Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix for https://github.com/grpc/grpc-java/issues/7612, increasing the… #7613

Merged
merged 1 commit into from Nov 12, 2020
Merged

Fix for https://github.com/grpc/grpc-java/issues/7612, increasing the… #7613

merged 1 commit into from Nov 12, 2020

Conversation

attila123
Copy link
Contributor

… google auth library version to 0.22.0 to use the latest non-vulnerable apache httpclient 4.5.13

@attila123
Fix for grpc#7612, increasing the google auth library version to 0.22…
3a93cb6 
….0 to use the latest non-vulnerable apache httpclient 4.5.13
@linux-foundation-easycla
Copy link

CLA Not Signed

@attila123
Copy link
Contributor Author

I signed the EasyCLA 2 times, no luck. Created support ticket: https://jira.linuxfoundation.org/plugins/servlet/theme/portal/4/SUPPORT-2973

@WillsonHG WillsonHG mentioned this pull request Nov 11, 2020
Closed
@ericgribkoff ericgribkoff added the kokoro:run Add this label to a PR to tell Kokoro the code is safe and tests can be run label Nov 11, 2020
@ericgribkoff
Copy link
Contributor

The change seems alright to me. FWIW went through the history of the linked repos from #7612 and it looks like the actual transitive dependency update that this PR is interested in bringing in (google http client 1.37.0 updating to apache httpclient 4.5.13) was not in response to any vulnerability but just a regularly scheduled upgrade: googleapis/google-http-java-client#1134

@ejona86
Copy link
Member

ejona86 commented Nov 11, 2020

Looks like the CLA issue has been resolved. It is green.

@ejona86 ejona86 added kokoro:run Add this label to a PR to tell Kokoro the code is safe and tests can be run and removed kokoro:run Add this label to a PR to tell Kokoro the code is safe and tests can be run labels Nov 11, 2020
@grpc-kokoro grpc-kokoro removed the kokoro:run Add this label to a PR to tell Kokoro the code is safe and tests can be run label Nov 11, 2020
@ericgribkoff ericgribkoff merged commit 8062b69 into grpc:master Nov 12, 2020
@ericgribkoff
Copy link
Contributor

@attila123 Thanks!

@ericgribkoff ericgribkoff mentioned this pull request Nov 12, 2020
Closed
@dapengzhang0 dapengzhang0 mentioned this pull request Nov 23, 2020
Closed
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 4, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ejona86 ejona86 ejona86 approved these changes

@ericgribkoff ericgribkoff ericgribkoff approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@attila123 @ericgribkoff @ejona86 @grpc-kokoro