Skip to content

chore(deps): Bump github.com/lxc/incus v0.4.0 to v6.2.0 #15441

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jun 6, 2024
Merged

chore(deps): Bump github.com/lxc/incus v0.4.0 to v6.2.0 #15441

merged 5 commits into from
Jun 6, 2024

Conversation

powersj
Copy link
Contributor

@powersj powersj commented May 31, 2024
edited
Loading

Summary

Resolves security notification by removing gopkg.in/square/go-jose.v2 in favor
of github.com/go-jose/go-jose/v4. This dependency was not directly used by telegraf, but in our in-tree testing.

Checklist

  • No AI generated code was used in this PR
@powersj powersj added the ready for final review This pull request has been reviewed and/or tested by multiple users and is ready for a final review. label May 31, 2024
@telegraf-tiger telegraf-tiger bot added the chore label May 31, 2024
@powersj powersj force-pushed the deps/square-jose branch from 5bcfc12 to 9c9c6aa Compare May 31, 2024 20:10
@powersj powersj changed the title chore(deps): Bump gopkg.in/square/go-jose.v2 from v2.6.0 to v2.6.3 May 31, 2024
@powersj powersj removed the ready for final review This pull request has been reviewed and/or tested by multiple users and is ready for a final review. label May 31, 2024
@powersj powersj assigned powersj and unassigned srebhan and mstrandboge May 31, 2024
@powersj powersj force-pushed the deps/square-jose branch from dc814ca to 7e2765c Compare June 4, 2024 13:24
@powersj powersj added the ready for final review This pull request has been reviewed and/or tested by multiple users and is ready for a final review. label Jun 4, 2024
@powersj powersj assigned srebhan and mstrandboge and unassigned powersj Jun 4, 2024
srebhan
srebhan reviewed Jun 4, 2024
View reviewed changes
Copy link
Member

@srebhan srebhan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @powersj! I do have one question in the code... Furthermore, the PR description has a TODO, is this still valid?
@srebhan srebhan added the dependencies Pull requests that update a dependency file label Jun 5, 2024
@srebhan srebhan removed their assignment Jun 5, 2024
@powersj powersj force-pushed the deps/square-jose branch from 7e2765c to 4362333 Compare June 5, 2024 16:25
@powersj powersj force-pushed the deps/square-jose branch from d07dcd0 to 2935dd2 Compare June 6, 2024 16:34
@telegraf-tiger
Copy link
Contributor

telegraf-tiger bot commented Jun 6, 2024

Download PR build artifacts for linux_amd64.tar.gz, darwin_arm64.tar.gz, and windows_amd64.zip.
Downloads for additional architectures and packages are available below.

☺️ This pull request doesn't significantly change the Telegraf binary size (less than 1%)

📦 Click here to get additional PR build artifacts

Artifact URLs

DEB RPM TAR GZ ZIP
amd64.deb aarch64.rpm darwin_amd64.tar.gz windows_amd64.zip
arm64.deb armel.rpm darwin_arm64.tar.gz windows_arm64.zip
armel.deb armv6hl.rpm freebsd_amd64.tar.gz windows_i386.zip
armhf.deb i386.rpm freebsd_armv7.tar.gz
i386.deb ppc64le.rpm freebsd_i386.tar.gz
mips.deb riscv64.rpm linux_amd64.tar.gz
mipsel.deb s390x.rpm linux_arm64.tar.gz
ppc64el.deb x86_64.rpm linux_armel.tar.gz
riscv64.deb linux_armhf.tar.gz
s390x.deb linux_i386.tar.gz
linux_mips.tar.gz
linux_mipsel.tar.gz
linux_ppc64le.tar.gz
linux_riscv64.tar.gz
linux_s390x.tar.gz
@mstrandboge mstrandboge merged commit b792999 into influxdata:master Jun 6, 2024
27 checks passed
@github-actions github-actions bot added this to the v1.31.0 milestone Jun 6, 2024
@zmyzheng
Copy link
Contributor

Hi @powersj , just curious, could you share with part of code depends on github.com/go-jose/go-jose/v4? I don't see it somehow, maybe I missed something.
@powersj
Copy link
Contributor Author

powersj commented Jun 10, 2024
edited
Loading

From the PR description:

This dependency was not directly used by telegraf, but in our in-tree testing.

❯ go mod why -m github.com/go-jose/go-jose/v4
# github.com/go-jose/go-jose/v4
github.com/influxdata/telegraf/tools/package_incus_test
github.com/lxc/incus/v6/client
github.com/zitadel/oidc/v3/pkg/client/rp
github.com/go-jose/go-jose/v4
@BrewTestBot BrewTestBot mentioned this pull request Jun 10, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
chore dependencies Pull requests that update a dependency file ready for final review This pull request has been reviewed and/or tested by multiple users and is ready for a final review.
4 participants
@powersj @zmyzheng @srebhan @mstrandboge