Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Upgrade go-retryablehttp to v0.7.7 #3743

Merged
merged 1 commit into from
Dec 13, 2024
Merged

fix: Upgrade go-retryablehttp to v0.7.7 #3743

merged 1 commit into from
Dec 13, 2024

Conversation

Rizwana777
Copy link
Contributor

@Rizwana777 Rizwana777 commented Jul 24, 2024
edited
Loading

fixes #3700

@Rizwana777 Rizwana777 force-pushed the fix-cve-2024-6104 branch 2 times, most recently from edfaf08 to a85feb7 Compare July 24, 2024 16:10
@codecov Codecov
Copy link

codecov bot commented Jul 24, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 83.87%. Comparing base (b0d74e5) to head (796a467).

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #3743   +/-   ##
=======================================
  Coverage   83.87%   83.87%           
=======================================
  Files         163      163           
  Lines       18564    18564           
=======================================
  Hits        15571    15571           
  Misses       2120     2120           
  Partials      873      873

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@github-actions GitHub Actions
Copy link
Contributor

Go Published Test Results

2 171 tests   2 171 ✅  2m 54s ⏱️
  119 suites      0 💤
    1 files        0 ❌

Results for commit a85feb7.

@github-actions GitHub Actions
Copy link
Contributor

E2E Tests Published Test Results

  4 files    4 suites   3h 31m 8s ⏱️
111 tests  99 ✅  6 💤 6 ❌
452 runs  420 ✅ 24 💤 8 ❌

For more details on these failures, see this check.

Results for commit a85feb7.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@github-actions GitHub Actions
Copy link
Contributor

Testing Published Test Results

    5 files    123 suites   3h 33m 26s ⏱️
2 282 tests 2 271 ✅  6 💤  5 ❌
2 627 runs  2 591 ✅ 24 💤 12 ❌

For more details on these failures, see this check.

Results for commit 6054058.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 19, 2024
edited
Loading

Published E2E Test Results

  4 files    4 suites   3h 9m 27s ⏱️
113 tests 100 ✅  7 💤  6 ❌
464 runs  424 ✅ 28 💤 12 ❌

For more details on these failures, see this check.

Results for commit 3d9a8c2.

♻️ This comment has been updated with latest results.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 19, 2024
edited
Loading

Published Unit Test Results

2 293 tests   2 293 ✅  3m 0s ⏱️
  128 suites      0 💤
    1 files        0 ❌

Results for commit 3d9a8c2.

♻️ This comment has been updated with latest results.

jgwest
jgwest approved these changes Sep 19, 2024
View reviewed changes
Copy link
Member

@jgwest jgwest left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM:

  • Confirmed that all the dependency updates in go.mod are directly related to the upgrade of go-retryablehttp to the requisite version to fix the CVE
  • Unit tests and E2E tests are passing, no obvious issues in 'E2E test results' logs

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@Rizwana777
Copy link
Contributor Author

Hi @zachaller can you please review and merge this PR?

@blkperl
Copy link
Contributor

blkperl commented Dec 11, 2024

hey @Rizwana777 can you fix the merge conflict please?

@Rizwana777 Rizwana777 force-pushed the fix-cve-2024-6104 branch 2 times, most recently from 25d2e64 to 86009fa Compare December 12, 2024 08:41
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@Rizwana777
Copy link
Contributor Author

hey @Rizwana777 can you fix the merge conflict please?

Hi @blkperl Fixed conflicts, PTAL

@zachaller zachaller merged commit 25e2b53 into argoproj:master Dec 13, 2024
24 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jgwest jgwest jgwest approved these changes

@zachaller zachaller zachaller approved these changes

@blkperl blkperl blkperl approved these changes

Assignees
No one assigned
Labels
cherry-pick/release-1.8
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Upgrade go-retryablehttp to 0.7.7 to address Security vulnerability
4 participants
@Rizwana777 @blkperl @zachaller @jgwest