Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Upgrade go-retryablehttp to v0.7.7 #3743

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix: Upgrade go-retryablehttp to v0.7.7 #3743

wants to merge 1 commit into from

Conversation

Rizwana777
Copy link

@Rizwana777 Rizwana777 commented Jul 24, 2024
edited
Loading

fixes #3700

@Rizwana777 Rizwana777 force-pushed the fix-cve-2024-6104 branch 2 times, most recently from edfaf08 to a85feb7 Compare July 24, 2024 16:10
@codecov Codecov
Copy link

codecov bot commented Jul 24, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 83.87%. Comparing base (b0d74e5) to head (796a467).

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #3743   +/-   ##
=======================================
  Coverage   83.87%   83.87%           
=======================================
  Files         163      163           
  Lines       18564    18564           
=======================================
  Hits        15571    15571           
  Misses       2120     2120           
  Partials      873      873

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@github-actions GitHub Actions
Copy link
Contributor

Go Published Test Results

2 171 tests   2 171 ✅  2m 54s ⏱️
  119 suites      0 💤
    1 files        0 ❌

Results for commit a85feb7.

@github-actions GitHub Actions
Copy link
Contributor

E2E Tests Published Test Results

  4 files    4 suites   3h 31m 8s ⏱️
111 tests  99 ✅  6 💤 6 ❌
452 runs  420 ✅ 24 💤 8 ❌

For more details on these failures, see this check.

Results for commit a85feb7.

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jul 25, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@github-actions GitHub Actions
Copy link
Contributor

Testing Published Test Results

    5 files    123 suites   3h 33m 26s ⏱️
2 282 tests 2 271 ✅  6 💤  5 ❌
2 627 runs  2 591 ✅ 24 💤 12 ❌

For more details on these failures, see this check.

Results for commit 6054058.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 19, 2024
edited
Loading

Published E2E Test Results

  4 files    4 suites   3h 17m 27s ⏱️
113 tests 103 ✅  7 💤  3 ❌
468 runs  427 ✅ 28 💤 13 ❌

For more details on these failures, see this check.

Results for commit 796a467.

♻️ This comment has been updated with latest results.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 19, 2024
edited
Loading

Published Unit Test Results

2 275 tests   2 275 ✅  2m 59s ⏱️
  128 suites      0 💤
    1 files        0 ❌

Results for commit 796a467.

♻️ This comment has been updated with latest results.

jgwest
jgwest approved these changes Sep 19, 2024
View reviewed changes
Copy link
Member

@jgwest jgwest left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM:

  • Confirmed that all the dependency updates in go.mod are directly related to the upgrade of go-retryablehttp to the requisite version to fix the CVE
  • Unit tests and E2E tests are passing, no obvious issues in 'E2E test results' logs

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Oct 11, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@Rizwana777
Copy link
Author

Hi @zachaller can you please review and merge this PR?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jgwest jgwest jgwest approved these changes

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Upgrade go-retryablehttp to 0.7.7 to address Security vulnerability
2 participants
@Rizwana777 @jgwest