
@freeznet freeznet modified the milestones: v0.9.0, v0.8.1 Mar 8, 2022
nodece pushed a commit that referenced this pull request Sep 6, 2022
…ontent (#831)

* Upgrade beefsack/go-rate (#735)

Fixes #725

### Motivation

This PR will enable pulsar-client-go to be a compliant library. One of its dependencies was not compliant with OSS licensing requirements earlier, and this PR upgrades to the latest version of it, which has a MIT license.

### Modifications

Ran the following commands
```bash
go get github.com/beefsack/go-rate@latest
go mod tidy
```

### Verifying this change

- [x] Make sure that the change passes the CI checks.

* Upgrade prometheus client to 1.11.1 (#738)

* remove redundant "[]" pair in the head and tail of log content

Co-authored-by: Shubham Sharma <shubhash@microsoft.com>
Co-authored-by: Nicolò Boschi <boschi1997@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

5 participants