Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

deps: bump google.golang.org/grpc to 1.59.0 #1453

Merged
merged 1 commit into from
Oct 27, 2023
Merged

deps: bump google.golang.org/grpc to 1.59.0 #1453

merged 1 commit into from
Oct 27, 2023

Conversation

adamqqqplay
Copy link
Member

Relevant Issue (if applicable)

GHSA-m425-mq94-257g

Details

  1. Fix gRPC-Go HTTP/2 Rapid Reset vulnerability

Types of changes

What types of changes does your PullRequest introduce? Put an x in all the boxes that apply:

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation Update (if none of the other choices apply)

Checklist

Go over all the following points, and put an x in all the boxes that apply.

  • I have updated the documentation accordingly.
  • I have added tests to cover my changes.

@adamqqqplay adamqqqplay requested a review from a team as a code owner October 26, 2023 03:03
@adamqqqplay adamqqqplay requested review from imeoer, jiangliu and gaius-qi and removed request for a team October 26, 2023 03:03
@codecov
Copy link

codecov bot commented Oct 26, 2023
edited

Codecov Report

Merging #1453 (6a459f3) into master (69ddef9) will increase coverage by 0.00%.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #1453   +/-   ##
=======================================
  Coverage   46.33%   46.33%           
=======================================
  Files         123      123           
  Lines       38896    38896           
  Branches    38896    38896           
=======================================
+ Hits        18022    18024    +2     
+ Misses      19900    19898    -2     
  Partials      974      974

see 4 files with indirect coverage changes

@adamqqqplay adamqqqplay mentioned this pull request Oct 26, 2023
Merged
6 tasks
@adamqqqplay
deps: bump google.golang.org/grpc to 1.59.0
6a459f3 
1. Fix gRPC-Go HTTP/2 Rapid Reset vulnerability

Please refer to:
GHSA-m425-mq94-257g

Signed-off-by: Qinqi Qu <quqinqi@linux.alibaba.com>
Desiki-high
Desiki-high approved these changes Oct 27, 2023
View reviewed changes
Copy link
Member

@Desiki-high Desiki-high left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Desiki-high Desiki-high merged commit f55d2c9 into dragonflyoss:master Oct 27, 2023
24 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Desiki-high Desiki-high Desiki-high approved these changes

@imeoer imeoer Awaiting requested review from imeoer imeoer is a code owner automatically assigned from dragonflyoss/nydus-reviewers

@jiangliu jiangliu Awaiting requested review from jiangliu jiangliu is a code owner automatically assigned from dragonflyoss/nydus-reviewers

@gaius-qi gaius-qi Awaiting requested review from gaius-qi gaius-qi is a code owner automatically assigned from dragonflyoss/nydus-reviewers

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@adamqqqplay @Desiki-high