Skip to content

Address httpoxy vulnerability #31

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Jul 25, 2016
Merged

Address httpoxy vulnerability #31

merged 13 commits into from
Jul 25, 2016

Conversation

@drichelson
Copy link
Contributor

@drichelson drichelson commented Jul 23, 2016
edited
Loading

Addresses #30
Involves upgrading Guzzle to 6.2.1 which means we need a new http client cache: https://github.com/Kevinrob/guzzle-cache-middleware

This is an api-breaking change since the cache storage interface is different. Documentation/examples will need to be updated when actually releasing.

Deployed to restwrapper and harness passes: https://circleci.com/gh/launchdarkly/integration-harness/1347

Manually tested that the client does indeed cache things.

drichelson
drichelson reviewed Jul 23, 2016
View reviewed changes
VERSION
@@ -1 +1 @@
0.7.0 No newline at end of file
1.0.0 No newline at end of file
Copy link
Contributor Author

@drichelson drichelson Jul 23, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want to stick with the pre-1.0 versions? if so this should be 0.8.0

Copy link
Contributor

@pkaeding pkaeding Jul 24, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should definitely bump the major version if this is an API-breaking change.

Copy link
Contributor Author

@drichelson drichelson Jul 24, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm fine either way, but FYI: http://semver.org/#spec-item-4

@pkaeding
Copy link
Contributor

pkaeding commented Jul 24, 2016

lgtm
👍
looks good to me
merge away
I approve
canned replies are great.

@drichelson drichelson merged commit a02ebff into master Jul 25, 2016
@drichelson drichelson deleted the dr/httpoxy branch July 25, 2016 16:41
@pkaeding pkaeding mentioned this pull request Aug 10, 2016
Closed
eli-darkly added a commit that referenced this pull request Jan 31, 2019
@eli-darkly
Merge pull request #31 from launchdarkly/eb/ch24449/less-metadata
78ed55f 
add option to reduce front-end metadata for untracked flags
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@drichelson @pkaeding