Build fix (#1374)

* Bump reqwest from 0.11.4 to 0.11.5 in /src/proxy-manager (#1336) Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.4 to 0.11.5. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.4...v0.11.5) --- updated-dependencies: - dependency-name: reqwest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump reqwest from 0.11.4 to 0.11.5 in /src/agent (#1335) Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.4 to 0.11.5. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.4...v0.11.5) --- updated-dependencies: - dependency-name: reqwest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Work around for newly-upgraded pip breaking pip-licenses (#1346) * Work around for newly upgrdaded pip breaking pip-licenses (can be reverted once raimon49/pip-licenses#113 is fixed) * Update .github/workflows/ci.yml Co-authored-by: Joe Ranweiler <joe@lemma.co> Co-authored-by: stas <statis@microsoft.com> Co-authored-by: Joe Ranweiler <joe@lemma.co> * Bump iced-x86 from 1.14.0 to 1.15.0 in /src/agent (#1337) Bumps [iced-x86](https://github.com/icedland/iced) from 1.14.0 to 1.15.0. - [Release notes](https://github.com/icedland/iced/releases) - [Commits](icedland/iced@v1.14.0...v1.15.0) --- updated-dependencies: - dependency-name: iced-x86 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * revert pip breaking pip-licenses workaround (#1348) Co-authored-by: stas <statis@microsoft.com> * Bump thiserror from 1.0.29 to 1.0.30 in /src/proxy-manager (#1341) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.29 to 1.0.30. - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](dtolnay/thiserror@1.0.29...1.0.30) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump thiserror from 1.0.29 to 1.0.30 in /src/agent (#1342) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 1.0.29 to 1.0.30. - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](dtolnay/thiserror@1.0.29...1.0.30) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump strum from 0.21.0 to 0.22.0 in /src/agent (#1343) Bumps [strum](https://github.com/Peternator7/strum) from 0.21.0 to 0.22.0. - [Release notes](https://github.com/Peternator7/strum/releases) - [Changelog](https://github.com/Peternator7/strum/blob/master/CHANGELOG.md) - [Commits](https://github.com/Peternator7/strum/commits) --- updated-dependencies: - dependency-name: strum dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump azure cli to 2.27.2 (#1355) * Bump azure cli to 2.27.2 * fixing up add-corpus-storage-account script Co-authored-by: stas <statis@microsoft.com> * Bump azure-identity to 1.6.1 (#1356) Co-authored-by: stas <statis@microsoft.com> * Bump strum_macros from 0.21.1 to 0.22.0 in /src/agent (#1344) Bumps [strum_macros](https://github.com/Peternator7/strum) from 0.21.1 to 0.22.0. - [Release notes](https://github.com/Peternator7/strum/releases) - [Changelog](https://github.com/Peternator7/strum/blob/master/CHANGELOG.md) - [Commits](https://github.com/Peternator7/strum/commits) --- updated-dependencies: - dependency-name: strum_macros dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marc Greisen <marc@greisen.org> * Bump sysinfo from 0.20.4 to 0.20.5 in /src/agent (#1353) Bumps [sysinfo](https://github.com/GuillaumeGomez/sysinfo) from 0.20.4 to 0.20.5. - [Release notes](https://github.com/GuillaumeGomez/sysinfo/releases) - [Changelog](https://github.com/GuillaumeGomez/sysinfo/blob/master/CHANGELOG.md) - [Commits](https://github.com/GuillaumeGomez/sysinfo/commits) --- updated-dependencies: - dependency-name: sysinfo dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Release 3.2.0 (#1361) * Release 3.2.0 * Added python dependencies * Update CHANGELOG.md Co-authored-by: Cheick Keita <kcheick@gmail.com> * Update CHANGELOG.md Co-authored-by: Joe Ranweiler <joe@lemma.co> * Update grammar * Update CHANGELOG.md Co-authored-by: Joe Ranweiler <joe@lemma.co> Co-authored-by: Cheick Keita <kcheick@gmail.com> Co-authored-by: Joe Ranweiler <joe@lemma.co> * Temporarily ignore non-actionable `cargo audit` errors (#1365) * Azure DevOps notifications not appearing (#1370) Co-authored-by: stas <statis@microsoft.com> * Bump procfs from 0.10.1 to 0.11.0 in /src/agent (#1360) Bumps [procfs](https://github.com/eminence/procfs) from 0.10.1 to 0.11.0. - [Release notes](https://github.com/eminence/procfs/releases) - [Commits](eminence/procfs@v0.10.1...v0.11.0) --- updated-dependencies: - dependency-name: procfs dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Marc Greisen <marc@greisen.org> * Bump structopt from 0.3.23 to 0.3.25 in /src/agent (#1364) Bumps [structopt](https://github.com/TeXitoi/structopt) from 0.3.23 to 0.3.25. - [Release notes](https://github.com/TeXitoi/structopt/releases) - [Changelog](https://github.com/TeXitoi/structopt/blob/master/CHANGELOG.md) - [Commits](TeXitoi/structopt@v0.3.23...v0.3.25) --- updated-dependencies: - dependency-name: structopt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump reqwest from 0.11.5 to 0.11.6 in /src/proxy-manager (#1367) Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.11.5 to 0.11.6. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](seanmonstar/reqwest@v0.11.5...v0.11.6) --- updated-dependencies: - dependency-name: reqwest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: stas <statis@microsoft.com> Co-authored-by: Joe Ranweiler <joe@lemma.co> Co-authored-by: Marc Greisen <marc@greisen.org> Co-authored-by: Cheick Keita <kcheick@gmail.com> Co-authored-by: Joe Ranweiler <joranwei@microsoft.com>
microsoft · Oct 20, 2021 · abe9f48 · abe9f48
1 parent 5bead65
commit abe9f48
Show file tree

Hide file tree

Showing 17 changed files with 64 additions and 53 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 3.2.0
+### Changed
+* Agent/Supervisor/Proxy: Updated multiple third-party Rust dependencies. [#1301](https://github.com/microsoft/onefuzz/pull/1301), [#1302](https://github.com/microsoft/onefuzz/pull/1302), [#1310](https://github.com/microsoft/onefuzz/pull/1310), [#1312](https://github.com/microsoft/onefuzz/pull/1312), [#1332](https://github.com/microsoft/onefuzz/pull/1332), [#1335](https://github.com/microsoft/onefuzz/pull/1335), [#1336](https://github.com/microsoft/onefuzz/pull/1336), [#1337](https://github.com/microsoft/onefuzz/pull/1337), [#1341](https://github.com/microsoft/onefuzz/pull/1341), [#1342](https://github.com/microsoft/onefuzz/pull/1342), [#1343](https://github.com/microsoft/onefuzz/pull/1343), [#1344](https://github.com/microsoft/onefuzz/pull/1344), [#1353](https://github.com/microsoft/onefuzz/pull/1353)
+* CLI/Service: Updated multiple first-party and third-party Python dependencies.  [#1346](https://github.com/microsoft/onefuzz/pull/1346), [#1348](https://github.com/microsoft/onefuzz/pull/1348), [#1355](https://github.com/microsoft/onefuzz/pull/1355), [#1356](https://github.com/microsoft/onefuzz/pull/1356)
+
+### Fixed
+* Service: Fixed authentication when using a client secret. [#1300](https://github.com/microsoft/onefuzz/pull/1300)
+* Deployment: Fixed an issue where the wrong AppRole was assigned when creating new CLI registrations. [#1308](https://github.com/microsoft/onefuzz/pull/1308)
+* Deployment: Suppress a dependency's noisy logging of handled errors when deploying. [#1304](https://github.com/microsoft/onefuzz/pull/1304)
+
 ## 3.1.0
 ### Added
 * Agent: Added ability to handle fake crash reports generated by debugging tools during regression tasks. [#1233](https://github.com/microsoft/onefuzz/pull/1233)

diff --git a/CURRENT_VERSION b/CURRENT_VERSION
@@ -1 +1 @@
-3.1.0
+3.2.0
diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock
diff --git a/src/agent/coverage/Cargo.toml b/src/agent/coverage/Cargo.toml
@@ -17,7 +17,7 @@ debugger = { path = "../debugger" }
 dunce = "1.0"
 fixedbitset = "0.4"
 goblin = "0.4"
-iced-x86 = { version = "1.14", features = ["decoder", "op_code_info", "instr_info", "masm"] }
+iced-x86 = { version = "1.15", features = ["decoder", "op_code_info", "instr_info", "masm"] }
 log = "0.4"
 memmap2 = "0.5"
 msvc-demangler = "0.9"
@@ -33,7 +33,7 @@ winapi = "0.3"
 
 [target.'cfg(target_os = "linux")'.dependencies]
 pete = "0.8"
-procfs = "0.10"
+procfs = "0.11"
 
 [dev-dependencies]
 env_logger = "0.9"

diff --git a/src/agent/debugger/Cargo.toml b/src/agent/debugger/Cargo.toml
@@ -9,7 +9,7 @@ license = "MIT"
 anyhow = "1.0"
 fnv = "1.0"
 goblin = "0.4"
-iced-x86 = "1.14"
+iced-x86 = "1.15"
 log = "0.4"
 memmap2 = "0.5"
 rand = "0.8"

diff --git a/src/agent/onefuzz-agent/Cargo.toml b/src/agent/onefuzz-agent/Cargo.toml
@@ -32,8 +32,8 @@ onefuzz = { path = "../onefuzz" }
 onefuzz-telemetry = { path = "../onefuzz-telemetry" }
 path-absolutize = "3.0"
 reqwest-retry = { path = "../reqwest-retry" }
-strum = "0.21"
-strum_macros = "0.21"
+strum = "0.22"
+strum_macros = "0.22"
 stacktrace-parser = { path = "../stacktrace-parser" }
 storage-queue = { path = "../storage-queue" }
 tempfile = "3.2"

diff --git a/src/agent/onefuzz-telemetry/Cargo.toml b/src/agent/onefuzz-telemetry/Cargo.toml
@@ -20,7 +20,7 @@ log = "0.4"
 uuid = { version = "0.8", features = ["serde", "v4"] }
 serde = { version = "1.0", features = ["derive"] }
 z3-sys = { version = "0.6", optional = true}
-iced-x86 = { version = "1.14", optional = true}
+iced-x86 = { version = "1.15", optional = true}
 tokio = { version = "1.12", features = ["full"] }
 lazy_static = "1.4"
 

diff --git a/src/agent/onefuzz/Cargo.toml b/src/agent/onefuzz/Cargo.toml
@@ -34,8 +34,8 @@ uuid = { version = "0.8", features = ["serde", "v4"] }
 urlparse = "0.7"
 ring = "0.16"
 storage-queue = { path = "../storage-queue" }
-strum = "0.21"
-strum_macros = "0.21"
+strum = "0.22"
+strum_macros = "0.22"
 tempfile = "3.2"
 process_control = "3.0"
 reqwest-retry = { path = "../reqwest-retry"}

diff --git a/src/api-service/__app__/onefuzzlib/notifications/ado.py b/src/api-service/__app__/onefuzzlib/notifications/ado.py
@@ -261,6 +261,7 @@ def notify_ado(
 
     try:
         ado = ADO(container, filename, config, report)
+        ado.connect()
         ado.process()
     except (
         AzureDevOpsAuthenticationError,

diff --git a/src/api-service/__app__/requirements.txt b/src/api-service/__app__/requirements.txt
@@ -5,7 +5,7 @@ azure-cosmosdb-table==1.0.6
 azure-devops==6.0.0b4
 azure-functions==1.7.2
 azure-graphrbac~=0.61.1
-azure-identity==1.6.0
+azure-identity==1.6.1
 azure-keyvault-secrets~=4.3.0
 azure-mgmt-compute==22.0
 azure-mgmt-core==1.3.0

diff --git a/src/ci/agent.sh b/src/ci/agent.sh
@@ -35,11 +35,13 @@ if [ X${CARGO_INCREMENTAL} == X ]; then
 fi
 
 cargo fmt -- --check
-# RUSTSEC-2020-0016: a dependency net2 (pulled in from tokio) is deprecated
-# RUSTSEC-2020-0036: a dependency failure (pulled from proc-maps) is deprecated
-# RUSTSEC-2019-0036: a dependency failure (pulled from proc-maps) has type confusion vulnerability
-# RUSTSEC-2021-0065: a dependency anymap is no longer maintained
-cargo audit --deny warnings --deny unmaintained --deny unsound --deny yanked --ignore RUSTSEC-2020-0016 --ignore RUSTSEC-2020-0036 --ignore RUSTSEC-2019-0036 --ignore RUSTSEC-2021-0065
+# RUSTSEC-2020-0016: a dependency `net2` (pulled in from tokio) is deprecated
+# RUSTSEC-2020-0036: a dependency `failure` (pulled from proc-maps) is deprecated
+# RUSTSEC-2019-0036: a dependency `failure` (pulled from proc-maps) has type confusion vulnerability
+# RUSTSEC-2021-0065: a dependency `anymap` is no longer maintained
+# RUSTSEC-2020-0159: potential segfault in `time`, not yet patched (#1366)
+# RUSTSEC-2020-0071: potential segfault in `chrono`, not yet patched (#1366)
+cargo audit --deny warnings --deny unmaintained --deny unsound --deny yanked --ignore RUSTSEC-2020-0016 --ignore RUSTSEC-2020-0036 --ignore RUSTSEC-2019-0036 --ignore RUSTSEC-2021-0065 --ignore RUSTSEC-2020-0159 --ignore RUSTSEC-2020-0071
 cargo-license -j > data/licenses.json
 cargo build --release --locked
 cargo clippy --release -- -D warnings

diff --git a/src/ci/proxy.sh b/src/ci/proxy.sh
@@ -12,9 +12,11 @@ mkdir -p artifacts/proxy
 cd src/proxy-manager
 cargo fmt -- --check
 cargo clippy --release -- -D warnings
-# RUSTSEC-2020-0016: a dependency net2 (pulled in from tokio) is deprecated
-# RUSTSEC-2021-0065: a dependency anymap is no longer supported
-cargo audit --deny warnings --deny unmaintained --deny unsound --deny yanked --ignore RUSTSEC-2020-0016 --ignore RUSTSEC-2021-0065
+# RUSTSEC-2020-0016: a dependency `net2` (pulled in from `tokio`) is deprecated
+# RUSTSEC-2021-0065: a dependency `anymap` is no longer supported
+# RUSTSEC-2020-0159: potential segfault in `time`, not yet patched (#1366)
+# RUSTSEC-2020-0071: potential segfault in `chrono`, not yet patched (#1366)
+cargo audit --deny warnings --deny unmaintained --deny unsound --deny yanked --ignore RUSTSEC-2020-0016 --ignore RUSTSEC-2021-0065 --ignore RUSTSEC-2020-0159 --ignore RUSTSEC-2020-0071
 cargo-license -j > data/licenses.json
 cargo build --release --locked
 # export RUST_LOG=trace

diff --git a/src/cli/requirements.txt b/src/cli/requirements.txt
@@ -11,7 +11,7 @@ azure-storage-blob~=12.8
 azure-applicationinsights==0.1.0
 tenacity==8.0.1
 docstring_parser==0.8.1
-azure-cli-core==2.26.1
+azure-cli-core==2.27.2
 # packaging is required but not specified by azure-cli-core
 packaging==20.9
 # urllib3[secure] needs to be specifically stated for azure-cli-core

diff --git a/src/deployment/requirements.txt b/src/deployment/requirements.txt
@@ -1,5 +1,5 @@
-azure-cli-core==2.26.0
-azure-cli==2.26.0
+azure-cli-core==2.27.2
+azure-cli==2.27.2
 azure-cosmosdb-table==1.0.6
 azure-mgmt-eventgrid==9.0.0
 azure-mgmt-resource==18.0.0

diff --git a/src/proxy-manager/Cargo.lock b/src/proxy-manager/Cargo.lock
diff --git a/src/utils/add-corpus-storage-accounts/add-corpus-storage-account.py b/src/utils/add-corpus-storage-accounts/add-corpus-storage-account.py
@@ -53,7 +53,7 @@ def add_event_grid(src_account_id: str, resource_group: str, location: str) -> N
 
     topic_id = uuid.uuid5(STORAGE_GUID_NAMESPACE, src_account_id).hex
 
-    result = client.event_subscriptions.create_or_update(
+    result = client.event_subscriptions.begin_create_or_update(
         src_account_id, "corpus" + topic_id, event_subscription_info
     ).result()
     if result.provisioning_state != "Succeeded":

diff --git a/src/utils/add-corpus-storage-accounts/requirements.txt b/src/utils/add-corpus-storage-accounts/requirements.txt
@@ -1,3 +1,3 @@
 azure-mgmt-storage~=18.0.0
-azure-cli-core==2.19.1
+azure-cli-core==2.27.2
 azure-mgmt-eventgrid==3.0.0rc9