Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,153 Commits 15 Branches 491 Tags 148 MiB
Commit Graph

38 Commits

Author SHA1 Message Date
Benjamin Wang
ac98432f0b dependency: bump github.com/dustin/go-humanize from v1.0.0 to v1.0.1 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2023-01-17 06:37:19 +08:00
Benjamin Wang
2c192f4205 deps: bump go.uber.org/multierr from 1.8.0 to 1.9.0 in /server 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 04:00:49 +08:00
Benjamin Wang
c2a7a5870d deps: bump github.com/prometheus/client_golang from 1.12.2 to 1.14.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 03:42:11 +08:00
Benjamin Wang
bc41c0963b deps: bump github.com/coreos/go-systemd/v22 from 22.3.2 to 22.5.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 03:38:55 +08:00
Benjamin Wang
1a0af6fee6 deps: bump go.uber.org/zap from 1.21.0 to 1.24.0 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-14 03:33:24 +08:00
Benjamin Wang
1ba246e1d8 bump golang.org/x/ to v0.4.0 
Found 1 known vulnerability.

Vulnerability #1: GO-2022-1144
  An attacker can cause excessive memory growth in a Go server
  accepting HTTP/2 requests. HTTP/2 server connections contain a
  cache of HTTP header keys sent by the client. While the total
  number of entries in this cache is capped, an attacker sending
  very large keys can cause the server to allocate approximately
  64 MiB per open connection.

  Call stacks in your code:
Error:       tools/etcd-dump-metrics/main.go:158:5: go.etcd.io/etcd/v3/tools/etcd-dump-metrics.main calls go.etcd.io/etcd/server/v3/embed.StartEtcd, which eventually calls golang.org/x/net/http2.Server.ServeConn

  Found in: golang.org/x/net/http2@v0.2.0
  Fixed in: golang.org/x/net/http2@v0.4.0
  More info: https://pkg.go.dev/vuln/GO-2022-1144
Error: Process completed with exit code 3.

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-12-09 08:54:48 +08:00
Benjamin Wang
3f86db5e53 bump golang.org/x imports to address CVEs 
Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32149

Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-11-30 05:03:43 +08:00
Benjamin Wang
285e44378f bump github.com/stretchr/testify from v1.7.2 to v1.8.1 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-11-26 10:51:32 +08:00
Wei Fu
cf285ea3c7 bump grpc to v1.51.0 from v1.47.0 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-11-23 22:16:22 +08:00
Benjamin Wang
cd0b1d0c66 Bump go 1.19: upgrade go version to 1.19 in all go.mod files 
Signed-off-by: Benjamin Wang <wachao@vmware.com>
 2022-09-22 08:47:46 +08:00
Piotr Tabor
88cd0fe695 Refresh minor dependencies. 
Signed-off-by: Piotr Tabor <ptab@google.com>
 2022-06-17 10:23:03 +02:00
Piotr Tabor
e7a84b69c8 Update zap to 1.21. 
Signed-off-by: Piotr Tabor <ptab@google.com>
 2022-06-17 10:05:25 +02:00
Piotr Tabor
17c1dcd614 Update grpc to 1.47 and go-cmp to 0.5.8. 
Signed-off-by: Piotr Tabor <ptab@google.com>
 2022-06-17 08:57:22 +02:00
ahrtr
0dae4b3b1e rollback the opentelemetry bumpping to recover the pipeline failures 2022-04-14 16:13:28 +08:00
Will Beason
eab1e0c5d5 go.mod: upgrade opentelemetry deps 
Downstream users of etcd experience build issues when using dependencies
which require more recent (incompatible) versions of opentelemetry. This
commit upgrades the dependencies so that downstream users stop
experiencing these issues.
 2022-04-13 07:14:10 -07:00
Manuel Rüger
f0f77fc14e go.mod: Bump prometheus/client_golang to v1.12.1 
Signed-off-by: Manuel Rüger <manuel@rueg.eu>
 2022-04-06 19:03:24 +02:00
ahrtr
f978da4f4f move the newClientCfg into clientv3 package so as to be reused by both etcdctl and v3discovery 2022-03-24 06:18:25 +08:00
Marek Siarkowicz
fb55910500 version: bump up to 3.6.0-alpha.0 2022-02-28 13:20:27 +01:00
Piotr Tabor
fdd98477ef Update dep: require gopkg.in/yaml.v2 v2.2.8 -> v2.4.0 due to: CVE-2019-11254 2022-01-17 16:52:58 +01:00
Kushal Pisavadia
71493bde3e *: Upgrade to use go.opentelemetry.io/otel@v1.2.0 
Upgrading from v1.0.1.

Upgrading related dependencies
------------------------------

The following dependencies also had to be upgraded:

- go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.26.1
  From v0.25.0. This gets rid of a transitive dependency on go.opentelemetry.io/otel@v1.0.1.
- google.golang.org/genproto@v0.0.0-20211118181313-81c1377c94b1
 2021-11-24 16:03:33 +00:00
Lili Cosic
e6e279a14d *: Bump go to go v1.17.2 2021-10-27 13:44:54 +02:00
Vladimir Ermakov
49a8aa7f49
run fix.sh 
To fix dependencies.

Signed-off-by: Vladimir Ermakov <vooon341@gmail.com>
 2021-10-13 14:08:27 +03:00
Lili Cosic
df696a7e76 go.mod: Bump etcd to 3.5.0 2021-06-22 12:25:39 +02:00
Lili Cosic
16477a8270 Update client_golang dependency to v1.11.0 2021-06-07 14:49:57 +02:00
Piotr Tabor
404efd70f7 Upgrade of prometheous deps. 
For now we need to depend on unstable: prometheus/client_golang
 2021-06-03 16:07:01 +02:00
Piotr Tabor
edcfe575cf Update dependencies: 
- github.com/coreos/go-systemd/v22 v22.3.2
  - github.com/google/btree v1.0.1
  - github.com/json-iterator/go v1.1.11
  - github.com/mattn/go-runewidth v0.0.13
  - github.com/prometheus/client_golang v1.10.0
  - github.com/prometheus/common v0.26.0
  - github.com/sirupsen/logrus v1.8.1
 2021-06-03 13:03:01 +02:00
Piotr Tabor
90cea7d4e7 Update zap to v1.17.0. 2021-06-03 12:37:43 +02:00
Lili Cosic
1a718a958e Add initial Tracing with OpenTelemetry 2021-05-10 10:44:40 +02:00
Piotr Tabor
3423a949c0 Update go for 3.5: 1.15 -> 1.16.(3). 
https://github.com/etcd-io/etcd/issues/12732
 2021-04-19 16:50:54 +02:00
Piotr Tabor
eafbc8c57e Update zap logging dependency. 
In particular bring up zapgrpc V2 code:
89e382035d
https://pkg.go.dev/google.golang.org/grpc/grpclog#LoggerV2
 2021-04-14 12:15:48 +02:00
Piotr Tabor
3bb7acc8cf Migrate dependencies pkg/foo -> client/pkg/foo 2021-04-07 00:38:47 +02:00
Piotr Tabor
a60676686b Update dep: grpc: 1.32.0 -> 1.36.0. 2021-03-24 22:27:55 +01:00
Piotr Tabor
60d5159091 version: bump up to 3.5.0-alpha.0 2021-02-24 19:55:45 +00:00
Piotr Tabor
1a9c81abda Update grpc dependency to 1.32. 
Simplify grpc testing infrastructure to align with upstream changes.
 2021-02-23 11:31:50 +01:00
Piotr Tabor
0b75fede64 Replace client/v3/balancer with standard components: resolver + round_robin LB 
This commit significantly reduces volume of custom code
in etcd client v3, while preserving full existing functionality.
 2021-02-08 18:50:31 +01:00
Danny Hermes
ea34f8dbc6 Prepare balancer interfaces for >=google.golang.org/grpc@1.30.0 upgrade. 2021-02-02 15:54:33 -06:00
Piotr Tabor
eeafcef0d2 Use "v3.5.0-pre" to reference within-etcd modules 
instead of v3.0.0-000101010000000-00000000000,
that might be misleading as we don't develop etcd v3.0.0 any longer.

This version is a virtual version and is not supposed to be tagged
within the repository. We should tag real versions like: 3.5.0-alpha.0.

Please notice that go.etcd.io/etcd/client/v2 will be versioned as `v2.305.0-pre`.
The reason is that client v2 must have v2 version. I propose a
convention to envode the major version as 100x in minor version to make
the association to the underlying repository clear, staying within v2
version family.

The change was generated using:
```
DRY_RUN=false TARGET_VERSION="v3.5.0-pre" ./scripts/release_mod.sh update_versions
```
 2020-11-04 18:28:43 +01:00
Piotr Tabor
cf795c0ae6 client/v3: Create and update go.mod 2020-10-20 10:09:12 +02:00