From 3bccfd58d57e4fae4269be434f0039daa55f5ea9 Mon Sep 17 00:00:00 2001 From: Joel Unzain Date: Wed, 1 Sep 2021 17:08:12 -0700 Subject: [PATCH] Bascule upgrade (#223) * update bascule version and that of other req deps * udpate changenote * add pr to changenote --- CHANGELOG.md | 1 + basculeLogging.go | 2 +- common/utils.go | 2 +- common/utils_test.go | 2 +- go.mod | 6 +++--- go.sum | 20 +++++++++++--------- main.go | 14 +++++++------- stat/transport.go | 2 +- stat/transport_test.go | 2 +- translation/transport.go | 2 +- translation/transport_utils.go | 2 +- translation/transport_utils_test.go | 2 +- 12 files changed, 30 insertions(+), 27 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7609961e..f2199e60 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). ## [Unreleased] +- Bump bascule version which includes a security vulnerability fix. [#223](https://github.com/xmidt-org/tr1d1um/pull/223) ## [v0.5.10] - Keep setter and getter unexported. [#219](https://github.com/xmidt-org/tr1d1um/pull/219) diff --git a/basculeLogging.go b/basculeLogging.go index 0ea0f422..a7866f46 100644 --- a/basculeLogging.go +++ b/basculeLogging.go @@ -7,7 +7,7 @@ import ( "github.com/go-kit/kit/log" "github.com/xmidt-org/candlelight" - "github.com/xmidt-org/webpa-common/logging" + "github.com/xmidt-org/webpa-common/v2/logging" ) func sanitizeHeaders(headers http.Header) (filtered http.Header) { diff --git a/common/utils.go b/common/utils.go index 5a022532..075b0646 100644 --- a/common/utils.go +++ b/common/utils.go @@ -15,7 +15,7 @@ import ( kitlog "github.com/go-kit/kit/log" kithttp "github.com/go-kit/kit/transport/http" - "github.com/xmidt-org/webpa-common/logging" + "github.com/xmidt-org/webpa-common/v2/logging" ) type transactionRequest struct { diff --git a/common/utils_test.go b/common/utils_test.go index 7db41e68..a29604ab 100644 --- a/common/utils_test.go +++ b/common/utils_test.go @@ -7,7 +7,7 @@ import ( "net/http/httptest" "testing" - "github.com/xmidt-org/webpa-common/logging" + "github.com/xmidt-org/webpa-common/v2/logging" "github.com/stretchr/testify/assert" ) diff --git a/go.mod b/go.mod index 84341877..ffa95362 100644 --- a/go.mod +++ b/go.mod @@ -12,10 +12,10 @@ require ( github.com/spf13/pflag v1.0.5 github.com/spf13/viper v1.7.1 github.com/stretchr/testify v1.7.0 - github.com/xmidt-org/ancla v0.2.0 - github.com/xmidt-org/bascule v0.10.1 + github.com/xmidt-org/ancla v0.2.1 + github.com/xmidt-org/bascule v0.10.2 github.com/xmidt-org/candlelight v0.0.5 - github.com/xmidt-org/webpa-common v1.11.9 + github.com/xmidt-org/webpa-common/v2 v2.0.1 github.com/xmidt-org/wrp-go/v3 v3.0.1 go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux v0.19.0 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.19.0 diff --git a/go.sum b/go.sum index 6ef89a8e..9dd0c041 100644 --- a/go.sum +++ b/go.sum @@ -142,7 +142,6 @@ github.com/davecgh/go-spew v1.1.1-0.20171005155431-ecdeabc65495/go.mod h1:J7Y8Yc github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/denverdino/aliyungo v0.0.0-20170926055100-d3308649c661/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= -github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= github.com/digitalocean/godo v1.1.1/go.mod h1:h6faOIcZ8lWIwNQ+DN7b3CgX4Kwby5T+nbpNqkUIozU= @@ -208,6 +207,8 @@ github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFG github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= +github.com/golang-jwt/jwt v3.2.1+incompatible h1:73Z+4BJcrTC+KczS6WvTPvRGOp1WmfEP4Q1lOd9Z/+c= +github.com/golang-jwt/jwt v3.2.1+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= @@ -670,22 +671,22 @@ github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijb github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/vmware/govmomi v0.18.0/go.mod h1:URlwyTFZX72RmxtxuaFL2Uj3fD1JTvZdx59bHWk6aFU= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/xmidt-org/ancla v0.2.0 h1:8AT/EVmca0tuwq45glq1SCxvnDWq+JJ4sckluccBJrM= -github.com/xmidt-org/ancla v0.2.0/go.mod h1:/hy5AGP4Scw3kD29iovtTfyKV30i2YRLRH0Xt+nuv9A= +github.com/xmidt-org/ancla v0.2.1 h1:Pwvkfhj636rbAdZCZHyAbmdPct1jx/hK/QOFcPUeAFM= +github.com/xmidt-org/ancla v0.2.1/go.mod h1:ouFTJFAgisn3DpLAdtkTbOOkYyprkO9ZbXqpAmin/Gg= github.com/xmidt-org/argus v0.3.9/go.mod h1:mDFS44R704gl9Fif3gkfAyvnZa53SvMepmXjYWABPvk= github.com/xmidt-org/argus v0.3.10-0.20201105190057-402fede05764/go.mod h1:lnMCVB/i0gOlUOOd2WbzDDgzTEqP5TipzQ8xKIw+N/I= github.com/xmidt-org/argus v0.3.10-0.20201217204602-66f69b12c498/go.mod h1:lnMCVB/i0gOlUOOd2WbzDDgzTEqP5TipzQ8xKIw+N/I= github.com/xmidt-org/argus v0.3.12/go.mod h1:T0oHbqQ1SAjE616Q9f1p+7nsmuvmHNoC0zAIUpUiFuE= -github.com/xmidt-org/argus v0.5.0 h1:Dyh5bLHLTbyPqNdFV7roP5DlUOCWjKS/qKxHYCRGkrw= -github.com/xmidt-org/argus v0.5.0/go.mod h1:8nMg4ywpWCNPgUzwtWhiPAxklrmVsoxwciGJ/OD4FHE= +github.com/xmidt-org/argus v0.5.1 h1:1zhJ30a121QrpI7iF34DNvgG4Ql6vNeLlN1M0NTSb28= +github.com/xmidt-org/argus v0.5.1/go.mod h1:cnx+z2O5mwhS/mCtvbVatZhZ8npBQSaXlzDk5RT3SkM= github.com/xmidt-org/arrange v0.1.9/go.mod h1:PRA8iEZ11L93NsEkDP56x1mZyfDcWxzDULgHj56TaEk= github.com/xmidt-org/arrange v0.3.0 h1:YNO+1lufCx3EeN17xuSRMC1sci9y9rzZVZ+TkWwq9QE= github.com/xmidt-org/arrange v0.3.0/go.mod h1:pCHeb93OFA0QnEJ//Mmly7QqUt7y/w3xllK0VQ3Bigo= github.com/xmidt-org/bascule v0.8.0/go.mod h1:dPxlbNT3lCwYAtOq2zbzyzTEKgM+azLSbKKcVmgSHBY= github.com/xmidt-org/bascule v0.8.1/go.mod h1:dPxlbNT3lCwYAtOq2zbzyzTEKgM+azLSbKKcVmgSHBY= github.com/xmidt-org/bascule v0.9.0/go.mod h1:C64nSBtUTTK/f2/mCvvp/qJhav5raD0T+by68DCp/gU= -github.com/xmidt-org/bascule v0.10.1 h1:WfsZG+7g/AO/Z9D7CS01p0JOtBxn6AuGnx0g9/A9U9s= -github.com/xmidt-org/bascule v0.10.1/go.mod h1:unqyDUxjulfGFnx4kYWbonTGkVHGWPUjUrBkUi1sjWw= +github.com/xmidt-org/bascule v0.10.2 h1:Z51Qu4BAh/tk4fccQ/Xv3gCuqjYcPKZ8kYCw03rgjYM= +github.com/xmidt-org/bascule v0.10.2/go.mod h1:8Mx4EW1AXTWnvh2rDl+/GYPLH4QSJIuPB6r94IWoKxg= github.com/xmidt-org/candlelight v0.0.5 h1:2qsfD7Uubz08LQZSaBIYXaQe9qXijr/U8lIDgkU7UFM= github.com/xmidt-org/candlelight v0.0.5/go.mod h1:j9Q2tzrOAywm+JvvVJjlOmlPJvdlRrOyFjLz33SaU1Y= github.com/xmidt-org/httpaux v0.1.2/go.mod h1:qZnH2uObGPwHnOz8HcPNlbcd3gKEvdmxbIK3rgbQhto= @@ -704,9 +705,10 @@ github.com/xmidt-org/webpa-common v1.10.2-0.20200604164000-f07406b4eb63/go.mod h github.com/xmidt-org/webpa-common v1.11.2/go.mod h1:BaP0q1tlorm1Egq2qeLelon4Avy9n1eKJQAYhL3Zxg0= github.com/xmidt-org/webpa-common v1.11.4/go.mod h1:ffQHH+pCRnoxtdbyIkCbOSDVhV62X47UA64fugPyu30= github.com/xmidt-org/webpa-common v1.11.5-0.20210120003553-3d03d7329aee/go.mod h1:NtJzdNhDznwjWiRKDnj/vxdQZnPOhuQ6haemx+nDMSY= +github.com/xmidt-org/webpa-common v1.11.5 h1:kUR7fvtZ4tBlRMNLlyhFiHQN0No42F/6DApU4VniBzw= github.com/xmidt-org/webpa-common v1.11.5/go.mod h1:jMyROPQmgvNS+P0csPodDMikqesqPFzlb3v/JVw2SmY= -github.com/xmidt-org/webpa-common v1.11.9 h1:whfyOOTAWQmlN6CfowozbbqQfEqo/49MIxV36z/o2gY= -github.com/xmidt-org/webpa-common v1.11.9/go.mod h1:lSfUaPF/LA6PCHviTQk1XuTtqvdFcHzyACwdtH94ZfU= +github.com/xmidt-org/webpa-common/v2 v2.0.1 h1:EOekYfpRaOiNtlsU5TpivfZYYdeJU1QUEfVmK1j1ihw= +github.com/xmidt-org/webpa-common/v2 v2.0.1/go.mod h1:CZvjVWYXjudJX6c5DhWLded9yXvOfcvk+6Q9UbrGg38= github.com/xmidt-org/wrp-go v1.3.4 h1:7kj+1VXRNNEI7G0Z3z7C58QpIXrWzTw/eI79FdAhyPA= github.com/xmidt-org/wrp-go v1.3.4/go.mod h1:EWC9BgcYYO1hKgLzz6VFPpg3LU6ZWSDV/uNiWC7zP+o= github.com/xmidt-org/wrp-go/v2 v2.0.1/go.mod h1:v0HK0go/7OSVDvKbnXsUn6c+M987p0yyxWEs8/Fmf60= diff --git a/main.go b/main.go index 730bb33b..ac381a9d 100644 --- a/main.go +++ b/main.go @@ -52,13 +52,13 @@ import ( "github.com/xmidt-org/bascule/basculehttp" "github.com/xmidt-org/bascule/key" "github.com/xmidt-org/candlelight" - "github.com/xmidt-org/webpa-common/basculechecks" - "github.com/xmidt-org/webpa-common/basculemetrics" - "github.com/xmidt-org/webpa-common/concurrent" - "github.com/xmidt-org/webpa-common/logging" - "github.com/xmidt-org/webpa-common/server" - "github.com/xmidt-org/webpa-common/xhttp" - "github.com/xmidt-org/webpa-common/xmetrics" + "github.com/xmidt-org/webpa-common/v2/basculechecks" + "github.com/xmidt-org/webpa-common/v2/basculemetrics" + "github.com/xmidt-org/webpa-common/v2/concurrent" + "github.com/xmidt-org/webpa-common/v2/logging" + "github.com/xmidt-org/webpa-common/v2/server" + "github.com/xmidt-org/webpa-common/v2/xhttp" + "github.com/xmidt-org/webpa-common/v2/xmetrics" ) // convenient global values diff --git a/stat/transport.go b/stat/transport.go index aeed46c3..4deb6bde 100644 --- a/stat/transport.go +++ b/stat/transport.go @@ -7,7 +7,7 @@ import ( "github.com/xmidt-org/tr1d1um/common" - "github.com/xmidt-org/webpa-common/device" + "github.com/xmidt-org/webpa-common/v2/device" kitlog "github.com/go-kit/kit/log" kithttp "github.com/go-kit/kit/transport/http" diff --git a/stat/transport_test.go b/stat/transport_test.go index debef23a..861a1568 100644 --- a/stat/transport_test.go +++ b/stat/transport_test.go @@ -13,7 +13,7 @@ import ( "github.com/gorilla/mux" "github.com/stretchr/testify/assert" - "github.com/xmidt-org/webpa-common/device" + "github.com/xmidt-org/webpa-common/v2/device" ) var ctxTID = context.WithValue(context.Background(), common.ContextKeyRequestTID, "testTID") diff --git a/translation/transport.go b/translation/transport.go index 880e6d91..22cbb521 100644 --- a/translation/transport.go +++ b/translation/transport.go @@ -16,7 +16,7 @@ import ( "github.com/xmidt-org/bascule" "github.com/xmidt-org/tr1d1um/common" - "github.com/xmidt-org/webpa-common/basculechecks" + "github.com/xmidt-org/webpa-common/v2/basculechecks" "github.com/xmidt-org/wrp-go/v3" "github.com/xmidt-org/wrp-go/v3/wrphttp" ) diff --git a/translation/transport_utils.go b/translation/transport_utils.go index 335d9862..fdea74d6 100644 --- a/translation/transport_utils.go +++ b/translation/transport_utils.go @@ -13,7 +13,7 @@ import ( kitlog "github.com/go-kit/kit/log" kithttp "github.com/go-kit/kit/transport/http" "github.com/gorilla/mux" - "github.com/xmidt-org/webpa-common/device" + "github.com/xmidt-org/webpa-common/v2/device" "github.com/xmidt-org/wrp-go/v3" ) diff --git a/translation/transport_utils_test.go b/translation/transport_utils_test.go index 6645e42b..930b6ff6 100644 --- a/translation/transport_utils_test.go +++ b/translation/transport_utils_test.go @@ -10,7 +10,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/xmidt-org/tr1d1um/common" - "github.com/xmidt-org/webpa-common/device" + "github.com/xmidt-org/webpa-common/v2/device" "github.com/xmidt-org/wrp-go/v3" )