fix: upgrade nats, grpc, and mcp#4619
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files🚀 New features to boost your workflow:
|
|
✅ Tests 🎉 All green!❄️ No new flaky tests detected 🎯 Code Coverage (details) 🔗 Commit SHA: 918b4f2 | Docs | Datadog PR Page | Was this helpful? React with 👍/👎 or give us feedback! |
nsrip-dd
left a comment
There was a problem hiding this comment.
Skimmed the APIs for the updated deps and didn't spot any breaking changes, so this seems fine in that regard. Just for posterity, could you link the the vulnerabilities this PR is addressing? Jira tickets, dependabot, etc
BenchmarksBenchmark execution time: 2026-03-30 19:11:30 Comparing candidate commit 918b4f2 in PR branch Found 0 performance improvements and 0 performance regressions! Performance is the same for 217 metrics, 7 unstable metrics.
|
<!-- * New contributors are highly encouraged to read our [CONTRIBUTING](/CONTRIBUTING.md) documentation. * Commit and PR titles should be prefixed with the general area of the pull request's change. --> Address security vulns, upgrading: * google.golang.org/grpc to v1.79.3 * github.com/nats-io/nats-server/v2 to v2.12.6 * github.com/modelcontextprotocol/go-sdk to v1.4.1 <!-- * A brief description of the change being made with this pull request. * If the description here cannot be expressed in a succinct form, consider opening multiple pull requests instead of a single one. --> Critical and high level security vulnerabilities. Examples: https://github.com/DataDog/dd-trace-go/security/dependabot/437 https://github.com/DataDog/dd-trace-go/security/dependabot/449 https://github.com/DataDog/dd-trace-go/security/dependabot/439 <!-- * What inspired you to submit this pull request? * Link any related GitHub issues or PRs here. * If this resolves a GitHub issue, include "Fixes #XXXX" to link the issue and auto-close it on merge. --> <!-- * Authors can use this list as a reference to ensure that there are no problems during the review but the signing off is to be done by the reviewer(s). --> - [ ] Changed code has unit tests for its functionality at or near 100% coverage. - [ ] [System-Tests](https://github.com/DataDog/system-tests/) covering this feature have been added and enabled with the va.b.c-dev version tag. - [ ] There is a benchmark for any new code, or changes to existing code. - [ ] If this interacts with the agent in a new way, a system test has been added. - [ ] New code is free of linting errors. You can check this by running `make lint` locally. - [ ] New code doesn't break existing tests. You can check this by running `make test` locally. - [ ] Add an appropriate team label so this PR gets put in the right place for the release notes. - [ ] All generated files are up to date. You can check this by running `make generate` locally. - [ ] Non-trivial go.mod changes, e.g. adding new modules, are reviewed by @DataDog/dd-trace-go-guild. Make sure all nested modules are up to date by running `make fix-modules` locally. Unsure? Have a question? Request a review! Co-authored-by: hannahs.kim <[email protected]>
What does this PR do?
Address security vulns, upgrading:
Motivation
Critical and high level security vulnerabilities. Examples:
https://github.com/DataDog/dd-trace-go/security/dependabot/437
https://github.com/DataDog/dd-trace-go/security/dependabot/449
https://github.com/DataDog/dd-trace-go/security/dependabot/439
Reviewer's Checklist
make lintlocally.make testlocally.make generatelocally.make fix-moduleslocally.Unsure? Have a question? Request a review!