Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump go.etcd.io/etcd/api/v3 from 3.5.0 to 3.5.1 #1523

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 18, 2021

Bumps go.etcd.io/etcd/api/v3 from 3.5.0 to 3.5.1.

Release notes

Sourced from go.etcd.io/etcd/api/v3's releases.

v3.5.1

Please see Announcing etcd 3.5 blog post.

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out play.etcd.io and operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux
ETCD_VER=v3.5.1
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version

# start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)
ETCD_VER=v3.5.1
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
</tr></table>

... (truncated)

Changelog

Sourced from go.etcd.io/etcd/api/v3's changelog.

v3.5.1 (2021-10-15)

See code changes and v3.5 upgrade guide for any breaking changes.

etcd server

etcd client

package clientv3

  • Endpoints self identify now as etcd-endpoints://{id}/{authority} where authority is based on first endpoint passed, for example etcd-endpoints://0xc0009d8540/localhost:2079

tools/benchmark

Other

  • Updated base image from debian:buster-v1.4.0 to debian:bullseye-20210927 to fix the following critical CVEs:
    • CVE-2021-3711: miscalculation of a buffer size in openssl's SM2 decryption
    • CVE-2021-35942: integer overflow flaw in glibc
    • CVE-2019-9893: incorrect syscall argument generation in libseccomp
    • CVE-2021-36159: libfetch in apk-tools mishandles numeric strings in FTP and HTTP protocols to allow out of bound reads.
Commits
  • d42e858 version: 3.5.1
  • ec56229 Merge pull request #13380 from hexfusion/cp-13376
  • bad9a52 Dockerfile: bump debian bullseye-20210927
  • edb3b5a Merge pull request #13375 from serathius/authority-3.5
  • 79f9a45 client: Use first endpoint as http2 authority header
  • 7f25a50 tests: Add grpc authority e2e tests
  • 58d2b12 client: Add grpc authority header integration tests
  • 6e04e8a tests: Allow configuring integration tests to use TCP
  • 7272a95 test: Use unique number for grpc port
  • 0bac49b tests: Cleanup member interface by exposing Bridge directly
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [go.etcd.io/etcd/api/v3](https://github.com/etcd-io/etcd) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Changelog](https://github.com/etcd-io/etcd/blob/main/CHANGELOG-3.5.md)
- [Commits](etcd-io/etcd@v3.5.0...v3.5.1)

---
updated-dependencies:
- dependency-name: go.etcd.io/etcd/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 18, 2021
@codecov-commenter
Copy link

Codecov Report

Merging #1523 (b045a64) into 3.0 (267c06e) will increase coverage by 0.01%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff             @@
##              3.0    #1523      +/-   ##
==========================================
+ Coverage   41.81%   41.83%   +0.01%     
==========================================
  Files         259      259              
  Lines       15132    15132              
==========================================
+ Hits         6328     6330       +2     
- Misses       8063     8064       +1     
+ Partials      741      738       -3     
Impacted Files Coverage Δ
...tocol/rest/server/server_impl/go_restful_server.go 41.37% <0.00%> (-3.45%) ⬇️
remoting/kubernetes/listener.go 52.83% <0.00%> (ø)
remoting/kubernetes/watch.go 80.55% <0.00%> (+1.85%) ⬆️
remoting/kubernetes/client.go 71.91% <0.00%> (+2.24%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 267c06e...b045a64. Read the comment docs.

@AlexStocks AlexStocks merged commit c1263de into 3.0 Oct 18, 2021
@dependabot dependabot bot deleted the dependabot/go_modules/3.0/go.etcd.io/etcd/api/v3-3.5.1 branch October 18, 2021 14:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants