Skip to content

Update deps #639

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mostafa merged 6 commits into from
Dec 14, 2024
Merged

Update deps #639

mostafa merged 6 commits into from
Dec 14, 2024

Conversation

@mostafa
Copy link
Member

@mostafa mostafa commented Dec 14, 2024
edited
Loading

Ticket(s)

N/A

Description

This PR updates the following plus regenerating stubs:

  1. SDK
  2. Go
  3. Protobuf messages (with HTTP annotation)
  4. Direct deps
  5. CVE-2024-45337 (golang.org/x/crypto)

Related PRs

N/A

Development Checklist

  • I have added a descriptive title to this PR.
  • I have squashed related commits together.
  • I have rebased my branch on top of the latest main branch.
  • I have performed a self-review of my own code.
  • I have commented on my code, particularly in hard-to-understand areas.
  • I have added docstring(s) to my code.
  • I have made corresponding changes to the documentation (docs).
  • I have updated docs using make gen-docs command.
  • I have added tests for my changes.
  • I have signed all the commits.

Legal Checklist

@github-actions
Copy link

github-actions bot commented Dec 14, 2024
edited
Loading

Overview

Image reference ghcr.io/gatewayd-io/gatewayd:05660dc gatewaydio/gatewayd:latest
- digest 58c62b082c6b 80f3e87db481
- tag 05660dc latest
- provenance 7f47dca
- vulnerabilities critical: 0 high: 0 medium: 1 low: 0 critical: 1 high: 0 medium: 1 low: 0
- platform linux/amd64 linux/amd64
- size 20 MB 17 MB (-2.9 MB)
- packages 144 131 (-13)
Base Image alpine:3
also known as:
3.20
3.20.3
latest		 alpine:3.20
also known as:
3
3.20.3
latest
- vulnerabilities critical: 0 high: 0 medium: 1 low: 0 critical: 0 high: 0 medium: 1 low: 0
Packages and Vulnerabilities (35 package changes and 1 vulnerability changes)
  • ➖ 11 packages removed
  • ♾️ 24 packages changed
  • 104 packages unchanged
  • ❗ 1 vulnerabilities added
Changes for packages of type apk (3 changes)
Package Version
ghcr.io/gatewayd-io/gatewayd:05660dc		 Version
gatewaydio/gatewayd:latest
ca-certificates 20240705-r0
openssl 3.3.2-r0
pax-utils 1.3.7-r2
Changes for packages of type golang (32 changes)
Package Version
ghcr.io/gatewayd-io/gatewayd:05660dc		 Version
gatewaydio/gatewayd:latest
github.com/armon/go-metrics 0.4.1
github.com/boltdb/bolt 1.3.1
♾️ github.com/gatewayd-io/gatewayd (devel) 0.0.0-20241109120212-7f47dca74c26
♾️ github.com/gatewayd-io/gatewayd-plugin-sdk 0.3.5 0.3.4
♾️ github.com/getsentry/sentry-go 0.30.0 0.29.1
♾️ github.com/grpc-ecosystem/grpc-gateway/v2 2.24.0 2.23.0
github.com/hashicorp/go-immutable-radix 1.0.0
github.com/hashicorp/go-msgpack/v2 2.1.2
github.com/hashicorp/golang-lru 0.5.1
github.com/hashicorp/raft 1.7.1
github.com/hashicorp/raft-boltdb 0.0.0-20241202213821-f9dd2ba30efd
♾️ github.com/masterminds/semver/v3 3.3.1 3.3.0
♾️ github.com/prometheus/common 0.61.0 0.60.1
♾️ github.com/tetratelabs/wazero 1.8.2 1.8.1
go.opentelemetry.io/auto/sdk 1.1.0
♾️ go.opentelemetry.io/otel 1.33.0 1.32.0
♾️ go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc 1.33.0 1.32.0
♾️ go.opentelemetry.io/otel/metric 1.33.0 1.32.0
♾️ go.opentelemetry.io/otel/sdk 1.33.0 1.32.0
♾️ go.opentelemetry.io/otel/trace 1.33.0 1.32.0
♾️ go.opentelemetry.io/proto/otlp 1.4.0 1.3.1
♾️ golang.org/x/crypto 0.31.0 0.29.0
critical: 1 high: 0 medium: 0 low: 0
Added vulnerabilities (1):
  • critical : CVE--2024--45337
♾️ golang.org/x/exp 0.0.0-20241210194714-1829a127f884 0.0.0-20241108190413-2d47ceb2692f
♾️ golang.org/x/net 0.32.0 0.31.0
♾️ golang.org/x/oauth2 0.24.0 0.23.0
♾️ golang.org/x/sync 0.10.0 0.9.0
♾️ golang.org/x/sys 0.28.0 0.27.0
♾️ golang.org/x/text 0.21.0 0.20.0
♾️ google.golang.org/genproto/googleapis/rpc 0.0.0-20241209162323-e6fa225c2576 0.0.0-20241104194629-dd2ea8efbc28
♾️ google.golang.org/grpc 1.69.0 1.68.0
♾️ google.golang.org/protobuf 1.35.2 1.35.1
♾️ stdlib go1.23.4 1.23.3

@mostafa mostafa merged commit b6df86a into main Dec 14, 2024
5 checks passed
@mostafa mostafa deleted the update-deps branch December 14, 2024 12:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mostafa