Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: CVE by upgrading some dependencies. #34462

Merged
merged 1 commit into from
Jul 16, 2024
Merged

fix: CVE by upgrading some dependencies. #34462

merged 1 commit into from
Jul 16, 2024

Conversation

xiaofan-luan
Copy link
Contributor

@xiaofan-luan xiaofan-luan commented Jul 6, 2024
edited
Loading

fix #34434 and #34456
upgrade otelgrpc to fix CVE
@sre-ci-robot sre-ci-robot added the size/L Denotes a PR that changes 100-499 lines. label Jul 6, 2024
@sre-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: xiaofan-luan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment
@xiaofan-luan xiaofan-luan added the priority/urgent Must be staffed and worked on either currently, or very soon, ideally in time for the next release. label Jul 6, 2024
@sre-ci-robot sre-ci-robot added the area/dependency Pull requests that update a dependency file label Jul 6, 2024
@mergify Mergify
Copy link
Contributor

mergify bot commented Jul 6, 2024

@xiaofan-luan

Invalid PR Title Format Detected

Your PR submission does not adhere to our required standards. To ensure clarity and consistency, please meet the following criteria:

  1. Title Format: The PR title must begin with one of these prefixes:
  • feat: for introducing a new feature.
  • fix: for bug fixes.
  • enhance: for improvements to existing functionality.
  • test: for add tests to existing functionality.
  • doc: for modifying documentation.
  • auto: for the pull request from bot.
  1. Description Requirement: The PR must include a non-empty description, detailing the changes and their impact.

Required Title Structure:

[Type]: [Description of the PR]

Where Type is one of feat, fix, enhance, test or doc.

Example:

enhance: improve search performance significantly

Please review and update your PR to comply with these guidelines.
@xiaofan-luan xiaofan-luan added kind/bug Issues or changes related a bug and removed dco-passed DCO check passed. do-not-merge/invalid-pr-format labels Jul 6, 2024
@mergify Mergify
Copy link
Contributor

mergify bot commented Jul 6, 2024

@xiaofan-luan E2e jenkins job failed, comment /run-cpu-e2e can trigger the job again.
@weiZhenkun
Copy link
Contributor

fix: #34547
@xiaofan-luan
fix: CVE issue of trace
6b09056 
Signed-off-by: xiaofanluan <xiaofan.luan@zilliz.com>
@mergify mergify bot added the ci-passed label Jul 15, 2024
@xiaofan-luan xiaofan-luan changed the title Fix CVE by upgrading some dependencies. Jul 15, 2024
@mergify mergify bot removed the ci-passed label Jul 15, 2024
@codecov Codecov
Copy link

codecov bot commented Jul 15, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 77.88%. Comparing base (48898ce) to head (6b09056).
Report is 10 commits behind head on master.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##           master   #34462      +/-   ##
==========================================
- Coverage   84.48%   77.88%   -6.61%     
==========================================
  Files         876     1135     +259     
  Lines      116033   139866   +23833     
==========================================
+ Hits        98032   108936   +10904     
- Misses      13679    26457   +12778     
- Partials     4322     4473     +151

see 482 files with indirect coverage changes
@mergify Mergify
Copy link
Contributor

mergify bot commented Jul 15, 2024

@xiaofan-luan E2e jenkins job failed, comment /run-cpu-e2e can trigger the job again.
@mergify mergify bot added the ci-passed label Jul 15, 2024
@czs007
Copy link
Contributor

czs007 commented Jul 16, 2024

/lgtm
@czs007 czs007 added the PR | need cherry-pick need cherry pick to other branches label Jul 16, 2024
@sre-ci-robot sre-ci-robot merged commit be7760a into milvus-io:master Jul 16, 2024
11 of 12 checks passed
@chyezh chyezh mentioned this pull request Jul 16, 2024
Merged
sre-ci-robot pushed a commit that referenced this pull request Jul 16, 2024
@chyezh
fix: ut failure for grpc upgrade (#34726)
3306bc2 
issue: #34462

Signed-off-by: chyezh <chyezh@outlook.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved area/dependency Pull requests that update a dependency file ci-passed dco-passed DCO check passed. kind/bug Issues or changes related a bug lgtm PR | need cherry-pick need cherry pick to other branches priority/urgent Must be staffed and worked on either currently, or very soon, ideally in time for the next release. size/L Denotes a PR that changes 100-499 lines.
4 participants
@xiaofan-luan @sre-ci-robot @weiZhenkun @czs007