Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,528 Commits 15 Branches 491 Tags 148 MiB
Commit Graph

63 Commits

Author SHA1 Message Date
vivekpatani
ed30fb1226 *: bump golang.org/x/sys from 0.13.0 to 0.14.0 
- https://github.com/etcd-io/etcd/pull/16875

Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com>
 2023-11-09 11:02:36 -06:00
James Blair
e6e740fb80
depdendency: bump google.golang.org/grpc from 1.58.3 to 1.59.0. 
Signed-off-by: James Blair <mail@jamesblair.net>
 2023-10-24 17:39:39 +13:00
Allen Ray
e4c0eb7712 bump google.golang.org/grpc to v1.58.3 
Signed-off-by: Allen Ray <alray@redhat.com>
 2023-10-11 10:39:05 -04:00
Allen Ray
3a61187ce3 bump golang.org/x/net to v0.17.0 
Address CVE-2023-39325 and CVE-2023-44487

Signed-off-by: Allen Ray <alray@redhat.com>
 2023-10-11 10:09:14 -04:00
Sharath Sivakumar
1b1c42a7aa
dependency: bump golang.org/x/net from 0.15.0 to 0.16.0 
Signed-off-by: Sharath Sivakumar <mailssr9@gmail.com>
 2023-10-10 11:49:35 +02:00
Benjamin Wang
df7f2d93f8 dependency: bump google.golang.org/grpc from 1.58.1 to 1.58.2 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-09-25 20:53:56 +01:00
sharathsivakumar
2048a638fc
dependency: bump google.golang.org/grpc from 1.58.0/1.57.0 to 1.58.1 
Signed-off-by: sharathsivakumar <mailssr9@gmail.com>
 2023-09-21 19:54:54 +02:00
Benjamin Wang
ea2d60cad7 dependency: bump grpc-gateway from 2.17.1 to 2.18.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-09-19 12:17:22 +01:00
Benjamin Wang
de41d4d8aa dependency: set github.com/grpc-ecosystem/grpc-gateway/v2 version to 2.17.1 for all modules 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-09-18 11:22:16 +01:00
Allen Ray
cc130fd2d4 Update to go1.21 
Signed-off-by: Allen Ray <alray@redhat.com>
 2023-09-13 10:10:02 -04:00
Benjamin Wang
2a0613bc22 dependency: bump google.golang.org/grpc to 1.58.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-09-12 10:47:14 +01:00
Benjamin Wang
909d795601 dependency: bump golang.org/x/net from v0.14.0 to v0.15.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-09-11 19:36:18 +01:00
sharathsivakumar
e47d10fca7
dependency: bump golang.org/x/sys from 0.11.0 to 0.12.0 
Signed-off-by: sharathsivakumar <mailssr9@gmail.com>
 2023-09-09 16:19:54 +02:00
Jordan Liggitt
6599dec92b
dependency: bump github.com/grpc-ecosystem/grpc-gateway/v2 from v2.7.0 to v2.17.1 
Signed-off-by: Jordan Liggitt <liggitt@google.com>
 2023-09-07 08:49:57 -04:00
James Blair
b6d123d08b
Update to golang 1.20 minor release. 
Signed-off-by: James Blair <mail@jamesblair.net>
 2023-08-11 15:03:48 +12:00
chaochn47
6757c444c5 2023-08-10 bump up dependencies 
Signed-off-by: chaochn47 <chaochn@amazon.com>
 2023-08-10 09:13:34 +08:00
James Blair
f7126aa1c3
depdendency: bump golang.org/x/sys from 0.10.0 to 0.11.0. 
Signed-off-by: James Blair <mail@jamesblair.net>
 2023-08-06 19:02:15 +12:00
=
418bab0ed4 dependency: bump golang.org/x/net 0.12.0 to 0.13.0 
Co-authored-by: James Blair <mail@jamesblair.net>
Signed-off-by: = <abby.crimlis@outlook.com>
 2023-08-04 09:09:16 +12:00
Chao Chen
24c6fb4b4d Fix 15877 and bump up gRPC from v1.52.0 to v1.57.0 
Signed-off-by: Chao Chen <chaochn@amazon.com>
 2023-07-31 13:57:24 -07:00
Chao Chen
e59e3d709c dependency: bump google.golang.org/grpc from 1.51.0 to 1.52.0 
Signed-off-by: Chao Chen <chaochn@amazon.com>
 2023-07-27 13:25:12 -07:00
Benjamin Wang
2c22ca7eba dependency: bump golang.org/x/net from v0.11.0 to v0.12.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-07-10 18:43:30 +01:00
Benjamin Wang
149256735d dependency: bump golang.org/x/sys from v0.9.0 to v0.10.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-07-10 18:38:16 +01:00
ArkaSaha30
37bd1e3382
Bump dependency manually 
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com>
 2023-06-28 12:39:27 +05:30
Benjamin Wang
b92d099360 dependency: bump golang.org/x/net from 0.10.0 to 0.11.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-06-19 09:25:07 +01:00
Prasad Chandrasekaran
3a8c6d749f manual dependency bump 
Signed-off-by: Prasad Chandrasekaran <prasadc@vmware.com>
 2023-06-13 23:28:47 +05:30
Chao Chen
b2c39fc8e6 2023-06-06: bump up dependencies update identified by dependabot 
Signed-off-by: Chao Chen <chaochn@amazon.com>
 2023-06-06 20:18:44 -07:00
Bogdan Kanivets
ef91e8ae78 dependency: bump github.com/stretchr/testify from 1.8.2 to 1.8.3 
Signed-off-by: Bogdan Kanivets <bkanivets@apple.com>
 2023-05-24 23:58:13 -07:00
Prasad Chandrasekaran
9878b134eb dependency: bump indirect dependencies 
Signed-off-by: Prasad Chandrasekaran <prasadc@vmware.com>
 2023-05-11 18:00:12 +05:30
Benjamin Wang
eb9b15bf49 dependency: bump golang.org/x/net from 0.8.0 to 0.9.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-11 08:44:26 +08:00
Benjamin Wang
072c5cb5da dependency: bump google.golang.org/protobuf from 1.28.1 to 1.30.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-04 15:28:09 +08:00
Benjamin Wang
56284d5dfe dependency: bump github.com/golang/protobuf from 1.5.2 to 1.5.3 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-04-04 15:21:22 +08:00
Benjamin Wang
7ed1219861 dependency: bump golang.org/x/net to v0.8.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-03-07 06:52:07 +08:00
Benjamin Wang
d8b8127084 dependency: bump github.com/stretchr/testify from 1.8.1 to 1.8.2 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-02-28 06:44:33 +08:00
Benjamin Wang
a7e94c4843 security: bump golang.org/x/net to v0.7.0 to address CVE GO-2023-1571 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-02-17 11:29:47 +08:00
Benjamin Wang
5b8d7698c8 dependency: bump github.com/coreos/go-semver from 0.3.0 to 0.3.1 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-01-24 16:59:37 +08:00
Benjamin Wang
c51540bdd2 deps: bump google.golang.org/protobuf from 1.28.0 to 1.28.1 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 04:07:52 +08:00
Benjamin Wang
1ba246e1d8 bump golang.org/x/ to v0.4.0 
Found 1 known vulnerability.

Vulnerability #1: GO-2022-1144
  An attacker can cause excessive memory growth in a Go server
  accepting HTTP/2 requests. HTTP/2 server connections contain a
  cache of HTTP header keys sent by the client. While the total
  number of entries in this cache is capped, an attacker sending
  very large keys can cause the server to allocate approximately
  64 MiB per open connection.

  Call stacks in your code:
Error:       tools/etcd-dump-metrics/main.go:158:5: go.etcd.io/etcd/v3/tools/etcd-dump-metrics.main calls go.etcd.io/etcd/server/v3/embed.StartEtcd, which eventually calls golang.org/x/net/http2.Server.ServeConn

  Found in: golang.org/x/net/http2@v0.2.0
  Fixed in: golang.org/x/net/http2@v0.4.0
  More info: https://pkg.go.dev/vuln/GO-2022-1144
Error: Process completed with exit code 3.

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-09 08:54:48 +08:00
Benjamin Wang
3f86db5e53 bump golang.org/x imports to address CVEs 
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-11-30 05:03:43 +08:00
Benjamin Wang
285e44378f bump github.com/stretchr/testify from v1.7.2 to v1.8.1 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-11-26 10:51:32 +08:00
Wei Fu
cf285ea3c7 bump grpc to v1.51.0 from v1.47.0 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-11-23 22:16:22 +08:00
Benjamin Wang
cd0b1d0c66 Bump go 1.19: upgrade go version to 1.19 in all go.mod files 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-09-22 08:47:46 +08:00
Piotr Tabor
88cd0fe695 Refresh minor dependencies. 
Signed-off-by: Piotr Tabor <ptab@google.com>
 2022-06-17 10:23:03 +02:00
Piotr Tabor
17c1dcd614 Update grpc to 1.47 and go-cmp to 0.5.8. 
Signed-off-by: Piotr Tabor <ptab@google.com>
 2022-06-17 08:57:22 +02:00
Benjamin Wang
4f202a6429 Define all versions in a centralized place 
The versions such as V3_5, V3_6, etc. are defined everywhere in
the repo. In this commit, we get all of the constant versions defined
in a centralized place, so that they can be reused by all cases.
 2022-06-13 13:37:41 +08:00
ahrtr
0dae4b3b1e rollback the opentelemetry bumpping to recover the pipeline failures 2022-04-14 16:13:28 +08:00
Will Beason
eab1e0c5d5 go.mod: upgrade opentelemetry deps 
Downstream users of etcd experience build issues when using dependencies
which require more recent (incompatible) versions of opentelemetry. This
commit upgrades the dependencies so that downstream users stop
experiencing these issues.
 2022-04-13 07:14:10 -07:00
Piotr Tabor
fdd98477ef Update dep: require gopkg.in/yaml.v2 v2.2.8 -> v2.4.0 due to: CVE-2019-11254 2022-01-17 16:52:58 +01:00
Kushal Pisavadia
71493bde3e *: Upgrade to use go.opentelemetry.io/otel@v1.2.0 
Upgrading from v1.0.1.

Upgrading related dependencies
------------------------------

The following dependencies also had to be upgraded:

- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.26.1
  From v0.25.0. This gets rid of a transitive dependency on go.opentelemetry.io/otel@v1.0.1.
- google.golang.org/genproto@v0.0.0-20211118181313-81c1377c94b1
 2021-11-24 16:03:33 +00:00
Lili Cosic
e6e279a14d *: Bump go to go v1.17.2 2021-10-27 13:44:54 +02:00
Vladimir Ermakov
49a8aa7f49
run fix.sh 
To fix dependencies.

Signed-off-by: Vladimir Ermakov <vooon341@gmail.com>
 2021-10-13 14:08:27 +03:00