-
Notifications
You must be signed in to change notification settings - Fork 507
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump golang.google.org/grpc to v1.57.1 #427
Merged
dragonsinth
merged 3 commits into
fullstorydev:master
from
ns-yuhanl:bump-golang.google.org-grpc
Oct 26, 2023
Merged
Bump golang.google.org/grpc to v1.57.1 #427
dragonsinth
merged 3 commits into
fullstorydev:master
from
ns-yuhanl:bump-golang.google.org-grpc
Oct 26, 2023
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
ns-yuhanl
commented
Oct 26, 2023
- See GHSA-m425-mq94-257g for CVE details.
dragonsinth
approved these changes
Oct 26, 2023
LGTM but not an actual vuln for gRPCurl |
bungle
added a commit
to Kong/kong
that referenced
this pull request
Apr 23, 2024
### Summary ### v1.9.1 - Update Dockerfile to use Go v1.21 (fullstorydev/grpcurl#455) - chore: fix some typos in comments (fullstorydev/grpcurl#454) ### v1.9.0 - Use latest protoreflect to fix some bugs (fullstorydev/grpcurl#453) - Brand name update (fullstorydev/grpcurl#452) - Bump github.com/golang/protobuf from 1.5.3 to 1.5.4 (fullstorydev/grpcurl#448) - goreleaser: bump version & add nfmp support fullstorydev/grpcurl#440) - Enable xDS credentials (fullstorydev/grpcurl#424) - Bump github.com/jhump/protoreflect from 1.15.5 to 1.15.6 (fullstorydev/grpcurl#446) - Use localhost for default unix domain socket authority (fullstorydev/grpcurl#445) - Bump github.com/jhump/protoreflect from 1.15.4 to 1.15.5 (fullstorydev/grpcurl#443) - Added initial support for -t flag to show timings (fullstorydev/grpcurl#428) - Expand the documentation of -max-time to clarify this sets the RPC timeout (fullstorydev/grpcurl#435) - Bump github.com/jhump/protoreflect from 1.15.3 to 1.15.4 (fullstorydev/grpcurl#436) - Bump google.golang.org/protobuf from 1.31.0 to 1.32.0 (fullstorydev/grpcurl#437) - indent: rip out old go 1.9 support - Bump golang.google.org/grpc to v1.57.1 (fullstorydev/grpcurl#427) - Update Tarball URL used by Homebrew (fullstorydev/grpcurl#421) #### v1.8.9 - Disable CGO for improved compatibility across distros (fullstorydev/grpcurl#420) - Bump golang.org/x/net from 0.9.0 to 0.17.0 (fullstorydev/grpcurl#419) - SIGSEGV: panic: runtime error: invalid memory address or nil pointer dereference in protoreflect (fullstorydev/grpcurl#416) - Added alts credential option (fullstorydev/grpcurl#341) #### v1.8.8 - Update go.mod, goreleaser for v1.8.8 (fullstorydev/grpcurl#413) - Run tests on Go 1.21 (fullstorydev/grpcurl#408) - Update protoreflect v1.15.2 and grpc v1.57.0 (fullstorydev/grpcurl#406) - Use grpc.reflection.v1.ServerReflection (fullstorydev/grpcurl#407) - Bump google.golang.org/protobuf from 1.30.0 to 1.31.0 (fullstorydev/grpcurl#401) - Bump google.golang.org/grpc from 1.55.0 to 1.56.1 (fullstorydev/grpcurl#400) - Fix issues with error details (fullstorydev/grpcurl#379) - fix nil-dereference panic (fullstorydev/grpcurl#395) - Bump google.golang.org/grpc from 1.54.0 to 1.55.0 (fullstorydev/grpcurl#390) - Add "checkgenerate" make target to CI (fullstorydev/grpcurl#385) - Bump google.golang.org/grpc from 1.53.0 to 1.54.0 (fullstorydev/grpcurl#383) - Bump google.golang.org/protobuf from 1.29.1 to 1.30.0 (fullstorydev/grpcurl#378) - Bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (fullstorydev/grpcurl#376) - Bump google.golang.org/protobuf from 1.28.1 to 1.29.0 (fullstorydev/grpcurl#375) - Bump github.com/golang/protobuf from 1.5.2 to 1.5.3 (fullstorydev/grpcurl#374) - Bump google.golang.org/grpc from 1.52.3 to 1.53.0 (fullstorydev/grpcurl#370) - Install the CodeSee workflow. Learn more at https://docs.codesee.io (fullstorydev/grpcurl#368) - Bump google.golang.org/grpc from 1.51.0 to 1.52.3 (fullstorydev/grpcurl#365) - Bump github.com/jhump/protoreflect from 1.14.0 to 1.14.1 (fullstorydev/grpcurl#361) - Bump google.golang.org/grpc from 1.50.1 to 1.51.0 (fullstorydev/grpcurl#348) - fix funcname in comment (fullstorydev/grpcurl#346) - Bump github.com/jhump/protoreflect from 1.13.0 to 1.14.0 (fullstorydev/grpcurl#343) - Bump google.golang.org/grpc from 1.50.0 to 1.50.1 (fullstorydev/grpcurl#338) - Bump google.golang.org/grpc from 1.49.0 to 1.50.0 (fullstorydev/grpcurl#336) - Bump github.com/jhump/protoreflect from 1.12.0 to 1.13.0 (fullstorydev/grpcurl#335) - Bump google.golang.org/grpc from 1.48.0 to 1.49.0 (fullstorydev/grpcurl#330) - fixup release process (fullstorydev/grpcurl#328) #### v1.8.7 - Unix sockets for windows - Lots of dependency version updates - Support for Go 1.18 - Add go 1.18 support; set Dockerfile to go 1.18 (fullstorydev/grpcurl#325) - build alpine base image (fullstorydev/grpcurl#311) - fix some typos (fullstorydev/grpcurl#314) - Bump google.golang.org/grpc from 1.47.0 to 1.48.0 (fullstorydev/grpcurl#324) - Adding power(ppc64le) arch support (fullstorydev/grpcurl#296) - Enable support for Unix sockets for Windows by enabling -unix flag for Windows builds. (fullstorydev/grpcurl#317) - Bump google.golang.org/grpc from 1.46.2 to 1.47.0 (fullstorydev/grpcurl#315) - Bump github.com/jhump/protoreflect from 1.10.3 to 1.12.0 (fullstorydev/grpcurl#294) - Bump google.golang.org/grpc from 1.44.0 to 1.46.2 (fullstorydev/grpcurl#310) - Bump google.golang.org/protobuf from 1.27.1 to 1.28.0 (fullstorydev/grpcurl#298) - use newer goreleaser (fullstorydev/grpcurl#293) - Restore support for linux/s390x for the next release. (fullstorydev/grpcurl#292) - Bump google.golang.org/protobuf from 1.26.0 to 1.27.1 (fullstorydev/grpcurl#288) #### v1.8.6 - Some bugs have been addressed in the library used to parse proto source files. Previously grpcurl would accept proto source files that could not actually be compiled with protoc. The converse could also happen: grpcurl could reject some proto source files that could successfully be compiled with protoc. More details can be found in the release notes for the changes to the protoparse library, versions v1.10.2 and v1.10.3. - Some implementations of the server reflection service have been observed to return multiple (even superfluous) file descriptors, in response to requests made by grpcurl. These extra files, if not returned in a particular order, would cause grpcurl to report an error that the service or method to be invoked could be not be resolved. The reflection client in grpcurl is now more robust to this condition and can handle responses with file descriptors in any order, so it should be interoperable with a larger variety of servers. - When a request message includes a field of type google.protobuf.Value and a value for that field that was a JSON array, grpcurl would incorrectly interpret the JSON array as if it were a single atomic value, the last value that was in the array. This has been fixed. - When a response message includes non-printable characters or code points outside the ASCII 7-bit range in the name of a field in a JSON object, it could be improperly encoded with escape characters that are not valid JSON. Standard tools/libraries could then fail to parse the JSON output from grpcurl. This has been fixed. Signed-off-by: Aapo Talvensaari <aapo.talvensaari@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.