-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Security upgrade golang from 1.14 to 1.17.13 #46
base: master
Are you sure you want to change the base?
Commits on Nov 11, 2017
-
* Add Circle Config * Touch to build * Move to expected path * Use Docker Command * Do it all here then * Env * Add Readme * Actual README
Configuration menu - View commit details
-
Copy full SHA for 572d395 - Browse repository at this point
Copy the full SHA 572d395View commit details -
Configuration menu - View commit details
-
Copy full SHA for a76538c - Browse repository at this point
Copy the full SHA a76538cView commit details
Commits on Jan 14, 2021
-
* Add Circle Config * Touch to build * Move to expected path * Use Docker Command * Do it all here then * Env * Add Readme * Actual README
Configuration menu - View commit details
-
Copy full SHA for e6bc43c - Browse repository at this point
Copy the full SHA e6bc43cView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3a4bbdd - Browse repository at this point
Copy the full SHA 3a4bbddView commit details
Commits on Jan 22, 2021
-
Configuration menu - View commit details
-
Copy full SHA for abe715e - Browse repository at this point
Copy the full SHA abe715eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 4f20c4a - Browse repository at this point
Copy the full SHA 4f20c4aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1965020 - Browse repository at this point
Copy the full SHA 1965020View commit details
Commits on Jan 26, 2021
-
* Add Docker Compose File (#27) * docs: match envoy docs for remote_address ratelimiting (#29) * docs: document dependency on gostats (#30) * test and document whitelist behavior (#31) Signed-off-by: Daniel Hochman <[email protected]> * update dependencies (#35) * update dependencies * proto: use the proto defined in data-plane-api (#39) * proto: check in protos to allow importing ratelimit as a library (#40) * docs: update contact info (#42) * redis: add the option to use a separate redis pool for per second limits (#41) * fix duplicate mv (#43) * docker: upgrade docker-compose setup (#46) * Add gRPC health check (#47) * logging: set log level (#50) * go version: update to 1.11 (#53) * docker compose: expose gRPC port on docker compose setup (#55) * Configuration to ignore dotfiles. (#52) This allows ratelimit to run on Kubernetes with configuration from a configmap. * Add Dockerfile to enable builds (#58) Signed-off-by: Steve Sloka <[email protected]> * ci: fix build (#73) Fixes envoyproxy#71 Signed-off-by: Matt Klein <[email protected]> * Run unit and integration tests with race detector enabled (#65) * deps: update several of ratelimit's dependencies (#76) * add stalebot (#78) Signed-off-by: Matt Klein <[email protected]> * docs: fix example 4 sample config (#79) * fix redis-server binary name (envoyproxy#88) * Fix build Dockerfile (envoyproxy#98) Fix problem: src/service_cmd/runner/runner.go:10:2: cannot find package "github.com/lyft/ratelimit/proto/ratelimit" in any of: /usr/local/go/src/github.com/lyft/ratelimit/vendor/github.com/lyft/ratelimit/proto/ratelimit (vendor tree) /usr/local/go/src/vendor/github.com/lyft/ratelimit/proto/ratelimit /usr/local/go/src/github.com/lyft/ratelimit/proto/ratelimit (from $GOROOT) /go/src/github.com/lyft/ratelimit/proto/ratelimit (from $GOPATH) The command '/bin/sh -c go build -o /usr/local/bin/ratelimit src/service_cmd/main.go' returned a non-zero code: 1 * Redis TLS and Auth support (envoyproxy#96) This adds support for TLS connections to redis as well as support for authentication. Somewhat related to issue #61 * healthcheck: allow customizable healthcheck name (envoyproxy#102) Description: this patch allows a consumer of the server package to customize the name of the healthchecker. Signed-off-by: Jose Nino <[email protected]> * health: make a few more types public (envoyproxy#104) Description: envoyproxy#102 allowed for some customization. This PR makes the types public so that other servers can use this implementation. Signed-off-by: Jose Nino <[email protected]> * Add local cache to store whether it is over the limit (envoyproxy#111) * Plugin statstore into runner (envoyproxy#115) * fix: support auth without tls (envoyproxy#116) Signed-off-by: tangxinfa <[email protected]> * add local cache stats (envoyproxy#114) * Move license to templated Apache-2.0 (envoyproxy#123) Signed-off-by: Derek Schaller <[email protected]> * Enable go modules (envoyproxy#124) Signed-off-by: Steve Sloka <[email protected]> * CI: Github Actions (envoyproxy#127) Signed-off-by: Steve Sloka <[email protected]> * community: update contributing guide (envoyproxy#139) Fixes envoyproxy#138 Signed-off-by: Matt Klein <[email protected]> * add http 1 `/json` endpoint (envoyproxy#136) Signed-off-by: David Black <[email protected]> * Use mockgen version from go.mod instead of from "make bootstrap" (envoyproxy#143) Even though the Makefile wants to encourage using [email protected], it seems like the mocks have been generated using a pre-1.0 version of mockgen. Using "go run github.com/golang/mock/mockgen" as a go:generate command instead of just "mockgen" avoids the need to pre-install into the developer's $PATH and uses the go.mod-specified version Signed-off-by: David Weitzman <[email protected]> * Upgrade gostats dependency from 0.2.6 to 0.4.0 (envoyproxy#141) My interest is the UDP protocol support which appeared in gotstats 0.3.10 There's a breaking change as of https://github.com/lyft/gostats/releases/tag/v0.3.0 which is that gostats no longer publishes stats as expvars. Signed-off-by: David Weitzman <[email protected]> * Upgrade radix (envoyproxy#137) Signed-off-by: Tong Cai <[email protected]> * cache_impl_test.go: fix failing test with ipv6 (envoyproxy#144) A newly-added test in envoyproxy#137 checks the exact text of an error message which seems to vary when the network is tcp4 vs tcp6. This change relaxes the assertion to look for "connection refused" in a panic without making assumptions about what an IP address looks like. Example failure: --- FAIL: TestNewClientImpl (0.00s) --- FAIL: TestNewClientImpl/connection_refused (0.00s) cache_impl_test.go:442: Error Trace: cache_impl_test.go:442 Error: func (assert.PanicTestFunc)(0x1724110) should panic with error message: "dial tcp 127.0.0.1:12345: connect: connection refused" Panic value: "dial tcp [::1]:12345: connect: connection refused" Panic stack: goroutine 27 [running]: The testify assert package doesn't seem to support inexact matching on error messages, so the code gets a bit uglier than before. Signed-off-by: David Weitzman <[email protected]> * Split redis-specific logic from generic key-value store logic (envoyproxy#142) This is a pure refactoring with no behavior changes. It's a step toward being able to add memcache as a backend (see envoyproxy#140). This PR moves RateLimitCache from the redis package to a new "limiter" package, along with code for time/jitter, local cache stats, and constructing cache keys. All that can be reused with memcache. After this PR, the redis package is imported in exactly two places: - in service_cmd/runner/runner.go to call redis.NewRateLimiterCacheImplFromSettings() - in service/ratelimit.go in ShouldRateLimit to identify if a recovered panic is a redis.RedisError. If so, a stat is incremented and the panic() propagation is ended and in favor of returning the error as a the function result. The PR also includes changes by goimports to test/service/ratelimit_test.go so that the difference between package name vs file path name is explicit instead of implicit. Signed-off-by: David Weitzman <[email protected]> * json handler: return full ratelimit service response as json (envoyproxy#148) Previously an HTTP POST to /json would only return an HTTP status code, not all the other details supported by grpc ratelimit responses. With this change an HTTP POST to /json receives the full proto3 response encoded as json by jsonpb. It seems unlikely that anyone would be parsing the text "over limit" from the HTTP body instead of just reading the 429 response code, but for anyone doing that this would be a breaking change. Signed-off-by: David Weitzman <[email protected]> * Update goruntime to latest, 0.2.5. Add new config for watching changes in runtime config folder directly instead of the runtime root dir. (envoyproxy#151) Signed-off-by: Yuki Sawa <[email protected]> * Drop support for legacy ratelimit.proto and upgrade to v3 rls.proto (envoyproxy#153) Signed-off-by: Petr Pchelko <[email protected]> * Followups to v3 upgrade (envoyproxy#155) - Regenerate mocks based on new default protocol - Manually transform v2 messages to v3 messages - some of the fields were renamed thus json Marshal/Unmarshal does not work anymore - Added tests that verify conversion v2<->v3 works for headers fields - Update tests to use proto.Equal - simple assert.Equals might not work correctly for protobuf messages. Signed-off-by: Petr Pchelko <[email protected]> * Introduce a Dockerfile for running integration tests (envoyproxy#156) This diff creates Dockerfile.integration for running integration tests with clearly-defined dependencies. Previously the dependencies of the integration tests were defined within the github actions config. The new "make docker_tests" target should work for any developer with Docker installed. Previously there was no single command that would run integration tests across platforms, which makes development and onboarding harder. Even copying the command from github actions wouldn't have worked before, since that command quietly assumed that redis was already running on port 6379. Signed-off-by: David Weitzman <[email protected]> * Add support for rate limit overrides. (envoyproxy#158) Fixes envoyproxy#154 Signed-off-by: Petr Pchelko <[email protected]> * redis client: default to use explicit pipelining (envoyproxy#163) Signed-off-by: Tong Cai <[email protected]> * Clean go.mod file and update logrus to latest (envoyproxy#166) Signed-off-by: Yuki Sawa <[email protected]> * Add full test environment example. Fix bug in existing docker-compose. (envoyproxy#170) Signed-off-by: Yuki Sawa <[email protected]> * Implement LOG_FORMAT=json (envoyproxy#173) Centralized log collection system works better with logs in json format. E.g. DataDog strongly encourage setting up your logging library to produce your logs in JSON format to avoid the need for custom parsing rules. So, the next small fix is all we need to get json logs. Signed-off-by: Sergey Belyaev <[email protected]> * ci: Update github action to push docker image tagged with sha for each merge to master branch (envoyproxy#176) Updates the github action to also push a tagged image based upon the git sha. The tag also includes the current version of the release. Example tag: envoyproxy/ratelimit:f1758150b6dfed3e5c0ae13fb7bb6b8f6ae00b0e Fixes envoyproxy#174 Signed-off-by: Steve Sloka <[email protected]> * Update README.md to refer to existing files (envoyproxy#178) Signed-off-by: Margaret Gorguissian <[email protected]> * Add redis cluster and sentinel support (envoyproxy#179) Signed-off-by: Diego Erdody <[email protected]> * Add support for x-ratelimit-reset header (envoyproxy#182) Signed-off-by: Clara Andrew-Wani <[email protected]> * Create repokitteh.star (envoyproxy#187) Signed-off-by: Itay Donanhirsh <[email protected]> * refactor NearLimitRatio to environment variable (envoyproxy#186) Signed-off-by: zufardhiyaulhaq <[email protected]> * Fix flakey tests with DurationUntilReset. Update docker example to V3 config. (envoyproxy#192) Signed-off-by: Yuki Sawa <[email protected]> * Separate Redis cache and driver implementation (envoyproxy#194) Signed-off-by: William Albertus Dembo <[email protected]> * Set ratelimit filter to v3 api (envoyproxy#196) Signed-off-by: Yuki Sawa <[email protected]> * Add debug logging to indicate descriptor and limit (envoyproxy#197) Signed-off-by: Sasha Kulbii <[email protected]> * Implement BACKEND_TYPE=memcache as an alternative k/v store to redis (envoyproxy#172) MEMCACHE_HOST_PORT=host:port must be set with BACKEND_TYPE=memcache To minimize roundtrips when getting multiple keys, the memcache implementation does a GetMulti to fetch the existing rate limit usage and does increments asynchronously in background goroutines, since the memcache API doesn't offer multi-increment. Resolves envoyproxy#140 Signed-off-by: David Weitzman <[email protected]> * Refactoring of duplicated code across backend types (envoyproxy#202) Signed-off-by: Kateryna Nezdolii <[email protected]> * Small typo fix in README (envoyproxy#204) Signed-off-by: cpaika <[email protected]> * Circle CI (#1) * Add Circle Config * Touch to build * Move to expected path * Use Docker Command * Do it all here then * Env * Add Readme * Actual README * Add Docker Compose (#2) * VAULT-893 Fix docker-compose.yml * VAULT-893 Fix docker-compose.yml Co-authored-by: Marshall Jones <[email protected]> Co-authored-by: Jose Ulises Nino Rivera <[email protected]> Co-authored-by: Daniel Hochman <[email protected]> Co-authored-by: Martien Verbruggen <[email protected]> Co-authored-by: Ben Pope <[email protected]> Co-authored-by: Steve Sloka <[email protected]> Co-authored-by: Matt Klein <[email protected]> Co-authored-by: Charlie Vieth <[email protected]> Co-authored-by: Adil Hafeez <[email protected]> Co-authored-by: Kartograf <[email protected]> Co-authored-by: repl-david-winiarski <[email protected]> Co-authored-by: Junchao Lyu <[email protected]> Co-authored-by: tangxinfa <[email protected]> Co-authored-by: Steve Sloka <[email protected]> Co-authored-by: Matt Klein <[email protected]> Co-authored-by: dblackdblack <[email protected]> Co-authored-by: David Weitzman <[email protected]> Co-authored-by: Tong Cai <[email protected]> Co-authored-by: Yuki Sawa <[email protected]> Co-authored-by: Petr Pchelko <[email protected]> Co-authored-by: Petr Pchelko <[email protected]> Co-authored-by: Sergey Belyaev <[email protected]> Co-authored-by: Margaret G <[email protected]> Co-authored-by: Diego Erdody <[email protected]> Co-authored-by: Clara <[email protected]> Co-authored-by: Itay Donanhirsh <[email protected]> Co-authored-by: Zufar Dhiyaulhaq <[email protected]> Co-authored-by: William Albertus Dembo <[email protected]> Co-authored-by: Alex Kulbii <[email protected]> Co-authored-by: Kateryna Nezdolii <[email protected]> Co-authored-by: Christopher <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for d75e005 - Browse repository at this point
Copy the full SHA d75e005View commit details -
Configuration menu - View commit details
-
Copy full SHA for 662c34b - Browse repository at this point
Copy the full SHA 662c34bView commit details -
Merge branch 'rebase_2021_01_08' into VAULT-893_supervisord
# Conflicts: # docker-compose.yml
Configuration menu - View commit details
-
Copy full SHA for 777cee9 - Browse repository at this point
Copy the full SHA 777cee9View commit details
Commits on Feb 4, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 40f3dc1 - Browse repository at this point
Copy the full SHA 40f3dc1View commit details
Commits on Feb 5, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 572ef69 - Browse repository at this point
Copy the full SHA 572ef69View commit details
Commits on Feb 10, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 30908a5 - Browse repository at this point
Copy the full SHA 30908a5View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3949b29 - Browse repository at this point
Copy the full SHA 3949b29View commit details -
Configuration menu - View commit details
-
Copy full SHA for c9c77d5 - Browse repository at this point
Copy the full SHA c9c77d5View commit details -
Configuration menu - View commit details
-
Copy full SHA for ea219ef - Browse repository at this point
Copy the full SHA ea219efView commit details -
Configuration menu - View commit details
-
Copy full SHA for 7ddb470 - Browse repository at this point
Copy the full SHA 7ddb470View commit details -
Merge pull request #3 from Iapetus999/VAULT-893_supervisord
VAULT-893 Supervisord
Configuration menu - View commit details
-
Copy full SHA for b1c76a9 - Browse repository at this point
Copy the full SHA b1c76a9View commit details
Commits on Feb 11, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 0f5f08d - Browse repository at this point
Copy the full SHA 0f5f08dView commit details -
Configuration menu - View commit details
-
Copy full SHA for e52bd90 - Browse repository at this point
Copy the full SHA e52bd90View commit details -
Merge pull request #5 from verygoodsecurity/update_cci_yaml
Update config.yml
Configuration menu - View commit details
-
Copy full SHA for 8d07402 - Browse repository at this point
Copy the full SHA 8d07402View commit details -
Configuration menu - View commit details
-
Copy full SHA for e8e0a93 - Browse repository at this point
Copy the full SHA e8e0a93View commit details -
Merge pull request #6 from Iapetus999/more_build_fixes
VAULT-893 More build fixes
Configuration menu - View commit details
-
Copy full SHA for 75f07da - Browse repository at this point
Copy the full SHA 75f07daView commit details -
Configuration menu - View commit details
-
Copy full SHA for 81e30e5 - Browse repository at this point
Copy the full SHA 81e30e5View commit details -
Merge pull request #7 from Iapetus999/another_build_fix
VAULT-893 Another build fix
Configuration menu - View commit details
-
Copy full SHA for cd65c23 - Browse repository at this point
Copy the full SHA cd65c23View commit details -
Configuration menu - View commit details
-
Copy full SHA for 979c3bf - Browse repository at this point
Copy the full SHA 979c3bfView commit details -
Merge pull request #8 from Iapetus999/try_attach_workspace
VAULT-893 Attach workspace
Configuration menu - View commit details
-
Copy full SHA for 7cf78ff - Browse repository at this point
Copy the full SHA 7cf78ffView commit details
Commits on Feb 17, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 8edcc28 - Browse repository at this point
Copy the full SHA 8edcc28View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8787de7 - Browse repository at this point
Copy the full SHA 8787de7View commit details
Commits on Mar 1, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 5e4078e - Browse repository at this point
Copy the full SHA 5e4078eView commit details
Commits on Jul 15, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 05f6e87 - Browse repository at this point
Copy the full SHA 05f6e87View commit details
Commits on Aug 2, 2021
-
Configuration menu - View commit details
-
Copy full SHA for 557e8bb - Browse repository at this point
Copy the full SHA 557e8bbView commit details -
Merge pull request #14 from verygoodsecurity/override-stats-fix
Fix memory leak related to stats collection
Zinovii Dmytriv authoredAug 2, 2021 Configuration menu - View commit details
-
Copy full SHA for df167d4 - Browse repository at this point
Copy the full SHA df167d4View commit details
Commits on Aug 3, 2022
-
fix: Dockerfile.integration to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-DEBIAN10-DPKG-2847944 - https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-1569403 - https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-2807585 - https://snyk.io/vuln/SNYK-DEBIAN10-OPENSSL-2933515 - https://snyk.io/vuln/SNYK-DEBIAN10-SUBVERSION-2635642
Configuration menu - View commit details
-
Copy full SHA for 13242a9 - Browse repository at this point
Copy the full SHA 13242a9View commit details