Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump JQ version to 1.7.1 #1064

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

jenkins-infra-updatecli[bot]
Copy link
Contributor

@jenkins-infra-updatecli jenkins-infra-updatecli bot commented Feb 19, 2024

Bump JQ version

Update the jq version in the tools-versions.yml file

change detected: * key "$.jq_version" updated from "1.6" to "1.7.1", in file "provisioning/tools-versions.yml"

1.7.1
Release published on the 2023-12-13 19:56:17 +0000 UTC at the url https://github.com/jqlang/jq/releases/tag/jq-1.7.1

## Security

- CVE-2023-50246: Fix heap buffer overflow in jvp\_literal\_number\_literal
- CVE-2023-50268: fix stack-buffer-overflow if comparing nan with payload

## CLI changes

- Make the default background color more suitable for bright backgrounds. @mjarosie @taoky @nicowilliams @itchyny #2904
- Allow passing the inline jq script after `--`. @emanuele6 #2919
- Restrict systems operations on OpenBSD and remove unused `mkstemp`. @klemensn #2934
- Fix possible uninitialised value dereference if `jq_init()` fails. @emanuele6 @nicowilliams #2935

## Language changes

- Simplify `paths/0` and `paths/1`. @asheiduk @emanuele6 #2946
- Reject `U+001F` in string literals. @torsten-schenk @itchyny @wader #2911
- Remove unused nref accumulator in `block_bind_library`. @emanuele6 #2914
- Remove a bunch of unused variables, and useless assignments. @emanuele6 #2914
- main.c: Remove unused EXIT\_STATUS\_EXACT option. @emanuele6 #2915
- Actually use the number correctly casted from double to int as index. @emanuele6 #2916
- src/builtin.c: remove unnecessary jv\_copy-s in type\_error/type\_error2. @emanuele6 #2937
- Remove undefined behavior caught by LLVM 10 UBSAN. @Gaelan @emanuele6 #2926
- Convert decnum to binary64 (double) instead of decimal64. This makes jq behave like the JSON specification suggests and more similar to other languages. @wader @leonid-s-usov #2949
- Fix memory leaks on invalid input for `ltrimstr/1` and `rtrimstr/1`. @emanuele6 #2977
- Fix memory leak on failed get for `setpath/2`. @emanuele6 #2970
- Fix nan from json parsing also for nans with payload that start with 'n'. @emanuele6 #2985
- Allow carriage return characters in comments. @emanuele6 #2942 #2984

## Documentation changes

- Generate links in the man page. @emanuele6 #2931
- Standardize arch types to AMD64 & ARM64 from index page download dropdown. @owenthereal #2884

## libjq

- Add extern C for C++. @rockwotj #2953

## Build and test changes

- Fix incorrect syntax for checksum file. @kamontat @wader #2899
- Remove `-dirty` version suffix for windows release build. @itchyny #2888
- Make use of `od` in tests more compatible. @nabijaczleweli @emanuele6 @nicowilliams #2922
- Add dependabot. @yeikel #2889
- Extend fuzzing setup to fuzz parser and and JSON serializer. @DavidKorczynski @emanuele6 #2952
- Keep releasing executables with legacy names. @itchyny #2951

## New Contributors
* @yeikel made their first contribution in https://github.com/jqlang/jq/pull/2889
* @dependabot made their first contribution in https://github.com/jqlang/jq/pull/2894
* @kamontat made their first contribution in https://github.com/jqlang/jq/pull/2899
* @taoky made their first contribution in https://github.com/jqlang/jq/pull/2904
* @tboz203 made their first contribution in https://github.com/jqlang/jq/pull/2920
* @nabijaczleweli made their first contribution in https://github.com/jqlang/jq/pull/2922
* @klemensn made their first contribution in https://github.com/jqlang/jq/pull/2934
* @asheiduk made their first contribution in https://github.com/jqlang/jq/pull/2946
* @rockwotj made their first contribution in https://github.com/jqlang/jq/pull/2953
* @jesperronn made their first contribution in https://github.com/jqlang/jq/pull/2898

**Full Changelog**: https://github.com/jqlang/jq/compare/jq-1.7...jq-1.7.1
Update the `jq` version in the goss test

change detected: * key "$.command.jq.stdout[0]" updated from "jq-1.6" to "1.7.1", in file "tests/goss-common.yaml"

1.7.1
Release published on the 2023-12-13 19:56:17 +0000 UTC at the url https://github.com/jqlang/jq/releases/tag/jq-1.7.1

## Security

- CVE-2023-50246: Fix heap buffer overflow in jvp\_literal\_number\_literal
- CVE-2023-50268: fix stack-buffer-overflow if comparing nan with payload

## CLI changes

- Make the default background color more suitable for bright backgrounds. @mjarosie @taoky @nicowilliams @itchyny #2904
- Allow passing the inline jq script after `--`. @emanuele6 #2919
- Restrict systems operations on OpenBSD and remove unused `mkstemp`. @klemensn #2934
- Fix possible uninitialised value dereference if `jq_init()` fails. @emanuele6 @nicowilliams #2935

## Language changes

- Simplify `paths/0` and `paths/1`. @asheiduk @emanuele6 #2946
- Reject `U+001F` in string literals. @torsten-schenk @itchyny @wader #2911
- Remove unused nref accumulator in `block_bind_library`. @emanuele6 #2914
- Remove a bunch of unused variables, and useless assignments. @emanuele6 #2914
- main.c: Remove unused EXIT\_STATUS\_EXACT option. @emanuele6 #2915
- Actually use the number correctly casted from double to int as index. @emanuele6 #2916
- src/builtin.c: remove unnecessary jv\_copy-s in type\_error/type\_error2. @emanuele6 #2937
- Remove undefined behavior caught by LLVM 10 UBSAN. @Gaelan @emanuele6 #2926
- Convert decnum to binary64 (double) instead of decimal64. This makes jq behave like the JSON specification suggests and more similar to other languages. @wader @leonid-s-usov #2949
- Fix memory leaks on invalid input for `ltrimstr/1` and `rtrimstr/1`. @emanuele6 #2977
- Fix memory leak on failed get for `setpath/2`. @emanuele6 #2970
- Fix nan from json parsing also for nans with payload that start with 'n'. @emanuele6 #2985
- Allow carriage return characters in comments. @emanuele6 #2942 #2984

## Documentation changes

- Generate links in the man page. @emanuele6 #2931
- Standardize arch types to AMD64 & ARM64 from index page download dropdown. @owenthereal #2884

## libjq

- Add extern C for C++. @rockwotj #2953

## Build and test changes

- Fix incorrect syntax for checksum file. @kamontat @wader #2899
- Remove `-dirty` version suffix for windows release build. @itchyny #2888
- Make use of `od` in tests more compatible. @nabijaczleweli @emanuele6 @nicowilliams #2922
- Add dependabot. @yeikel #2889
- Extend fuzzing setup to fuzz parser and and JSON serializer. @DavidKorczynski @emanuele6 #2952
- Keep releasing executables with legacy names. @itchyny #2951

## New Contributors
* @yeikel made their first contribution in https://github.com/jqlang/jq/pull/2889
* @dependabot made their first contribution in https://github.com/jqlang/jq/pull/2894
* @kamontat made their first contribution in https://github.com/jqlang/jq/pull/2899
* @taoky made their first contribution in https://github.com/jqlang/jq/pull/2904
* @tboz203 made their first contribution in https://github.com/jqlang/jq/pull/2920
* @nabijaczleweli made their first contribution in https://github.com/jqlang/jq/pull/2922
* @klemensn made their first contribution in https://github.com/jqlang/jq/pull/2934
* @asheiduk made their first contribution in https://github.com/jqlang/jq/pull/2946
* @rockwotj made their first contribution in https://github.com/jqlang/jq/pull/2953
* @jesperronn made their first contribution in https://github.com/jqlang/jq/pull/2898

**Full Changelog**: https://github.com/jqlang/jq/compare/jq-1.7...jq-1.7.1
Jenkins pipeline link
Updatecli logo

Created automatically by Updatecli

Options:

Most of Updatecli configuration is done via its manifest(s).

  • If you close this pull request, Updatecli will automatically reopen it, the next time it runs.
  • If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made.

Feel free to report any issues at github.com/updatecli/updatecli.
If you find this tool useful, do not hesitate to star our GitHub repository as a sign of appreciation, and/or to tell us directly on our chat!

@jenkins-infra-updatecli jenkins-infra-updatecli bot added the enhancement New feature or request label Feb 19, 2024
@jenkins-infra-updatecli jenkins-infra-updatecli bot force-pushed the updatecli_main_de58575a33c171cef07fba162b8b178dc285ed60233f543865ecb30edf998750 branch 4 times, most recently from 9ca16a4 to 1a1dfa1 Compare April 15, 2024 12:46
@jenkins-infra-updatecli jenkins-infra-updatecli bot force-pushed the updatecli_main_de58575a33c171cef07fba162b8b178dc285ed60233f543865ecb30edf998750 branch 2 times, most recently from 09653b6 to 4b927bd Compare April 22, 2024 13:13
@jenkins-infra-updatecli jenkins-infra-updatecli bot force-pushed the updatecli_main_de58575a33c171cef07fba162b8b178dc285ed60233f543865ecb30edf998750 branch 17 times, most recently from f8bab44 to 3c8e075 Compare May 20, 2024 09:04
@jenkins-infra-updatecli jenkins-infra-updatecli bot force-pushed the updatecli_main_de58575a33c171cef07fba162b8b178dc285ed60233f543865ecb30edf998750 branch 5 times, most recently from e641221 to 1537c1e Compare May 24, 2024 07:57
@jenkins-infra-updatecli jenkins-infra-updatecli bot force-pushed the updatecli_main_de58575a33c171cef07fba162b8b178dc285ed60233f543865ecb30edf998750 branch 24 times, most recently from d7c4243 to 1c4bf82 Compare January 20, 2025 07:38
@jenkins-infra-updatecli jenkins-infra-updatecli bot force-pushed the updatecli_main_de58575a33c171cef07fba162b8b178dc285ed60233f543865ecb30edf998750 branch from 35ab7ea to 73ac997 Compare January 21, 2025 06:21
@jenkins-infra-updatecli jenkins-infra-updatecli bot force-pushed the updatecli_main_de58575a33c171cef07fba162b8b178dc285ed60233f543865ecb30edf998750 branch from 4f33431 to 5e3069d Compare January 22, 2025 09:59
@dduportal
Copy link
Contributor

Disabling CI until we can work on this upgrade

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request jq skip-ci
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants