Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,121 Commits 15 Branches 491 Tags 148 MiB
Commit Graph

81 Commits

Author SHA1 Message Date
Benjamin Wang
30fc7611e2 tidy up dependencies 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-01-10 09:11:34 +08:00
Benjamin Wang
6e42da26e4
Merge pull request #14981 from etcd-io/dependabot/go_modules/tests/github.com/anishathalye/porcupine-0.1.4 
build(deps): bump github.com/anishathalye/porcupine from 0.1.2 to 0.1.4 in /tests
 2022-12-14 08:46:34 +08:00
dependabot[bot]
c5d80b388b
build(deps): bump github.com/anishathalye/porcupine in /tests 
Bumps [github.com/anishathalye/porcupine](https://github.com/anishathalye/porcupine) from 0.1.2 to 0.1.4.
- [Release notes](https://github.com/anishathalye/porcupine/releases)
- [Commits](https://github.com/anishathalye/porcupine/compare/v0.1.2...v0.1.4)

---
updated-dependencies:
- dependency-name: github.com/anishathalye/porcupine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-13 22:32:23 +00:00
Benjamin Wang
c4f7ac28a2 deps: bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.32.0 to 0.37.0 in /server 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 04:32:18 +08:00
Benjamin Wang
32840bae73 deps: bump go.opentelemetry.io/otel from 1.7.0 to 1.11.2 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 04:27:04 +08:00
Benjamin Wang
8f320bfa00 deps: bump github.com/golang-jwt/jwt/v4 from 4.4.2 to 4.4.3 in /server 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 04:19:10 +08:00
Benjamin Wang
b96be4f1d3 deps: bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 in /etcdctl 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 04:03:53 +08:00
Benjamin Wang
2c192f4205 deps: bump go.uber.org/multierr from 1.8.0 to 1.9.0 in /server 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 04:00:49 +08:00
Benjamin Wang
700ad0fdce deps: bump github.com/creack/pty from 1.1.11 to 1.1.18 in /pkg 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 03:46:14 +08:00
Benjamin Wang
c2a7a5870d deps: bump github.com/prometheus/client_golang from 1.12.2 to 1.14.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 03:42:11 +08:00
Benjamin Wang
bc41c0963b deps: bump github.com/coreos/go-systemd/v22 from 22.3.2 to 22.5.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 03:38:55 +08:00
Benjamin Wang
259a73d67a deps: bump github.com/spf13/cobra from 1.4.0 to 1.6.1 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 03:33:24 +08:00
Benjamin Wang
1a0af6fee6 deps: bump go.uber.org/zap from 1.21.0 to 1.24.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 03:33:24 +08:00
Benjamin Wang
1ba246e1d8 bump golang.org/x/ to v0.4.0 
Found 1 known vulnerability.

Vulnerability #1: GO-2022-1144
  An attacker can cause excessive memory growth in a Go server
  accepting HTTP/2 requests. HTTP/2 server connections contain a
  cache of HTTP header keys sent by the client. While the total
  number of entries in this cache is capped, an attacker sending
  very large keys can cause the server to allocate approximately
  64 MiB per open connection.

  Call stacks in your code:
Error:       tools/etcd-dump-metrics/main.go:158:5: go.etcd.io/etcd/v3/tools/etcd-dump-metrics.main calls go.etcd.io/etcd/server/v3/embed.StartEtcd, which eventually calls golang.org/x/net/http2.Server.ServeConn

  Found in: golang.org/x/net/http2@v0.2.0
  Fixed in: golang.org/x/net/http2@v0.4.0
  More info: https://pkg.go.dev/vuln/GO-2022-1144
Error: Process completed with exit code 3.

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-09 08:54:48 +08:00
Benjamin Wang
5503a9484a test: cleanup go.mod and go.sum files 
Executed commands below,
1. Removed go.etcd.io/raft/v3 => ../raft;
2. go get go.etcd.io/raft/v3@eaa6808e1f7ab2247c13778250f70520b0527ff1;
3. go mod tidy

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-02 13:36:05 +08:00
Benjamin Wang
3f86db5e53 bump golang.org/x imports to address CVEs 
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-11-30 05:03:43 +08:00
Benjamin Wang
285e44378f bump github.com/stretchr/testify from v1.7.2 to v1.8.1 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-11-26 10:51:32 +08:00
Wei Fu
cf285ea3c7 bump grpc to v1.51.0 from v1.47.0 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-11-23 22:16:22 +08:00
Marek Siarkowicz
069e26e284 tests: Validate etcd linearizability 
Signed-off-by: Marek Siarkowicz <siarkowicz@google.com>
 2022-10-23 06:41:38 +02:00
Benjamin Wang
7f10dccbaf Bump go 1.19: update all the dependencies and go.sum files 
1. run ./scripts/fix.sh;
2. cd tools/mod; gofmt -w . & go mod tidy;

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-09-22 08:47:46 +08:00
Benjamin Wang
5344085338
Merge pull request #14491 from ahrtr/bump_jwt_4.4.2 
etcd: Bump golang-jwt/jwt/ version to 4.4.2
 2022-09-20 10:18:44 +08:00
Colleen Murphy
7ea2a3d7cb *: Update golang.org/x/net to latest 
Update golang.org/x/net to address CVE-2022-27664.

Signed-off-by: Colleen Murphy <colleen.murphy@suse.com>
 2022-09-19 16:01:45 -07:00
Benjamin Wang
09db6ec1d7 etcd: Bump golang-jwt/jwt/ version to 4.4.2 
github.com/golang-jwt/jwt adds go mod support startig from 4.0.0,
and it's backwards-compatible with existing v3.x.y tags.

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-09-20 04:06:47 +08:00
Mikel Olasagasti Uranga
89637a4223 Tools/benchmark: migrate cheggaaa/pb.v1 to cheggaaa/pb/v3 
etcdctl/ctlv3: migrate cheggaaa/pb.v1 to cheggaaa/pb/v3

This commit also changes the format of the progress bar, from using a
custom progress bar to the default provided by the library.

Old behaviour:

./benchmarkv1  put
 0 / 10000 B                                                   !   0.00%
 3987 / 10000 Boooooooooooooom                                 !  39.87%
 10000 / 10000 Boooooooooooooooooooooooooooooooooooooooooooo! 100.00% 1s

New behaviour:

./benchmark put
 6536 / 10000 [----------------------->________________] 65.36% 7053 p/s
10000 / 10000 [---------------------------------------] 100.00% 7581 p/s

Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
 2022-06-20 15:47:23 +02:00
Piotr Tabor
88cd0fe695 Refresh minor dependencies. 
Signed-off-by: Piotr Tabor <ptab@google.com>
 2022-06-17 10:23:03 +02:00
Piotr Tabor
e7a84b69c8 Update zap to 1.21. 
Signed-off-by: Piotr Tabor <ptab@google.com>
 2022-06-17 10:05:25 +02:00
Piotr Tabor
17c1dcd614 Update grpc to 1.47 and go-cmp to 0.5.8. 
Signed-off-by: Piotr Tabor <ptab@google.com>
 2022-06-17 08:57:22 +02:00
Vimal Kumar
55f0c96fa0 tests: Migrate Txn tests to common functional test framework 2022-05-11 10:33:47 +05:30
Colleen Murphy
27bd78f6ab Update golang.org/x/crypto to latest 
Update crypto to address CVE-2022-27191.

The CVE fix is added in 0.0.0-20220315160706-3147a52a75dd but this
change updates to latest.
 2022-04-25 09:52:12 -07:00
ahrtr
0dae4b3b1e rollback the opentelemetry bumpping to recover the pipeline failures 2022-04-14 16:13:28 +08:00
Will Beason
eab1e0c5d5 go.mod: upgrade opentelemetry deps 
Downstream users of etcd experience build issues when using dependencies
which require more recent (incompatible) versions of opentelemetry. This
commit upgrades the dependencies so that downstream users stop
experiencing these issues.
 2022-04-13 07:14:10 -07:00
Marek Siarkowicz
1bb59adb1e *: update golang.org/x/crypto 2022-04-08 16:27:52 +02:00
Manuel Rüger
f0f77fc14e go.mod: Bump prometheus/client_golang to v1.12.1 
Signed-off-by: Manuel Rüger <manuel@rueg.eu>
 2022-04-06 19:03:24 +02:00
Kay Yan
afecd3139c fix the api dependency in pkg, and update cobra to 1.4.0 
Signed-off-by: Kay Yan <kay.yan@daocloud.io>
 2022-03-25 17:18:56 +08:00
Piotr Tabor
fdd98477ef Update dep: require gopkg.in/yaml.v2 v2.2.8 -> v2.4.0 due to: CVE-2019-11254 2022-01-17 16:52:58 +01:00
Piotr Tabor
1237b3576c
Merge pull request #13487 from mrueg/go-1.17.3 
*: Bump to go 1.17.6
 2022-01-15 17:01:17 +01:00
Manuel Rüger
cf7e8b3535 go.mod: Bump golang.org/x/net dependency; regenerate go.sum 
Bumps golang.org/x/net dependency due to fix CVE-2021-44716
as requested in https://github.com/etcd-io/etcd/pull/13487#issuecomment-997065540

Signed-off-by: Manuel Rüger <manuel@rueg.eu>
 2022-01-12 03:00:08 +01:00
Your Name
77bf0a5a9e update cobra version to 1.2.1 
Signed-off-by: yankay <kay.yan@daocloud.io>
 2021-12-29 17:35:25 +08:00
Kushal Pisavadia
71493bde3e *: Upgrade to use go.opentelemetry.io/otel@v1.2.0 
Upgrading from v1.0.1.

Upgrading related dependencies
------------------------------

The following dependencies also had to be upgraded:

- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.26.1
  From v0.25.0. This gets rid of a transitive dependency on go.opentelemetry.io/otel@v1.0.1.
- google.golang.org/genproto@v0.0.0-20211118181313-81c1377c94b1
 2021-11-24 16:03:33 +00:00
Chao Chen
b5e4c2d3c4 client/v2: remove unsafe json-iterator/reflect2 2021-11-09 11:16:40 -08:00
Vladimir Ermakov
49a8aa7f49
run fix.sh 
To fix dependencies.

Signed-off-by: Vladimir Ermakov <vooon341@gmail.com>
 2021-10-13 14:08:27 +03:00
Haimantika Mitra
c10d50c4b3 Replace github.com/form3tech-oss/jwt-go with https://github.com/golang-jwt/jwt 
Signed-off-by: Haimantika Mitra <haimantikamitra@gmail.com>

Made required adjustments to the go.sum file

Signed-off-by: Haimantika Mitra <haimantikamitra@gmail.com>

Changed go.sum file in the server directory

Signed-off-by: Haimantika Mitra <haimantikamitra@gmail.com>

Removed the white space

Signed-off-by: Haimantika Mitra <haimantikamitra@gmail.com>

Made required changes

Signed-off-by: Haimantika Mitra <haimantikamitra@gmail.com>

Trying to fix the fails

Signed-off-by: haimantika mitra <haimantikamitra@gmail.com>

Removed error

Signed-off-by: haimantika mitra <haimantikamitra@gmail.com>

Fixed bill-of-materials.json file

Signed-off-by: haimantika mitra <haimantikamitra@gmail.com>

Changed go.mod with recent version

Signed-off-by: haimantika mitra <haimantikamitra@gmail.com>

Newer version changes

Signed-off-by: haimantika mitra <haimantikamitra@gmail.com>

Changes to etcdutl directory

Signed-off-by: haimantika mitra <haimantikamitra@gmail.com>
 2021-08-03 13:49:47 +05:30
Lili Cosic
16477a8270 Update client_golang dependency to v1.11.0 2021-06-07 14:49:57 +02:00
Piotr Tabor
404efd70f7 Upgrade of prometheous deps. 
For now we need to depend on unstable: prometheus/client_golang
 2021-06-03 16:07:01 +02:00
Piotr Tabor
edcfe575cf Update dependencies: 
- github.com/coreos/go-systemd/v22 v22.3.2
  - github.com/google/btree v1.0.1
  - github.com/json-iterator/go v1.1.11
  - github.com/mattn/go-runewidth v0.0.13
  - github.com/prometheus/client_golang v1.10.0
  - github.com/prometheus/common v0.26.0
  - github.com/sirupsen/logrus v1.8.1
 2021-06-03 13:03:01 +02:00
Piotr Tabor
b240625d21 Update bbolt to v1.3.6. 
`./scripts/update_dep.sh go.etcd.io/bbolt v1.3.6`
 2021-06-03 12:39:53 +02:00
Piotr Tabor
90cea7d4e7 Update zap to v1.17.0. 2021-06-03 12:37:43 +02:00
Piotr Tabor
ea8b9e6c18 Improve output of the 'functional' tests 
- Use go testing infrastructure, such that logs are printed only in
case of failure.
 - Split the test into multiple sub-round and sub-round-testcases such
   that tree of execution reflects the logic.
 - Use 'development' loggers that are formatting the output to be human
readable.
 2021-05-31 15:31:48 +02:00
Piotr Tabor
bda32db121 Expose clientv3.CreateDefaultZapLoggerConfig 
Need raised in
f3f4259d3f.

BTW: Alligned the implementation of grpclogs with what we use in embed
server, so reduced the client code dependencies.
 2021-05-25 22:59:08 +02:00
Lili Cosic
fe2a9bd7e9 Update go.mod and go.sum files after running scripts 2021-05-20 13:41:41 +02:00