Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

*: bump some dependencies for release-6.5 hot patch #57272

Merged
merged 50 commits into from
Nov 15, 2024
Merged

*: bump some dependencies for release-6.5 hot patch #57272

merged 50 commits into from
Nov 15, 2024

Conversation

bb7133
Copy link
Member

@bb7133 bb7133 commented Nov 11, 2024

What problem does this PR solve?

Issue Number: NA

Problem Summary:

What changed and how does it work?

The change is made for the following dependencies to prevent some potential security vulnerabilities:

  • google.golang.org/grpc v1.51.0 -> v1.59.0
  • github.com/lestrrat-go/jwx/v2 v2.0.17 -> v2.0.21
  • golang.org/x/crypto v0.15.0 -> v0.24.0
  • golang.org/x/net v0.18.0 -> v0.26.0
  • google.golang.org/protobuf v1.28.1 -> v1.33.0

Check List

Tests

  • Unit test
  • Integration test
  • Manual test (add detailed scripts or steps below)
  • No need to test
    • I checked and no code files have been changed.

Side effects

  • NA

Documentation

  • NA

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

None

@ti-chi-bot ti-chi-bot bot added release-note-none Denotes a PR that doesn't merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. and removed size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. labels Nov 11, 2024
@hawkingrei hawkingrei force-pushed the bb7133/hotfix7217 branch 2 times, most recently from 4c32161 to 51a7c52 Compare November 11, 2024 07:51
@hawkingrei
Copy link
Member

/retest

@hawkingrei hawkingrei requested a review from a team as a code owner November 11, 2024 08:13
@hawkingrei
Copy link
Member

/retest

@hawkingrei
update
11c1386 
Signed-off-by: Weizhen Wang <[email protected]>
@YangKeao
Copy link
Member

/retest

1 similar comment
@hawkingrei
Copy link
Member

/retest

@bb7133
Copy link
Member Author

bb7133 commented Nov 12, 2024

/retest

@hawkingrei
set golang 1.23.3
d35542e 
Signed-off-by: Weizhen Wang <[email protected]>
@bb7133
Copy link
Member Author

bb7133 commented Nov 13, 2024

/retest

@hawkingrei
update dependencies
7314ef1 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
b528ec3 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
2b60522 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
f9d3d92 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
1792e39 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
646ec95 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
fd84a1c 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
1f16075 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
b04a978 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
3150200 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
11abda5 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
f42f2a5 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
691ef3d 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
a745036 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
a97377e 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
4285ad3 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
5ed7a63 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
d03dfaf 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
4acff51 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
bb5b09f 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
bda779a 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
3c14252 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
5474b87 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
b919512 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
c17ac12 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
02facc9 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
update dependencies
936e3fa 
Signed-off-by: Weizhen Wang <[email protected]>
@hawkingrei
Copy link
Member

/retest

@ti-chi-bot ti-chi-bot bot added needs-1-more-lgtm Indicates a PR needs 1 more LGTM. approved labels Nov 15, 2024
bb7133
bb7133 commented Nov 15, 2024
View reviewed changes
Copy link
Member Author

@bb7133 bb7133 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Need another reviewer

YangKeao
YangKeao approved these changes Nov 15, 2024
View reviewed changes
Copy link
Member

@YangKeao YangKeao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ti-chi-bot ti-chi-bot bot added lgtm and removed needs-1-more-lgtm Indicates a PR needs 1 more LGTM. labels Nov 15, 2024
@ti-chi-bot ti-chi-bot
Copy link

ti-chi-bot bot commented Nov 15, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: hawkingrei, YangKeao

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [YangKeao,hawkingrei]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ti-chi-bot ti-chi-bot
Copy link

ti-chi-bot bot commented Nov 15, 2024

[LGTM Timeline notifier]

Timeline:

  • 2024-11-15 01:29:49.651773502 +0000 UTC m=+578951.842642498: ☑️ agreed by hawkingrei.
  • 2024-11-15 02:48:07.632567433 +0000 UTC m=+583649.823436430: ☑️ agreed by YangKeao.

@ti-chi-bot ti-chi-bot bot merged commit 4f2073d into pingcap:release-6.5-20241101-v6.5.7 Nov 15, 2024
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@YangKeao YangKeao YangKeao approved these changes

@hawkingrei hawkingrei hawkingrei approved these changes

Assignees
No one assigned
Labels
approved lgtm release-note-none Denotes a PR that doesn't merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@bb7133 @hawkingrei @YangKeao @dveeden