Skip to content

Commit b6e1ae6

Browse files
sanzmaurosanzmauro
authored
Merge pull request #313 from splitio/fix/vulnerabilities
2 parents 13f4dd7 + be01cc2 commit b6e1ae6

File tree

6 files changed

+35
-12
lines changed

6 files changed

+35
-12
lines changed

CHANGES.txt

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,14 @@
1+
5.10.1 (Apr 23, 2025)
2+
- Fixed vulnerabilities:
3+
- Updated golang image to 1.23.8
4+
- Updated debian image to 12.10
5+
- Updated golang.org/x/net to 0.39.0
6+
- Updated golang.org/x/crypto to 0.37.0
7+
- Updated golang.org/x/sync to 0.13.0
8+
- Updated golang.org/x/sys to 0.32.0
9+
- Updated golang.org/x/text to 0.24.0
10+
- Updated go-redis to 9.7.3
11+
112
5.10.0 (Jan 23, 2025)
213
- Added support for the new impressions tracking toggle available on feature flags, both respecting the setting. Read more in our docs.
314
- Added support for arm64 in docker images.

docker/Dockerfile.proxy

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
# Build stage
2-
FROM golang:1.23.5-bookworm AS builder
2+
FROM golang:1.23.8-bookworm AS builder
33

44
ARG EXTRA_BUILD_ARGS
55
ARG FIPS_MODE
@@ -17,7 +17,7 @@ RUN bash -c 'if [[ "${FIPS_MODE}" = "enabled" ]]; \
1717
fi'
1818

1919
# Runner stage
20-
FROM debian:12.9 AS runner
20+
FROM debian:12.10 AS runner
2121

2222
RUN apt update -y
2323
RUN apt install -y bash ca-certificates

docker/Dockerfile.synchronizer

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
# Build stage
2-
FROM golang:1.23.5-bookworm AS builder
2+
FROM golang:1.23.8-bookworm AS builder
33

44
ARG EXTRA_BUILD_ARGS
55
ARG FIPS_MODE
@@ -17,7 +17,7 @@ RUN bash -c 'if [[ "${FIPS_MODE}" = "enabled" ]]; \
1717
fi'
1818

1919
# Runner stage
20-
FROM debian:12.9 AS runner
20+
FROM debian:12.10 AS runner
2121

2222
RUN apt update -y
2323
RUN apt install -y bash ca-certificates

go.mod

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/splitio/split-synchronizer/v5
22

3-
go 1.23.5
3+
go 1.23.8
44

55
require (
66
github.com/gin-contrib/cors v1.6.0
@@ -39,16 +39,16 @@ require (
3939
github.com/modern-go/reflect2 v1.0.2 // indirect
4040
github.com/pelletier/go-toml/v2 v2.2.2 // indirect
4141
github.com/pmezard/go-difflib v1.0.0 // indirect
42-
github.com/redis/go-redis/v9 v9.0.4 // indirect
42+
github.com/redis/go-redis/v9 v9.7.3 // indirect
4343
github.com/stretchr/objx v0.5.2 // indirect
4444
github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
4545
github.com/ugorji/go/codec v1.2.12 // indirect
4646
golang.org/x/arch v0.8.0 // indirect
47-
golang.org/x/crypto v0.31.0 // indirect
48-
golang.org/x/net v0.33.0 // indirect
49-
golang.org/x/sync v0.10.0 // indirect
50-
golang.org/x/sys v0.28.0 // indirect
51-
golang.org/x/text v0.21.0 // indirect
47+
golang.org/x/crypto v0.37.0 // indirect
48+
golang.org/x/net v0.39.0 // indirect
49+
golang.org/x/sync v0.13.0 // indirect
50+
golang.org/x/sys v0.32.0 // indirect
51+
golang.org/x/text v0.24.0 // indirect
5252
google.golang.org/protobuf v1.34.1 // indirect
5353
gopkg.in/yaml.v3 v3.0.1 // indirect
5454
)

go.sum

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,8 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
8888
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
8989
github.com/redis/go-redis/v9 v9.0.4 h1:FC82T+CHJ/Q/PdyLW++GeCO+Ol59Y4T7R4jbgjvktgc=
9090
github.com/redis/go-redis/v9 v9.0.4/go.mod h1:WqMKv5vnQbRuZstUwxQI195wHy+t4PuXDOjzMvcuQHk=
91+
github.com/redis/go-redis/v9 v9.7.3 h1:YpPyAayJV+XErNsatSElgRZZVCwXX9QzkKYNvO7x0wM=
92+
github.com/redis/go-redis/v9 v9.7.3/go.mod h1:bGUrSggJ9X9GUmZpZNEOQKaANxSGgOEBRltRTZHSvrA=
9193
github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
9294
github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUAtL9R8=
9395
github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
@@ -127,13 +129,19 @@ golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
127129
golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
128130
golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
129131
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
132+
golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE=
133+
golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc=
130134
golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=
131135
golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo=
132136
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
133137
golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
134138
golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
139+
golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY=
140+
golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E=
135141
golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
136142
golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
143+
golang.org/x/sync v0.13.0 h1:AauUjRAJ9OSnvULf/ARrrVywoJDy0YS2AwQ98I37610=
144+
golang.org/x/sync v0.13.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
137145
golang.org/x/sys v0.0.0-20200923182605-d9f96fdee20d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
138146
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
139147
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -143,11 +151,15 @@ golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
143151
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
144152
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
145153
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
154+
golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20=
155+
golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
146156
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
147157
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
148158
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
149159
golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
150160
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
161+
golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0=
162+
golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU=
151163
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
152164
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
153165
google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=

splitio/version.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,4 +2,4 @@
22
package splitio
33

44
// Version is the version of this Agent
5-
const Version = "5.10.0"
5+
const Version = "5.10.1"

0 commit comments

Comments
 (0)