[EAUX-1241] Kong Pongo Update #12

SomnolentKalash · 2024-10-01T10:35:21Z

Added Support for Kong Pongo Update

(cherry picked from commit 0946396)

(cherry picked from commit 951a202)

(cherry picked from commit 84483ed)

(cherry picked from commit 00ef1fb)

(cherry picked from commit ce1d655)

(cherry picked from commit 6e83979)

(cherry picked from commit 1cec92d)

(cherry picked from commit 5df4121)

(cherry picked from commit d0b53c7)

(cherry picked from commit 3e22953)

(cherry picked from commit 9ffccbd)

(cherry picked from commit 09349cb)

(cherry picked from commit c303e2c)

(cherry picked from commit 627c91d)

(cherry picked from commit 14faa2a)

(cherry picked from commit e5b9732)

(cherry picked from commit 27d70dd)

(cherry picked from commit 33a50aa)

(cherry picked from commit 0e7bc94)

(cherry picked from commit f817310)

(cherry picked from commit cafc73c)

(cherry picked from commit 773ca69)

(cherry picked from commit 63ba8a6)

(cherry picked from commit 0697a37)

(cherry picked from commit 7ff9b38)

(cherry picked from commit db730e2)

(cherry picked from commit d33f43e)

(cherry picked from commit c7658bd)

Speeds up build and reduces image size. (cherry picked from commit 8409030)

Speeds up build and reduces image size. (cherry picked from commit b2380fc)

(cherry picked from commit e1a57c7)

(cherry picked from commit 07e16a4)

(cherry picked from commit ec49714)

(cherry picked from commit 6c90361)

(cherry picked from commit e2f312e)

(cherry picked from commit 5d658c5)

(cherry picked from commit af563c4)

(cherry picked from commit 779b50a)

… for busted tests KAG-5187 (cherry picked from commit 63fb02b)

(cherry picked from commit 4040563)

(cherry picked from commit ccb677a)

(cherry picked from commit 65b8de0)

(cherry picked from commit 77c4125)

eg. using 3.4.x.x would resolve to 3.4.3.2 instead of 3.4.3.12 due to the double digit patch version. (cherry picked from commit 7c5916a)

(cherry picked from commit d769c74)

(cherry picked from commit b10fea7)

…-compose for busted tests" This reverts commit 63fb02b. (cherry picked from commit 54d8e9a)

…r command" This reverts commit 779b50a. (cherry picked from commit 3924625)

(cherry picked from commit d9f36cd)

… for busted tests KAG-5187 (cherry picked from commit 893a851)

(cherry picked from commit 6ce752c)

(cherry picked from commit fb9d5b8)

semgrep-app · 2024-10-01T12:59:45Z

assets/docker-compose.yml

+    image: ${POSTGRES_IMAGE:-postgres:13}
    environment:


Use of non-harbor in base image is not allowed

_{🔴 Fix or ignore this finding to merge your pull request.}
_{Ignore this finding from custom-docker-base-image-check-docker-compose.}

semgrep-app · 2024-10-01T13:03:56Z

Semgrep found 63 ssc-10a84674-202a-46d1-bb07-4c1c38a464f7 findings:

kong-versions/3.6.1.6/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.7.0.0/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.2/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.4.7/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.3.11/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.7.1.2/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.3.5/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.2.2.5/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.3.12/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.4.4/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.3.3/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.6.1.0/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.2.2.3/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.5/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.1.1/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.4.6/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.4.12/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.3.9/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.4.5/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.4/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.5.0.7/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.7.0/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.3.6/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.8.0/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.4.8/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.7.1/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.1.0/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.4.11/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.5.0.4/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.3.2/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.1/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.4.10/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.1.1.6/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.3.8/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.1.1.5/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.4.3/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.6.1.2/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.5.0.3/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.6.0/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.3.7/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.3.1.1/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.5.0.1/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.5.0.2/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.5.0/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.6.0.0/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.2.0/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/2.8.4.9/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.3.1/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.2.2.1/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.5.0.6/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.2.2.4/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.2.2.2/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.4.3.4/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.6.1.4/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.6.1.3/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.8.0.0/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.6.1.5/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.6.1.1/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.6.1.7/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.6.1/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.5.0.0/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.5.0.5/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage
kong-versions/3.7.1.1/kong/spec/fixtures/grpc/target/go.mod
- L8 - Triage

Risk: Affected versions of google.golang.org/grpc are vulnerable to Uncontrolled Resource Consumption. An attacker can force the gRPC-Go server to launch more concurrent method handlers than the configured maximum stream limit by executing a combination of sending, canceling, and re-sending HTTP/2 requests.

Fix: Upgrade this library to at least version 1.56.3 at kong-pongo/kong-versions/3.6.1.6/kong/spec/fixtures/grpc/target/go.mod:8.

Reference(s): GHSA-m425-mq94-257g, CVE-2023-44487

_{⚪️ This finding does not block your pull request.}
_{Ignore this finding from ssc-10a84674-202a-46d1-bb07-4c1c38a464f7.}

Semgrep found 6 ssc-5a557c33-4191-4714-a574-8efb44cf209b findings:

kong-versions/3.3.1.1/kong/spec-ee/kong-api-tests/package-lock.json
- L4566 - Triage
kong-versions/3.4.1.0/kong/spec-ee/kong-api-tests/package-lock.json
- L4582 - Triage
kong-versions/3.4.1.1/kong/spec-ee/kong-api-tests/package-lock.json
- L4582 - Triage
kong-versions/3.4.2.0/kong/spec-ee/kong-api-tests/package-lock.json
- L4582 - Triage
kong-versions/3.4.3.1/kong/spec-ee/kong-api-tests/package-lock.json
- L4582 - Triage
kong-versions/3.4.3.2/kong/spec-ee/kong-api-tests/package-lock.json
- L4582 - Triage

Risk: Affected version of get-func-name is vulnerable to Uncontrolled Resource Consumption / Inefficient Regular Expression Complexity. The current regex implementation for parsing values in the module is susceptible to excessive backtracking, leading to potential DoS attacks.

Fix: Upgrade this library to at least version 2.0.1 at kong-pongo/kong-versions/3.3.1.1/kong/spec-ee/kong-api-tests/package-lock.json:4566.

Reference(s): GHSA-4q6p-r6v2-jvc5, CVE-2023-43646

_{⚪️ This finding does not block your pull request.}
_{Ignore this finding from ssc-5a557c33-4191-4714-a574-8efb44cf209b.}

outsinre and others added 30 commits September 25, 2024 17:47

feat(version) added Kong Enterprise version 3.1.1.5

2156d76

(cherry picked from commit 0946396)

chore(version) added Kong Enterprise version 3.1.1.5 artifacts

81029ee

(cherry picked from commit 951a202)

feat(version) added Kong Enterprise version 2.8.4.3

19b0f44

(cherry picked from commit 84483ed)

chore(version) added Kong Enterprise version 2.8.4.3 artifacts

fa65466

(cherry picked from commit 00ef1fb)

feat(version) added Kong Enterprise version 3.2.2.4

c0f363a

(cherry picked from commit ce1d655)

chore(version) added Kong Enterprise version 3.2.2.4 artifacts

cb6f961

(cherry picked from commit 6e83979)

feat(version) added Kong Enterprise version 3.2.2.1

7fe71f5

(cherry picked from commit 1cec92d)

chore(version) added Kong Enterprise version 3.2.2.1 artifacts

f928ff9

(cherry picked from commit 5df4121)

feat(version) added Kong Enterprise version 3.2.2.2

8791caf

(cherry picked from commit d0b53c7)

chore(version) added Kong Enterprise version 3.2.2.2 artifacts

0102e06

(cherry picked from commit 3e22953)

feat(version) added Kong Enterprise version 3.2.2.3

e53be33

(cherry picked from commit 9ffccbd)

chore(version) added Kong Enterprise version 3.2.2.3 artifacts

7e671bb

(cherry picked from commit 09349cb)

feat(version) added Kong open source version 3.4.1

682a97a

(cherry picked from commit c303e2c)

chore(version) added Kong open source version 3.4.1 artifacts

ee18961

(cherry picked from commit 627c91d)

feat(version) added Kong Enterprise version 3.4.1.0

d74b0b8

(cherry picked from commit 14faa2a)

chore(version) added Kong Enterprise version 3.4.1.0 artifacts

2f462fb

(cherry picked from commit e5b9732)

feat(version) added Kong open source version 2.8.4

a0d23b6

(cherry picked from commit 27d70dd)

chore(version) added Kong open source version 2.8.4 artifacts

55620f2

(cherry picked from commit 33a50aa)

feat(version) added Kong Enterprise version 3.4.1.1

2fd1fbb

(cherry picked from commit 0e7bc94)

chore(version) added Kong Enterprise version 3.4.1.1 artifacts

52f4de5

(cherry picked from commit f817310)

feat(version) added Kong Enterprise version 2.8.4.4

36be12a

(cherry picked from commit cafc73c)

chore(version) added Kong Enterprise version 2.8.4.4 artifacts

d979a02

(cherry picked from commit 773ca69)

feat(version) added Kong Enterprise version 3.1.1.6

82a6db5

(cherry picked from commit 63ba8a6)

chore(version) added Kong Enterprise version 3.1.1.6 artifacts

bfaec12

(cherry picked from commit 0697a37)

feat(version) added Kong Enterprise version 3.2.2.5

28bdcd5

(cherry picked from commit 7ff9b38)

chore(version) added Kong Enterprise version 3.2.2.5 artifacts

9a34c52

(cherry picked from commit db730e2)

feat(version) added Kong Enterprise version 3.3.1.1

8b9b1a9

(cherry picked from commit d33f43e)

chore(version) added Kong Enterprise version 3.3.1.1 artifacts

86c1ba3

(cherry picked from commit c7658bd)

fix(deps) install pip without build-essential

47f1b19

Speeds up build and reduces image size. (cherry picked from commit 8409030)

fix(deps) install pip without build-essential

c5c618b

Speeds up build and reduces image size. (cherry picked from commit b2380fc)

Tieske and others added 25 commits September 25, 2024 19:32

release 2.12.0

33ebcfe

(cherry picked from commit e1a57c7)

feat(version) added Kong Enterprise version 3.6.1.7

fa27841

(cherry picked from commit 07e16a4)

chore(version) added Kong Enterprise version 3.6.1.7 artifacts

fab3494

(cherry picked from commit ec49714)

feat(version) added Kong Enterprise version 2.8.4.12

652c682

(cherry picked from commit 6c90361)

chore(version) added Kong Enterprise version 2.8.4.12 artifacts

a69964d

(cherry picked from commit e2f312e)

feat(version) added Kong Enterprise version 3.4.3.12

61e82f5

(cherry picked from commit 5d658c5)

chore(version) added Kong Enterprise version 3.4.3.12 artifacts

e235f08

(cherry picked from commit af563c4)

fix(redis): disabling protected mode and explicit redis-server command

41d92d0

(cherry picked from commit 779b50a)

feat(docker-compose): add FIPS environment variable to docker-compose…

c06a02d

… for busted tests KAG-5187 (cherry picked from commit 63fb02b)

feat(version) added Kong Enterprise version 3.8.0.0

f734720

(cherry picked from commit 4040563)

chore(version) added Kong Enterprise version 3.8.0.0 artifacts

18aadd0

(cherry picked from commit ccb677a)

feat(version) added Kong open source version 3.8.0

7afb2f9

(cherry picked from commit 65b8de0)

chore(version) added Kong open source version 3.8.0 artifacts

de814ba

(cherry picked from commit 77c4125)

fix(*): properly resolve versions in double-digit case

9ce609b

eg. using 3.4.x.x would resolve to 3.4.3.2 instead of 3.4.3.12 due to the double digit patch version. (cherry picked from commit 7c5916a)

fix(docker-compose): remove deprecated version key

708dd72

(cherry picked from commit d769c74)

add changelog entry

be6ceef

(cherry picked from commit b10fea7)

Revert "feat(docker-compose): add FIPS environment variable to docker…

0e47c32

…-compose for busted tests" This reverts commit 63fb02b. (cherry picked from commit 54d8e9a)

Revert "fix(redis): disabling protected mode and explicit redis-serve…

74dc7d2

…r command" This reverts commit 779b50a. (cherry picked from commit 3924625)

release 2.13.0

a200eb1

(cherry picked from commit d9f36cd)

feat(docker-compose): add FIPS environment variable to docker-compose…

19db0a0

… for busted tests KAG-5187 (cherry picked from commit 893a851)

remove env KONG_TEST_LICENSE_PATH

d53d4ab

(cherry picked from commit 6ce752c)

release 2.14.0

a6cb674

(cherry picked from commit fb9d5b8)

Update Postgres docker compose to allow DB Migrations

1abd8a0

Revert Disable Health Check Changes

97b6fe9

Revert Disable Health Check Changes

3377d17

SomnolentKalash self-assigned this Oct 1, 2024

semgrep-app bot reviewed Oct 1, 2024

View reviewed changes

SomnolentKalash added 2 commits October 3, 2024 17:18

Remove setting mlcache lru to nil as it is used by event processor

fb498f8

Updating Kong OSS TAG

0efee8e

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[EAUX-1241] Kong Pongo Update #12

[EAUX-1241] Kong Pongo Update #12

SomnolentKalash commented Oct 1, 2024

semgrep-app bot Oct 1, 2024

semgrep-app bot commented Oct 1, 2024

[EAUX-1241] Kong Pongo Update #12

Are you sure you want to change the base?

[EAUX-1241] Kong Pongo Update #12

Conversation

SomnolentKalash commented Oct 1, 2024

semgrep-app bot Oct 1, 2024

Choose a reason for hiding this comment

semgrep-app bot commented Oct 1, 2024