Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

backend, cli: fix vulnerability issues scanned by third-party tools #623

Merged
merged 2 commits into from
Aug 5, 2024

Conversation

djshow832
Copy link
Collaborator

What problem does this PR solve?

Issue Number: close #620

Problem Summary:
Third-party tools treat math/rand and unsafe as insecure packages.

What is changed and how it works:

  • Replace unsafe
  • Remove math/rand

Check List

Tests

  • Unit test
  • Integration test
  • Manual test (add detailed scripts or steps below)
  • No code

Notable changes

  • Has configuration change
  • Has HTTP API interfaces change
  • Has tiproxyctl change
  • Other user behavior changes

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

None

@ti-chi-bot ti-chi-bot bot requested review from bb7133 and xhebox August 5, 2024 06:36
@ti-chi-bot ti-chi-bot bot added the size/S label Aug 5, 2024
@codecov-commenter
Copy link

Codecov Report

All modified and coverable lines are covered by tests ✅

Please upload report for BASE (main@c8d0d82). Learn more about missing BASE report.

Additional details and impacted files
@@           Coverage Diff           @@
##             main     #623   +/-   ##
=======================================
  Coverage        ?   68.74%           
=======================================
  Files           ?       85           
  Lines           ?     7955           
  Branches        ?        0           
=======================================
  Hits            ?     5469           
  Misses          ?     2097           
  Partials        ?      389           
Flag Coverage Δ
unit 68.74% <100.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@ti-chi-bot ti-chi-bot bot added the lgtm label Aug 5, 2024
Copy link

ti-chi-bot bot commented Aug 5, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: xhebox

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Copy link

ti-chi-bot bot commented Aug 5, 2024

[LGTM Timeline notifier]

Timeline:

  • 2024-08-05 07:26:14.452318104 +0000 UTC m=+250504.319417193: ☑️ agreed by xhebox.

@ti-chi-bot ti-chi-bot bot added the approved label Aug 5, 2024
@ti-chi-bot ti-chi-bot bot merged commit e3d35cb into pingcap:main Aug 5, 2024
5 checks passed
@djshow832 djshow832 deleted the unsafe branch August 5, 2024 07:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Fix vulnerability issues scanned by third-party tools
3 participants