Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Remove dependency on rustls 0.20 #21757

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

chore(deps): Remove dependency on rustls 0.20 #21757

wants to merge 3 commits into from
+176 −83

Conversation

jszwedko
Copy link
Member

@jszwedko jszwedko commented Nov 11, 2024
edited
Loading

Summary

rustls 0.20.9 has a reported vulnerability (RUSTSEC-2024-0336). It can be fixed by upgrading the patch version but I figured we could just update to latest.

Change Type

  • Bug fix
  • New feature
  • Non-functional (chore, refactoring, docs)
  • Performance

Is this a breaking change?

  • Yes
  • No

How did you test this PR?

cargo nextest

Does this PR include user facing changes?

  • Yes. Please add a changelog fragment based on our guidelines.
  • No. A maintainer will apply the "no-changelog" label to this PR.

Checklist

  • Please read our Vector contributor resources.
  • If this PR introduces changes Vector dependencies (modifies Cargo.lock), please
    run dd-rust-license-tool write to regenerate the license inventory and commit the changes (if any). More details here.

References

@jszwedko
chore(deps): Remove dependency on rustls 0.20
38ab17c 
rustls 0.20.9 has a reported vulnerability (RUSTSEC-2024-0336). It can be fixed by upgrading the
patch version but I figured we could just update to latest.

Signed-off-by: Jesse Szwedko <[email protected]>
@jszwedko jszwedko added the no-changelog Changes in this PR do not need user-facing explanations in the release changelog label Nov 11, 2024
@jszwedko jszwedko requested a review from a team as a code owner November 11, 2024 14:48
@jszwedko jszwedko added the domain: deps Anything related to Vector's dependencies label Nov 11, 2024
@jszwedko jszwedko mentioned this pull request Nov 11, 2024
Merged
10 tasks
@datadog-vectordotdev
Copy link

datadog-vectordotdev bot commented Nov 11, 2024
edited
Loading

Datadog Report

Branch report: jszwedko/upgrade-rustls
Commit report: 9f1d9a0
Test service: vector

✅ 0 Failed, 7 Passed, 0 Skipped, 25.48s Total Time

@jszwedko
regenerate licenses
d7d96aa 
Signed-off-by: Jesse Szwedko <[email protected]>
@jszwedko jszwedko added this pull request to the merge queue Nov 11, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Nov 11, 2024
@pront pront added this pull request to the merge queue Nov 11, 2024
@jszwedko
Install nasm for Windows
36fc5e3 
Signed-off-by: Jesse Szwedko <[email protected]>
@jszwedko jszwedko removed this pull request from the merge queue due to a manual request Nov 11, 2024
@github-actions github-actions bot added the domain: ci Anything related to Vector's CI environment label Nov 11, 2024
@jszwedko jszwedko added this pull request to the merge queue Nov 11, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Nov 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pront pront pront approved these changes

Assignees
No one assigned
Labels
domain: ci Anything related to Vector's CI environment domain: deps Anything related to Vector's dependencies no-changelog Changes in this PR do not need user-facing explanations in the release changelog
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jszwedko @pront