-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump github.com/gogo/protobuf to v1.3.2 in .bingo #3853
Conversation
378d9fc
to
44431b0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! I just have a small nit but not a blocker.
.github/workflows/go.yaml
Outdated
- name: Format | ||
run: make format | ||
|
||
- name: Format |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- name: Format | |
- name: Check proto |
Nit: Something like this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
v nice :) thanks!
44431b0
to
8d135b2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great! Only one problem I have seen.
It is consistent with the version used in the root go.mod and helps with CVE-2021-3121. Signed-off-by: Simon Pasquier <spasquie@redhat.com>
8d135b2
to
b1fd1f4
Compare
FYI: I think you accidentally missed .bingo/Variables.mk and variables.env |
@codefromthecrypt correct although it doesn't change anything in practice: the code has been generated with gogo/protobuf v1.3.2. I won't have time to submit a follow-up PR so go ahead if you wish :) |
@simonpasquier sure why not. #3902 |
It is consistent with the version used in the root go.mod and helps with CVE-2021-3121. Signed-off-by: Simon Pasquier <spasquie@redhat.com>
Changes
In practice, the recent bump of github.com/gogo/protobuf (introduced by #3804) changes the generated code to fix CVE-20213121.
Verification
No functional change.