From b8cd30629b5dc0f188c076a387c7cca05399c7d2 Mon Sep 17 00:00:00 2001 From: Sitaram Kalluri Date: Mon, 4 Sep 2023 09:54:08 +0530 Subject: [PATCH 01/12] feat: Implement RateLimiter into enroll_verb_handler and add unit test --- .../at_secondary_server/config/config.yaml | 6 +- .../inbound/dummy_inbound_connection.dart | 12 ++ .../inbound/inbound_connection_impl.dart | 44 ++++++ .../exception/global_exception_handler.dart | 3 +- .../lib/src/server/at_secondary_config.dart | 70 +++++++++- .../lib/src/server/at_secondary_impl.dart | 8 ++ .../src/verb/handler/enroll_verb_handler.dart | 6 + packages/at_secondary_server/pubspec.yaml | 6 +- .../test/inbound_connection_impl_test.dart | 44 ++++++ .../src/connection/inbound_connection.dart | 3 +- .../lib/src/rate_limiter/at_rate_limiter.dart | 18 +++ .../test/enroll_verb_test.dart | 126 +++++++++++++++++- 12 files changed, 333 insertions(+), 13 deletions(-) create mode 100644 packages/at_secondary_server/test/inbound_connection_impl_test.dart create mode 100644 packages/at_server_spec/lib/src/rate_limiter/at_rate_limiter.dart diff --git a/packages/at_secondary_server/config/config.yaml b/packages/at_secondary_server/config/config.yaml index 4c1cac706..4b27f99e4 100644 --- a/packages/at_secondary_server/config/config.yaml +++ b/packages/at_secondary_server/config/config.yaml @@ -154,4 +154,8 @@ testing: enrollment: # The maximum time in hours for an enrollment to expire, beyond which any action on enrollment is forbidden. # Default values is 48 hours. - expiryInHours: 48 \ No newline at end of file + expiryInHours: 48 + # The maximum number of requests allowed within the time window. + maxRequestsPerTimeFrame: 5 + # The duration of the time window in hours. + timeFrameInHours: 1 \ No newline at end of file diff --git a/packages/at_secondary_server/lib/src/connection/inbound/dummy_inbound_connection.dart b/packages/at_secondary_server/lib/src/connection/inbound/dummy_inbound_connection.dart index 8b06dc40a..f7b6f748b 100644 --- a/packages/at_secondary_server/lib/src/connection/inbound/dummy_inbound_connection.dart +++ b/packages/at_secondary_server/lib/src/connection/inbound/dummy_inbound_connection.dart @@ -1,12 +1,19 @@ import 'dart:io'; import 'package:at_secondary/src/connection/inbound/inbound_connection_metadata.dart'; +import 'package:at_secondary/src/server/at_secondary_config.dart'; import 'package:at_server_spec/at_server_spec.dart'; /// A dummy implementation of [InboundConnection] class which returns a dummy inbound connection. class DummyInboundConnection implements InboundConnection { var metadata = InboundConnectionMetadata(); + @override + int maxRequestsPerTimeFrame = AtSecondaryConfig.maxEnrollRequestsAllowed; + + @override + int timeFrameInMillis = AtSecondaryConfig.timeFrameInMills; + @override void acceptRequests(Function(String p1, InboundConnection p2) callback, Function(List, InboundConnection) streamCallback) {} @@ -54,4 +61,9 @@ class DummyInboundConnection implements InboundConnection { @override Socket? receiverSocket; + + @override + bool isRequestAllowed() { + return true; + } } diff --git a/packages/at_secondary_server/lib/src/connection/inbound/inbound_connection_impl.dart b/packages/at_secondary_server/lib/src/connection/inbound/inbound_connection_impl.dart index a19bf6b82..dafbae817 100644 --- a/packages/at_secondary_server/lib/src/connection/inbound/inbound_connection_impl.dart +++ b/packages/at_secondary_server/lib/src/connection/inbound/inbound_connection_impl.dart @@ -1,3 +1,4 @@ +import 'dart:collection'; import 'dart:io'; import 'dart:math'; @@ -5,6 +6,7 @@ import 'package:at_secondary/src/connection/base_connection.dart'; import 'package:at_secondary/src/connection/inbound/inbound_connection_metadata.dart'; import 'package:at_secondary/src/connection/inbound/inbound_connection_pool.dart'; import 'package:at_secondary/src/connection/inbound/inbound_message_listener.dart'; +import 'package:at_secondary/src/server/at_secondary_config.dart'; import 'package:at_secondary/src/server/server_context.dart'; import 'package:at_secondary/src/server/at_secondary_impl.dart'; import 'package:at_secondary/src/utils/logging_util.dart'; @@ -42,6 +44,17 @@ class InboundConnectionImpl extends BaseConnection late double lowWaterMarkRatio; late bool progressivelyReduceAllowableInboundIdleTime; + /// The maximum number of requests allowed within the specified time frame. + @override + late int maxRequestsPerTimeFrame; + + /// The duration of the time frame within which requests are limited. + @override + late int timeFrameInMillis; + + /// A list of timestamps representing the times when requests were made. + late final Queue requestTimestampQueue; + InboundConnectionImpl(Socket? socket, String? sessionId, {this.owningPool}) : super(socket) { metaData = InboundConnectionMetadata() @@ -69,6 +82,10 @@ class InboundConnectionImpl extends BaseConnection secondaryContext.authenticatedInboundIdleTimeMillis; authenticatedMinAllowableIdleTimeMillis = secondaryContext.authenticatedMinAllowableIdleTimeMillis; + + maxRequestsPerTimeFrame = AtSecondaryConfig.maxEnrollRequestsAllowed; + timeFrameInMillis = AtSecondaryConfig.timeFrameInMills; + requestTimestampQueue = Queue(); } /// Returns true if the underlying socket is not null and socket's remote address and port match. @@ -230,4 +247,31 @@ class InboundConnectionImpl extends BaseConnection metaData, 'SENT: ${BaseConnection.truncateForLogging(data)}')); } } + + @override + bool isRequestAllowed() { + int currentTimeInMills = DateTime.now().toUtc().millisecondsSinceEpoch; + _checkAndUpdateQueue(currentTimeInMills); + if (requestTimestampQueue.length < maxRequestsPerTimeFrame) { + requestTimestampQueue.addLast(currentTimeInMills); + return true; + } + return false; + } + + /// Checks and updates the request timestamp queue based on the current time. + /// + /// This method removes timestamps from the queue that are older than the specified + /// time window. + /// + /// [currentTimeInMillis] is the current time in milliseconds since epoch. + void _checkAndUpdateQueue(int currentTimeInMillis) { + if (requestTimestampQueue.isEmpty) return; + int calculatedTime = (currentTimeInMillis - requestTimestampQueue.first); + while (calculatedTime >= timeFrameInMillis) { + requestTimestampQueue.removeFirst(); + if (requestTimestampQueue.isEmpty) break; + calculatedTime = (currentTimeInMillis - requestTimestampQueue.first); + } + } } diff --git a/packages/at_secondary_server/lib/src/exception/global_exception_handler.dart b/packages/at_secondary_server/lib/src/exception/global_exception_handler.dart index ecfe7ec17..c3faead04 100644 --- a/packages/at_secondary_server/lib/src/exception/global_exception_handler.dart +++ b/packages/at_secondary_server/lib/src/exception/global_exception_handler.dart @@ -68,7 +68,8 @@ class GlobalExceptionHandler { exception is KeyNotFoundException || exception is AtConnectException || exception is SocketException || - exception is AtTimeoutException) { + exception is AtTimeoutException || + exception is AtThrottleLimitExceeded) { logger.info(exception.toString()); await _sendResponseForException(exception, atConnection); } else if (exception is InternalServerError) { diff --git a/packages/at_secondary_server/lib/src/server/at_secondary_config.dart b/packages/at_secondary_server/lib/src/server/at_secondary_config.dart index 5b004bb75..e3844660a 100644 --- a/packages/at_secondary_server/lib/src/server/at_secondary_config.dart +++ b/packages/at_secondary_server/lib/src/server/at_secondary_config.dart @@ -121,12 +121,22 @@ class AtSecondaryConfig { ? ConfigUtil.getPubspecConfig()!['version'] : null; - static final int _enrollmentExpiryInHours = 48; - static final Map _envVars = Platform.environment; static String? get secondaryServerVersion => _secondaryServerVersion; + // Enrollment Configurations + static const int _enrollmentExpiryInHours = 48; + static int _maxEnrollRequestsAllowed = 5; + + static final int _timeFrameInHours = 1; + + // For easy of testing, duration in hours is long. Hence introduced "timeFrameInMills" + // to have a shorter time frame. This is defaulted to "_timeFrameInHours", can be modified + // via the config verb + static int _timeFrameInMills = + Duration(hours: _timeFrameInHours).inMilliseconds; + static int get enrollmentExpiryInHours => _enrollmentExpiryInHours; // TODO: Medium priority: Most (all?) getters in this class return a default value but the signatures currently @@ -716,6 +726,54 @@ class AtSecondaryConfig { } } + static int get maxEnrollRequestsAllowed { + // For easy of testing purpose, we need to reduce the number of requests. + // So, in testing mode, enable to modify the "maxEnrollRequestsAllowed" + // can be set via the config verb + // Defaults to value in config.yaml + if (testingMode) { + return _maxEnrollRequestsAllowed; + } + var result = _getIntEnvVar('maxEnrollRequestsAllowed'); + if (result != null) { + return result; + } + try { + return getConfigFromYaml(['enrollment', 'maxRequestsPerTimeFrame']); + } on ElementNotFoundException { + return _maxEnrollRequestsAllowed; + } + } + + static set maxEnrollRequestsAllowed(int value) { + _maxEnrollRequestsAllowed = value; + } + + static int get timeFrameInMills { + // For easy of testing purpose, we need to reduce the time frame. + // So, in testing mode, enable to modify the "timeFrameInMills" + // can be set via the config verb + // Defaults to value in config.yaml + if (testingMode) { + return _timeFrameInMills; + } + var result = _getIntEnvVar('enrollTimeFrameInHours'); + if (result != null) { + return Duration(hours: result).inMilliseconds; + } + try { + return Duration( + hours: getConfigFromYaml(['enrollment', 'timeFrameInHours'])) + .inMilliseconds; + } on ElementNotFoundException { + return Duration(hours: _timeFrameInHours).inMilliseconds; + } + } + + static set timeFrameInMills(int timeWindowInMills) { + _timeFrameInMills = timeWindowInMills; + } + //implementation for config:set. This method returns a data stream which subscribers listen to for updates static Stream? subscribe(ModifiableConfigs configName) { if (testingMode) { @@ -786,6 +844,10 @@ class AtSecondaryConfig { return false; case ModifiableConfigs.doCacheRefreshNow: return false; + case ModifiableConfigs.maxRequestsPerTimeFrame: + return maxEnrollRequestsAllowed; + case ModifiableConfigs.timeFrameInMills: + return Duration(hours: _timeFrameInHours).inMilliseconds; } } @@ -866,7 +928,9 @@ enum ModifiableConfigs { maxNotificationRetries, checkCertificateReload, shouldReloadCertificates, - doCacheRefreshNow + doCacheRefreshNow, + maxRequestsPerTimeFrame, + timeFrameInMills } class ModifiableConfigurationEntry { diff --git a/packages/at_secondary_server/lib/src/server/at_secondary_impl.dart b/packages/at_secondary_server/lib/src/server/at_secondary_impl.dart index 932d65a54..bc20ae6e3 100644 --- a/packages/at_secondary_server/lib/src/server/at_secondary_impl.dart +++ b/packages/at_secondary_server/lib/src/server/at_secondary_impl.dart @@ -421,6 +421,14 @@ class AtSecondaryServerImpl implements AtSecondaryServer { notificationResourceManager.setMaxRetries(newCount); QueueManager.getInstance().setMaxRetries(newCount); }); + + AtSecondaryConfig.subscribe(ModifiableConfigs.maxRequestsPerTimeFrame)?.listen((maxEnrollRequestsAllowed) { + AtSecondaryConfig.maxEnrollRequestsAllowed = maxEnrollRequestsAllowed; + }); + + AtSecondaryConfig.subscribe(ModifiableConfigs.timeFrameInMills)?.listen((timeWindowInMills) { + AtSecondaryConfig.timeFrameInMills = timeWindowInMills; + }); } } diff --git a/packages/at_secondary_server/lib/src/verb/handler/enroll_verb_handler.dart b/packages/at_secondary_server/lib/src/verb/handler/enroll_verb_handler.dart index 5f4d7bd0b..d30ef83c1 100644 --- a/packages/at_secondary_server/lib/src/verb/handler/enroll_verb_handler.dart +++ b/packages/at_secondary_server/lib/src/verb/handler/enroll_verb_handler.dart @@ -101,11 +101,17 @@ class EnrollVerbHandler extends AbstractVerbHandler { /// and its corresponding state. /// /// Throws "AtEnrollmentException", if the OTP provided is invalid. + /// Throws [AtThrottleLimitExceeded], if the number of requests exceed within + /// a time window. Future _handleEnrollmentRequest( EnrollParams enrollParams, currentAtSign, Map responseJson, InboundConnection atConnection) async { + if (!atConnection.isRequestAllowed()) { + throw AtThrottleLimitExceeded( + 'Enrollment requests have exceeded the limit within the specified time frame'); + } if (!atConnection.getMetaData().isAuthenticated) { var otp = enrollParams.otp; if (otp == null || diff --git a/packages/at_secondary_server/pubspec.yaml b/packages/at_secondary_server/pubspec.yaml index 7e464aa84..9334087bc 100644 --- a/packages/at_secondary_server/pubspec.yaml +++ b/packages/at_secondary_server/pubspec.yaml @@ -18,7 +18,7 @@ dependencies: collection: 1.18.0 basic_utils: 5.6.1 ecdsa: 0.0.4 - at_commons: 3.0.54 + at_commons: 3.0.55 at_utils: 3.0.15 at_chops: 1.0.4 at_lookup: 3.0.40 @@ -34,6 +34,10 @@ dependencies: yaml: 3.1.2 logging: 1.2.0 +dependency_overrides: + at_server_spec: + path: ../at_server_spec + dev_dependencies: test: ^1.24.4 coverage: ^1.6.1 diff --git a/packages/at_secondary_server/test/inbound_connection_impl_test.dart b/packages/at_secondary_server/test/inbound_connection_impl_test.dart new file mode 100644 index 000000000..89c2c1d5c --- /dev/null +++ b/packages/at_secondary_server/test/inbound_connection_impl_test.dart @@ -0,0 +1,44 @@ +import 'dart:io'; + +import 'package:at_secondary/src/connection/inbound/inbound_connection_impl.dart'; +import 'package:at_server_spec/at_server_spec.dart'; +import 'package:test/test.dart'; + +void main(){ + group('A test to verify the rate limiter on inbound connection', () { + test('A test to verify requests exceeding the limit are rejected', () { + Socket? dummySocket; + AtConnection connection1 = InboundConnectionImpl(dummySocket, 'aaa'); + (connection1 as InboundConnectionImpl).maxRequestsPerTimeFrame = 1; + connection1.timeFrameInMillis = + Duration(milliseconds: 10).inMilliseconds; + expect(connection1.isRequestAllowed(), true); + expect(connection1.isRequestAllowed(), false); + }); + + test('A test to verify requests after the time window are accepted', + () async { + Socket? dummySocket; + AtConnection connection1 = InboundConnectionImpl(dummySocket, 'aaa'); + (connection1 as InboundConnectionImpl).maxRequestsPerTimeFrame = 1; + connection1.timeFrameInMillis = Duration(milliseconds: 2).inMilliseconds; + expect(connection1.isRequestAllowed(), true); + expect(connection1.isRequestAllowed(), false); + await Future.delayed(Duration(milliseconds: 2)); + expect(connection1.isRequestAllowed(), true); + }); + + test('A test to verify request from different connection is allowed', () { + Socket? dummySocket; + AtConnection connection1 = InboundConnectionImpl(dummySocket, 'aaa'); + AtConnection connection2 = InboundConnectionImpl(dummySocket, 'aaa'); + (connection1 as InboundConnectionImpl).maxRequestsPerTimeFrame = 1; + (connection2 as InboundConnectionImpl).maxRequestsPerTimeFrame = 1; + connection1.timeFrameInMillis = + Duration(milliseconds: 10).inMilliseconds; + expect(connection1.isRequestAllowed(), true); + expect(connection1.isRequestAllowed(), false); + expect(connection2.isRequestAllowed(), true); + }); + }); +} \ No newline at end of file diff --git a/packages/at_server_spec/lib/src/connection/inbound_connection.dart b/packages/at_server_spec/lib/src/connection/inbound_connection.dart index c4851ab47..5421edaf2 100644 --- a/packages/at_server_spec/lib/src/connection/inbound_connection.dart +++ b/packages/at_server_spec/lib/src/connection/inbound_connection.dart @@ -1,7 +1,8 @@ import 'dart:io'; import 'package:at_server_spec/src/connection/at_connection.dart'; +import 'package:at_server_spec/src/rate_limiter/at_rate_limiter.dart'; -abstract class InboundConnection extends AtConnection { +abstract class InboundConnection extends AtConnection implements AtRateLimiter { ///Returns true if remote socket and remote port of this and connection matches bool equals(InboundConnection connection); diff --git a/packages/at_server_spec/lib/src/rate_limiter/at_rate_limiter.dart b/packages/at_server_spec/lib/src/rate_limiter/at_rate_limiter.dart new file mode 100644 index 000000000..bd2a3d4f3 --- /dev/null +++ b/packages/at_server_spec/lib/src/rate_limiter/at_rate_limiter.dart @@ -0,0 +1,18 @@ +/// A rate limiter class that allows controlling the rate of requests within a specified time frame. +/// +/// This class provides a way to limit the number of requests that can be made +/// within a specified time frame. It keeps track of the timestamps of previous +/// requests and allows requests to be made only if they do not exceed the +/// maximum allowed requests per time frame. +abstract class AtRateLimiter { + /// The maximum number of requests allowed within the specified time frame. + late int maxRequestsPerTimeFrame; + + /// The duration of the time frame within which requests are limited. + late int timeFrameInMillis; + + /// Checks whether a new request is allowed based on the rate limiting rules. + /// + /// Returns `true` if the request is allowed, or `false` if it exceeds the rate limit. + bool isRequestAllowed(); +} diff --git a/tests/at_functional_test/test/enroll_verb_test.dart b/tests/at_functional_test/test/enroll_verb_test.dart index d77a878c5..a2040ca01 100644 --- a/tests/at_functional_test/test/enroll_verb_test.dart +++ b/tests/at_functional_test/test/enroll_verb_test.dart @@ -695,8 +695,8 @@ void main() { expect(jsonDecode(enrollmentResponse)['status'], 'denied'); expect(jsonDecode(enrollmentResponse)['enrollmentId'], enrollmentId); // Approve enrollment - await socket_writer( - socketConnection1!, 'enroll:approve:{"enrollmentId":"$enrollmentId"}'); + await socket_writer(socketConnection1!, + 'enroll:approve:{"enrollmentId":"$enrollmentId"}'); enrollmentResponse = (await read()).replaceAll('error:', ''); expect( jsonDecode(enrollmentResponse)['errorDescription'], @@ -728,8 +728,8 @@ void main() { // Approve enrollment await _connect(); await prepare(socketConnection1!, firstAtsign); - await socket_writer( - socketConnection1!, 'enroll:approve:{"enrollmentId":"$enrollmentId"}'); + await socket_writer(socketConnection1!, + 'enroll:approve:{"enrollmentId":"$enrollmentId"}'); enrollmentResponse = (await read()).replaceAll('data:', ''); expect(jsonDecode(enrollmentResponse)['status'], 'approved'); expect(jsonDecode(enrollmentResponse)['enrollmentId'], enrollmentId); @@ -740,8 +740,8 @@ void main() { expect(jsonDecode(enrollmentResponse)['status'], 'revoked'); expect(jsonDecode(enrollmentResponse)['enrollmentId'], enrollmentId); // Approve a revoked enrollment - await socket_writer( - socketConnection1!, 'enroll:approve:{"enrollmentId":"$enrollmentId"}'); + await socket_writer(socketConnection1!, + 'enroll:approve:{"enrollmentId":"$enrollmentId"}'); enrollmentResponse = (await read()).replaceAll('error:', ''); expect( jsonDecode(enrollmentResponse)['errorDescription'], @@ -749,6 +749,120 @@ void main() { 'Only pending enrollments can be approved'); }); }); + + group('A group of test related to Rate limiting enrollment requests', () { + String otp = ''; + setUp(() async { + await socket_writer(socketConnection1!, 'from:$firstAtsign'); + var fromResponse = await read(); + fromResponse = fromResponse.replaceAll('data:', ''); + var cramResponse = getDigest(firstAtsign, fromResponse); + await socket_writer(socketConnection1!, 'cram:$cramResponse'); + var cramResult = await read(); + expect(cramResult, 'data:success\n'); + await socket_writer( + socketConnection1!, 'config:set:maxRequestsPerTimeFrame=1\n'); + var configResponse = await read(); + expect(configResponse.trim(), 'data:ok'); + await socket_writer( + socketConnection1!, 'config:set:timeFrameInMills=100\n'); + configResponse = await read(); + expect(configResponse.trim(), 'data:ok'); + await socket_writer(socketConnection1!, 'otp:get'); + otp = await read(); + otp = otp.replaceAll('data:', '').trim(); + }); + + test( + 'A test to verify exception is thrown when request exceed the configured limit', + () async { + SecureSocket unAuthenticatedConnection = + await secure_socket_connection(firstAtsignServer, firstAtsignPort); + socket_listener(unAuthenticatedConnection); + var enrollRequest = + 'enroll:request:{"appName":"wavi","deviceName":"pixel","namespaces":{"wavi":"rw"},"otp":"$otp","apkamPublicKey":"${pkamPublicKeyMap[firstAtsign]!}"}\n'; + await socket_writer(unAuthenticatedConnection, enrollRequest); + var enrollmentResponse = + jsonDecode((await read()).replaceAll('data:', '')); + expect(enrollmentResponse['status'], 'pending'); + expect(enrollmentResponse['enrollmentId'], isNotNull); + enrollRequest = + 'enroll:request:{"appName":"wavi","deviceName":"pixel","namespaces":{"wavi":"rw"},"otp":"$otp","apkamPublicKey":"${pkamPublicKeyMap[firstAtsign]!}"}\n'; + await socket_writer(unAuthenticatedConnection, enrollRequest); + enrollmentResponse = await read() + ..replaceAll('error:', ''); + expect( + enrollmentResponse.contains( + 'Enrollment requests have exceeded the limit within the specified time frame'), + true); + }); + + test('A test to verify request is successful after the time window', + () async { + SecureSocket unAuthenticatedConnection = + await secure_socket_connection(firstAtsignServer, firstAtsignPort); + socket_listener(unAuthenticatedConnection); + var enrollRequest = + 'enroll:request:{"appName":"wavi","deviceName":"pixel","namespaces":{"wavi":"rw"},"otp":"$otp","apkamPublicKey":"${pkamPublicKeyMap[firstAtsign]!}"}\n'; + await socket_writer(unAuthenticatedConnection, enrollRequest); + var enrollmentResponse = + jsonDecode((await read()).replaceAll('data:', '')); + expect(enrollmentResponse['status'], 'pending'); + expect(enrollmentResponse['enrollmentId'], isNotNull); + enrollRequest = + 'enroll:request:{"appName":"wavi","deviceName":"pixel","namespaces":{"wavi":"rw"},"otp":"$otp","apkamPublicKey":"${pkamPublicKeyMap[firstAtsign]!}"}\n'; + await socket_writer(unAuthenticatedConnection, enrollRequest); + enrollmentResponse = await read() + ..replaceAll('error:', ''); + expect( + enrollmentResponse.contains( + 'Enrollment requests have exceeded the limit within the specified time frame'), + true); + await Future.delayed(Duration(milliseconds: 110)); + await socket_writer(unAuthenticatedConnection, enrollRequest); + enrollmentResponse = jsonDecode((await read()).replaceAll('data:', '')); + expect(enrollmentResponse['status'], 'pending'); + expect(enrollmentResponse['enrollmentId'], isNotNull); + }); + + test('A test to verify rate limit is per connection', () async { + SecureSocket unAuthenticatedConnection = + await secure_socket_connection(firstAtsignServer, firstAtsignPort); + socket_listener(unAuthenticatedConnection); + var enrollRequest = + 'enroll:request:{"appName":"wavi","deviceName":"pixel","namespaces":{"wavi":"rw"},"otp":"$otp","apkamPublicKey":"${pkamPublicKeyMap[firstAtsign]!}"}\n'; + await socket_writer(unAuthenticatedConnection, enrollRequest); + var enrollmentResponse = + jsonDecode((await read()).replaceAll('data:', '')); + expect(enrollmentResponse['status'], 'pending'); + expect(enrollmentResponse['enrollmentId'], isNotNull); + enrollRequest = + 'enroll:request:{"appName":"wavi","deviceName":"pixel","namespaces":{"wavi":"rw"},"otp":"$otp","apkamPublicKey":"${pkamPublicKeyMap[firstAtsign]!}"}\n'; + await socket_writer(unAuthenticatedConnection, enrollRequest); + enrollmentResponse = await read() + ..replaceAll('error:', ''); + expect( + enrollmentResponse.contains( + 'Enrollment requests have exceeded the limit within the specified time frame'), + true); + SecureSocket secondUnAuthenticatedConnection2 = + await secure_socket_connection(firstAtsignServer, firstAtsignPort); + socket_listener(secondUnAuthenticatedConnection2); + enrollRequest = + 'enroll:request:{"appName":"wavi","deviceName":"pixel","namespaces":{"wavi":"rw"},"otp":"$otp","apkamPublicKey":"${pkamPublicKeyMap[firstAtsign]!}"}\n'; + await socket_writer(secondUnAuthenticatedConnection2, enrollRequest); + enrollmentResponse = jsonDecode((await read()).replaceAll('data:', '')); + expect(enrollmentResponse['status'], 'pending'); + expect(enrollmentResponse['enrollmentId'], isNotNull); + }); + + tearDown(() async { + socket_writer(socketConnection1!, 'config:reset:maxRequestsAllowed'); + await read(); + socket_writer(socketConnection1!, 'config:reset:timeWindowInMills'); + await read(); + }); + }); } Future _getOTPFromServer(String atSign) async { From e53f46e7f8c7ba862eb4a29ae5cb146d36a78767 Mon Sep 17 00:00:00 2001 From: Sitaram Kalluri Date: Mon, 11 Sep 2023 07:53:57 +0530 Subject: [PATCH 02/12] fix: Move at_server_spec changes to a different branch and update pubspec.yaml --- packages/at_secondary_server/pubspec.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/packages/at_secondary_server/pubspec.yaml b/packages/at_secondary_server/pubspec.yaml index 9334087bc..1fdaf1edd 100644 --- a/packages/at_secondary_server/pubspec.yaml +++ b/packages/at_secondary_server/pubspec.yaml @@ -36,7 +36,10 @@ dependencies: dependency_overrides: at_server_spec: - path: ../at_server_spec + git: + url: https://github.com/atsign-foundation/at_server.git + path: packages/at_server_spec + ref: rate_limit_spec dev_dependencies: test: ^1.24.4 From b2e47aaa181bbd18e23afb2f79df3162373d0abb Mon Sep 17 00:00:00 2001 From: Sitaram Kalluri Date: Tue, 12 Sep 2023 22:22:52 +0530 Subject: [PATCH 03/12] fix: Remove dependency overrides of at_server_spec --- packages/at_secondary_server/pubspec.yaml | 9 +-------- .../lib/src/connection/inbound_connection.dart | 1 - .../lib/src/rate_limiter/at_rate_limiter.dart | 18 ------------------ tests/at_functional_test/pubspec.yaml | 2 +- 4 files changed, 2 insertions(+), 28 deletions(-) delete mode 100644 packages/at_server_spec/lib/src/rate_limiter/at_rate_limiter.dart diff --git a/packages/at_secondary_server/pubspec.yaml b/packages/at_secondary_server/pubspec.yaml index 585a597e3..03be29b74 100644 --- a/packages/at_secondary_server/pubspec.yaml +++ b/packages/at_secondary_server/pubspec.yaml @@ -22,7 +22,7 @@ dependencies: at_utils: 3.0.15 at_chops: 1.0.4 at_lookup: 3.0.40 - at_server_spec: 3.0.14 + at_server_spec: 3.0.15 at_persistence_spec: 2.0.14 at_persistence_secondary_server: 3.0.57 expire_cache: ^2.0.1 @@ -34,13 +34,6 @@ dependencies: yaml: 3.1.2 logging: 1.2.0 -dependency_overrides: - at_server_spec: - git: - url: https://github.com/atsign-foundation/at_server.git - path: packages/at_server_spec - ref: rate_limit_spec - dev_dependencies: test: ^1.24.4 coverage: ^1.6.1 diff --git a/packages/at_server_spec/lib/src/connection/inbound_connection.dart b/packages/at_server_spec/lib/src/connection/inbound_connection.dart index 08e550824..bab07d14b 100644 --- a/packages/at_server_spec/lib/src/connection/inbound_connection.dart +++ b/packages/at_server_spec/lib/src/connection/inbound_connection.dart @@ -1,7 +1,6 @@ import 'dart:io'; import 'package:at_server_spec/src/at_rate_limiter/at_rate_limiter.dart'; import 'package:at_server_spec/src/connection/at_connection.dart'; -import 'package:at_server_spec/src/rate_limiter/at_rate_limiter.dart'; abstract class InboundConnection extends AtConnection implements AtRateLimiter { ///Returns true if remote socket and remote port of this and connection matches diff --git a/packages/at_server_spec/lib/src/rate_limiter/at_rate_limiter.dart b/packages/at_server_spec/lib/src/rate_limiter/at_rate_limiter.dart deleted file mode 100644 index bd2a3d4f3..000000000 --- a/packages/at_server_spec/lib/src/rate_limiter/at_rate_limiter.dart +++ /dev/null @@ -1,18 +0,0 @@ -/// A rate limiter class that allows controlling the rate of requests within a specified time frame. -/// -/// This class provides a way to limit the number of requests that can be made -/// within a specified time frame. It keeps track of the timestamps of previous -/// requests and allows requests to be made only if they do not exceed the -/// maximum allowed requests per time frame. -abstract class AtRateLimiter { - /// The maximum number of requests allowed within the specified time frame. - late int maxRequestsPerTimeFrame; - - /// The duration of the time frame within which requests are limited. - late int timeFrameInMillis; - - /// Checks whether a new request is allowed based on the rate limiting rules. - /// - /// Returns `true` if the request is allowed, or `false` if it exceeds the rate limit. - bool isRequestAllowed(); -} diff --git a/tests/at_functional_test/pubspec.yaml b/tests/at_functional_test/pubspec.yaml index f688db31a..e0a4919e0 100644 --- a/tests/at_functional_test/pubspec.yaml +++ b/tests/at_functional_test/pubspec.yaml @@ -16,7 +16,7 @@ dependencies: ref: trunk at_chops: ^1.0.1 at_lookup: ^3.0.32 - at_commons: ^3.0.53 + at_commons: ^3.0.55 uuid: ^3.0.7 elliptic: ^0.3.8 From 67a043742ee99026b25f11c5b52449f329c35077 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 00:47:00 +0000 Subject: [PATCH 04/12] build(deps): bump docker/setup-buildx-action from 2.10.0 to 3.0.0 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.10.0 to 3.0.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/885d1462b80bc1c1c7f0b00334ad271f09369c55...f95db51fddba0c2d1ec667646a06c2ce06100226) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/at_server.yaml | 16 ++++++++-------- .github/workflows/at_server_dev_deploy.yaml | 2 +- .github/workflows/at_server_prod_deploy.yaml | 2 +- .github/workflows/promote_canary.yaml | 4 ++-- .github/workflows/ve_base.yaml | 2 +- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/at_server.yaml b/.github/workflows/at_server.yaml index a75032778..c5d53fb27 100644 --- a/.github/workflows/at_server.yaml +++ b/.github/workflows/at_server.yaml @@ -238,7 +238,7 @@ jobs: grep version pubspec.yaml | head -1 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 @@ -597,7 +597,7 @@ jobs: uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 @@ -651,7 +651,7 @@ jobs: uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 @@ -706,7 +706,7 @@ jobs: uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 @@ -759,7 +759,7 @@ jobs: uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 @@ -804,7 +804,7 @@ jobs: uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 @@ -850,7 +850,7 @@ jobs: uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 @@ -885,7 +885,7 @@ jobs: uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 diff --git a/.github/workflows/at_server_dev_deploy.yaml b/.github/workflows/at_server_dev_deploy.yaml index 99ac3a7af..f703660e6 100644 --- a/.github/workflows/at_server_dev_deploy.yaml +++ b/.github/workflows/at_server_dev_deploy.yaml @@ -21,7 +21,7 @@ jobs: run: echo "BRANCH=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 diff --git a/.github/workflows/at_server_prod_deploy.yaml b/.github/workflows/at_server_prod_deploy.yaml index 8e217922b..feb42f959 100644 --- a/.github/workflows/at_server_prod_deploy.yaml +++ b/.github/workflows/at_server_prod_deploy.yaml @@ -21,7 +21,7 @@ jobs: run: echo "BRANCH=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 diff --git a/.github/workflows/promote_canary.yaml b/.github/workflows/promote_canary.yaml index fc4ee34f0..ad7133064 100644 --- a/.github/workflows/promote_canary.yaml +++ b/.github/workflows/promote_canary.yaml @@ -25,7 +25,7 @@ jobs: uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 @@ -66,7 +66,7 @@ jobs: uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 diff --git a/.github/workflows/ve_base.yaml b/.github/workflows/ve_base.yaml index 35895f827..6bb5ce2fb 100644 --- a/.github/workflows/ve_base.yaml +++ b/.github/workflows/ve_base.yaml @@ -15,7 +15,7 @@ jobs: uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - name: Login to DockerHub uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 From 089b6b9de7c9293a7a744e614cc09e16a4dec266 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 00:47:06 +0000 Subject: [PATCH 05/12] build(deps): bump docker/build-push-action from 4.2.1 to 5.0.0 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4.2.1 to 5.0.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/0a97817b6ade9f46837855d676c4cca3a2471fc9...0565240e2d4ab88bba5387d719585280857ece09) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/at_server.yaml | 18 +++++++++--------- .github/workflows/at_server_dev_deploy.yaml | 2 +- .github/workflows/at_server_prod_deploy.yaml | 2 +- .github/workflows/promote_canary.yaml | 4 ++-- .github/workflows/ve_base.yaml | 2 +- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/at_server.yaml b/.github/workflows/at_server.yaml index a75032778..e32526c39 100644 --- a/.github/workflows/at_server.yaml +++ b/.github/workflows/at_server.yaml @@ -171,7 +171,7 @@ jobs: ls -laR tools/build_virtual_environment/ve/* - name: Build docker image - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: file: tools/build_virtual_environment/ve/Dockerfile context: tools/build_virtual_environment/ve @@ -249,7 +249,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for x64 id: docker_build_secondary - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: push: true provenance: false @@ -608,7 +608,7 @@ jobs: # Builds and pushes the at_virtual_env to docker hub. - name: Build and push id: docker_build - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: file: tools/build_virtual_environment/ve/Dockerfile.vip context: . @@ -662,7 +662,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for amd64 and arm64 id: docker_build_secondary - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: push: true provenance: false @@ -717,7 +717,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for amd64 and arm64 id: docker_build_observable_secondary - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: push: true provenance: false @@ -770,7 +770,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for amd64 and arm64 id: docker_build_secondary - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: push: true provenance: false @@ -814,7 +814,7 @@ jobs: - name: Build and push id: docker_build - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: file: tools/build_virtual_environment/ve/Dockerfile.vip context: . @@ -861,7 +861,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for amd64 and arm64 id: docker_build_secondary - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: push: true provenance: false @@ -895,7 +895,7 @@ jobs: - name: Build and push id: docker_build - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: file: tools/build_virtual_environment/ve/Dockerfile.vip context: . diff --git a/.github/workflows/at_server_dev_deploy.yaml b/.github/workflows/at_server_dev_deploy.yaml index 99ac3a7af..c386bba2b 100644 --- a/.github/workflows/at_server_dev_deploy.yaml +++ b/.github/workflows/at_server_dev_deploy.yaml @@ -31,7 +31,7 @@ jobs: # Build the Docker image for Dev - name: Build and push - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: file: packages/at_root_server/Dockerfile context: packages/at_root_server diff --git a/.github/workflows/at_server_prod_deploy.yaml b/.github/workflows/at_server_prod_deploy.yaml index 8e217922b..067efeafe 100644 --- a/.github/workflows/at_server_prod_deploy.yaml +++ b/.github/workflows/at_server_prod_deploy.yaml @@ -31,7 +31,7 @@ jobs: # Build the Docker image for Dev - name: Build and push - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: file: packages/at_root_server/Dockerfile context: packages/at_root_server diff --git a/.github/workflows/promote_canary.yaml b/.github/workflows/promote_canary.yaml index fc4ee34f0..b58b21b74 100644 --- a/.github/workflows/promote_canary.yaml +++ b/.github/workflows/promote_canary.yaml @@ -36,7 +36,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push secondary image for amd64 and arm64 id: docker_build_canary_to_prod - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: push: true provenance: false @@ -77,7 +77,7 @@ jobs: # Builds and pushes the secondary server image to docker hub. - name: Build and push virtualenv image for amd64 and arm64 id: docker_build_canary_to_vip - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: push: true file: tools/build_virtual_environment/ve/Dockerfile.canary_to_vip diff --git a/.github/workflows/ve_base.yaml b/.github/workflows/ve_base.yaml index 35895f827..347a4f2aa 100644 --- a/.github/workflows/ve_base.yaml +++ b/.github/workflows/ve_base.yaml @@ -25,7 +25,7 @@ jobs: - name: Build and push id: docker_build - uses: docker/build-push-action@0a97817b6ade9f46837855d676c4cca3a2471fc9 # v4.2.1 + uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 with: file: tools/build_virtual_environment/ve_base/Dockerfile push: true From e1725a9dfb6311e69c932ef2d420dd39288d1bd5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 00:47:10 +0000 Subject: [PATCH 06/12] build(deps): bump docker/setup-qemu-action from 2.2.0 to 3.0.0 Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.2.0 to 3.0.0. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/2b82ce82d56a2a04d2637cd93a637ae1b359c0a7...68827325e0b33c7199eb31dd4e31fbe9023e06e3) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/at_server.yaml | 14 +++++++------- .github/workflows/promote_canary.yaml | 4 ++-- .github/workflows/ve_base.yaml | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/at_server.yaml b/.github/workflows/at_server.yaml index a75032778..4a3b71467 100644 --- a/.github/workflows/at_server.yaml +++ b/.github/workflows/at_server.yaml @@ -594,7 +594,7 @@ jobs: run: echo "BRANCH=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 @@ -648,7 +648,7 @@ jobs: run: echo "BRANCH=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 @@ -703,7 +703,7 @@ jobs: run: echo "BRANCH=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 @@ -756,7 +756,7 @@ jobs: grep version pubspec.yaml | head -1 - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 @@ -801,7 +801,7 @@ jobs: grep version pubspec.yaml | head -1 - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 @@ -847,7 +847,7 @@ jobs: run: echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 @@ -882,7 +882,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 diff --git a/.github/workflows/promote_canary.yaml b/.github/workflows/promote_canary.yaml index fc4ee34f0..b6d4b8c97 100644 --- a/.github/workflows/promote_canary.yaml +++ b/.github/workflows/promote_canary.yaml @@ -22,7 +22,7 @@ jobs: run: echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 @@ -63,7 +63,7 @@ jobs: run: echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 diff --git a/.github/workflows/ve_base.yaml b/.github/workflows/ve_base.yaml index 35895f827..c8781fdb9 100644 --- a/.github/workflows/ve_base.yaml +++ b/.github/workflows/ve_base.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 + uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - name: Set up Docker Buildx uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 From 3621fa3a398f48b180ff87ca921619b5ee9ca652 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Sep 2023 00:47:15 +0000 Subject: [PATCH 07/12] build(deps): bump docker/login-action from 2.2.0 to 3.0.0 Bumps [docker/login-action](https://github.com/docker/login-action) from 2.2.0 to 3.0.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/465a07811f14bebb1938fbed4728c6a1ff8901fc...343f7c4344506bcbf9b4de18042ae17996df046d) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/at_server.yaml | 16 ++++++++-------- .github/workflows/at_server_dev_deploy.yaml | 2 +- .github/workflows/at_server_prod_deploy.yaml | 2 +- .github/workflows/promote_canary.yaml | 4 ++-- .github/workflows/revert_secondary.yaml | 4 ++-- .github/workflows/ve_base.yaml | 2 +- 6 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/at_server.yaml b/.github/workflows/at_server.yaml index a75032778..feb9408ea 100644 --- a/.github/workflows/at_server.yaml +++ b/.github/workflows/at_server.yaml @@ -241,7 +241,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -600,7 +600,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -654,7 +654,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -709,7 +709,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -762,7 +762,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -807,7 +807,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -853,7 +853,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -888,7 +888,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/at_server_dev_deploy.yaml b/.github/workflows/at_server_dev_deploy.yaml index 99ac3a7af..aa72bcd54 100644 --- a/.github/workflows/at_server_dev_deploy.yaml +++ b/.github/workflows/at_server_dev_deploy.yaml @@ -24,7 +24,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/at_server_prod_deploy.yaml b/.github/workflows/at_server_prod_deploy.yaml index 8e217922b..aaebcc5f5 100644 --- a/.github/workflows/at_server_prod_deploy.yaml +++ b/.github/workflows/at_server_prod_deploy.yaml @@ -24,7 +24,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/promote_canary.yaml b/.github/workflows/promote_canary.yaml index fc4ee34f0..6bc3c73d2 100644 --- a/.github/workflows/promote_canary.yaml +++ b/.github/workflows/promote_canary.yaml @@ -28,7 +28,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -69,7 +69,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/revert_secondary.yaml b/.github/workflows/revert_secondary.yaml index 0b4e2d088..b08d90f0d 100644 --- a/.github/workflows/revert_secondary.yaml +++ b/.github/workflows/revert_secondary.yaml @@ -29,7 +29,7 @@ jobs: run: echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -72,7 +72,7 @@ jobs: run: echo "VERSION=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/ve_base.yaml b/.github/workflows/ve_base.yaml index 35895f827..f86bcfcba 100644 --- a/.github/workflows/ve_base.yaml +++ b/.github/workflows/ve_base.yaml @@ -18,7 +18,7 @@ jobs: uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0 - name: Login to DockerHub - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} From c697dc0cd9b6316c8a7f8477f52e74a2b0817504 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 00:08:14 +0000 Subject: [PATCH 08/12] build(deps): bump github/codeql-action from 2.21.5 to 2.21.6 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.5 to 2.21.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/00e563ead9f72a8461b24876bee2d0c2e8bd2ee8...701f152f28d4350ad289a5e31435e9ab6169a7ca) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecards.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 147435b1f..575397681 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2.21.5 + uses: github/codeql-action/init@701f152f28d4350ad289a5e31435e9ab6169a7ca # v2.21.6 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2.21.5 + uses: github/codeql-action/autobuild@701f152f28d4350ad289a5e31435e9ab6169a7ca # v2.21.6 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2.21.5 + uses: github/codeql-action/analyze@701f152f28d4350ad289a5e31435e9ab6169a7ca # v2.21.6 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index b986c0e9a..7d258c905 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8 # v2.13.4 + uses: github/codeql-action/upload-sarif@701f152f28d4350ad289a5e31435e9ab6169a7ca # v2.13.4 with: sarif_file: results.sarif From 209e2911391583cd59afaac2357e415fce48cf27 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 00:18:15 +0000 Subject: [PATCH 09/12] build(deps): bump dart from 3.1.1 to 3.1.2 in /tools/build_secondary Bumps dart from 3.1.1 to 3.1.2. --- updated-dependencies: - dependency-name: dart dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- tools/build_secondary/Dockerfile | 2 +- tools/build_secondary/Dockerfile.observe | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/build_secondary/Dockerfile b/tools/build_secondary/Dockerfile index d09b25296..78e1b768e 100644 --- a/tools/build_secondary/Dockerfile +++ b/tools/build_secondary/Dockerfile @@ -1,4 +1,4 @@ -FROM dart:3.1.1@sha256:ec7bb9e577648ea5526c9daf714e9bc7af670ce7c93b594205e68c14a10cea3b AS buildimage +FROM dart:3.1.2@sha256:a57751bdedde962da08789236b12fd3793c10d43a473ef3e73c894d61740fb2c AS buildimage ENV HOMEDIR=/atsign ENV USER_ID=1024 ENV GROUP_ID=1024 diff --git a/tools/build_secondary/Dockerfile.observe b/tools/build_secondary/Dockerfile.observe index 36ae693cd..2b203dd98 100644 --- a/tools/build_secondary/Dockerfile.observe +++ b/tools/build_secondary/Dockerfile.observe @@ -1,4 +1,4 @@ -FROM dart:3.1.1@sha256:ec7bb9e577648ea5526c9daf714e9bc7af670ce7c93b594205e68c14a10cea3b AS buildimage +FROM dart:3.1.2@sha256:a57751bdedde962da08789236b12fd3793c10d43a473ef3e73c894d61740fb2c AS buildimage ENV HOMEDIR=/atsign ENV USER_ID=1024 ENV GROUP_ID=1024 From 29a3c95062186c753a0bd4b1c83896f3b41ae781 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 00:24:24 +0000 Subject: [PATCH 10/12] build(deps): bump dart from 3.1.1 to 3.1.2 in /packages/at_root_server Bumps dart from 3.1.1 to 3.1.2. --- updated-dependencies: - dependency-name: dart dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- packages/at_root_server/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/at_root_server/Dockerfile b/packages/at_root_server/Dockerfile index eaf0996e7..08681a859 100644 --- a/packages/at_root_server/Dockerfile +++ b/packages/at_root_server/Dockerfile @@ -1,4 +1,4 @@ -FROM dart:3.1.1@sha256:ec7bb9e577648ea5526c9daf714e9bc7af670ce7c93b594205e68c14a10cea3b AS buildimage +FROM dart:3.1.2@sha256:a57751bdedde962da08789236b12fd3793c10d43a473ef3e73c894d61740fb2c AS buildimage ENV HOMEDIR=/atsign ENV BINARYDIR=/usr/local/at ENV USER_ID=1024 From 0b595650c7164f66591ac2a552e4f6c46929be12 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 00:38:47 +0000 Subject: [PATCH 11/12] build(deps): bump dart in /tools/build_virtual_environment/ve Bumps dart from 3.1.1 to 3.1.2. --- updated-dependencies: - dependency-name: dart dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- tools/build_virtual_environment/ve/Dockerfile.vip | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/build_virtual_environment/ve/Dockerfile.vip b/tools/build_virtual_environment/ve/Dockerfile.vip index e402ca057..9e033b0d0 100644 --- a/tools/build_virtual_environment/ve/Dockerfile.vip +++ b/tools/build_virtual_environment/ve/Dockerfile.vip @@ -1,4 +1,4 @@ -FROM dart:3.1.1@sha256:ec7bb9e577648ea5526c9daf714e9bc7af670ce7c93b594205e68c14a10cea3b AS buildimage +FROM dart:3.1.2@sha256:a57751bdedde962da08789236b12fd3793c10d43a473ef3e73c894d61740fb2c AS buildimage ENV USER_ID=1024 ENV GROUP_ID=1024 WORKDIR /app From d36e9fbae0918f1d5b099460eb21c2c63a011548 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 00:44:01 +0000 Subject: [PATCH 12/12] build(deps): bump dart in /tools/build_virtual_environment/ve_base Bumps dart from 3.1.1 to 3.1.2. --- updated-dependencies: - dependency-name: dart dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- tools/build_virtual_environment/ve_base/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/build_virtual_environment/ve_base/Dockerfile b/tools/build_virtual_environment/ve_base/Dockerfile index e8553fea4..b8b79a9b1 100644 --- a/tools/build_virtual_environment/ve_base/Dockerfile +++ b/tools/build_virtual_environment/ve_base/Dockerfile @@ -1,4 +1,4 @@ -FROM dart:3.1.1@sha256:ec7bb9e577648ea5526c9daf714e9bc7af670ce7c93b594205e68c14a10cea3b AS buildimage +FROM dart:3.1.2@sha256:a57751bdedde962da08789236b12fd3793c10d43a473ef3e73c894d61740fb2c AS buildimage ENV USER_ID=1024 ENV GROUP_ID=1024 WORKDIR /app