-
Notifications
You must be signed in to change notification settings - Fork 781
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update Directory.Packages.props #2413
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
fixes OpenTelemetry package vulnerability
JamesNK
approved these changes
Apr 17, 2024
oguzhand95
referenced
this pull request
in cerbos/cerbos-sdk-net
May 31, 2024
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [Google.Protobuf](https://github.com/protocolbuffers/protobuf) | `3.26.1` -> `3.27.0` | [![age](https://developer.mend.io/api/mc/badges/age/nuget/Google.Protobuf/3.27.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/nuget/Google.Protobuf/3.27.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/nuget/Google.Protobuf/3.26.1/3.27.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/nuget/Google.Protobuf/3.26.1/3.27.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [Grpc.Net.Client](https://github.com/grpc/grpc-dotnet) | `2.62.0` -> `2.63.0` | [![age](https://developer.mend.io/api/mc/badges/age/nuget/Grpc.Net.Client/2.63.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/nuget/Grpc.Net.Client/2.63.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/nuget/Grpc.Net.Client/2.62.0/2.63.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/nuget/Grpc.Net.Client/2.62.0/2.63.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [Microsoft.NET.Test.Sdk](https://github.com/microsoft/vstest) | `17.9.0` -> `17.10.0` | [![age](https://developer.mend.io/api/mc/badges/age/nuget/Microsoft.NET.Test.Sdk/17.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/nuget/Microsoft.NET.Test.Sdk/17.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/nuget/Microsoft.NET.Test.Sdk/17.9.0/17.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/nuget/Microsoft.NET.Test.Sdk/17.9.0/17.10.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>grpc/grpc-dotnet (Grpc.Net.Client)</summary> ### [`v2.63.0`](https://github.com/grpc/grpc-dotnet/releases/tag/v2.63.0) ##### What's Changed - Prevent block inside ResolveAsync from blocking PollingResolver.Refresh by [@​JamesNK](https://github.com/JamesNK) in [https://github.com/grpc/grpc-dotnet/pull/2385](https://github.com/grpc/grpc-dotnet/pull/2385) - Bump follow-redirects from 1.15.4 to 1.15.6 in /testassets/InteropTestsGrpcWebWebsite/Tests by [@​dependabot](https://github.com/dependabot) in [https://github.com/grpc/grpc-dotnet/pull/2392](https://github.com/grpc/grpc-dotnet/pull/2392) - Update microsoft-support.md by [@​JamesNK](https://github.com/JamesNK) in [https://github.com/grpc/grpc-dotnet/pull/2403](https://github.com/grpc/grpc-dotnet/pull/2403) - fix a couple typos in README.md by [@​jjanuszkiewicz](https://github.com/jjanuszkiewicz) in [https://github.com/grpc/grpc-dotnet/pull/2397](https://github.com/grpc/grpc-dotnet/pull/2397) - Interrupt existing subchannel connect attempt when reconnect is requested by [@​JamesNK](https://github.com/JamesNK) in [https://github.com/grpc/grpc-dotnet/pull/2410](https://github.com/grpc/grpc-dotnet/pull/2410) - Update Directory.Packages.props by [@​WeihanLi](https://github.com/WeihanLi) in [https://github.com/grpc/grpc-dotnet/pull/2413](https://github.com/grpc/grpc-dotnet/pull/2413) - [#​2401](https://github.com/grpc/grpc-dotnet/issues/2401) Add new TFM's so package dependency can be removed by [@​thompson-tomo](https://github.com/thompson-tomo) in [https://github.com/grpc/grpc-dotnet/pull/2402](https://github.com/grpc/grpc-dotnet/pull/2402) - support `ReadAllAsync` for netstandard2.0 by [@​WeihanLi](https://github.com/WeihanLi) in [https://github.com/grpc/grpc-dotnet/pull/2411](https://github.com/grpc/grpc-dotnet/pull/2411) - Fix ObjectDisposedException message by [@​drewnoakes](https://github.com/drewnoakes) in [https://github.com/grpc/grpc-dotnet/pull/2415](https://github.com/grpc/grpc-dotnet/pull/2415) - Enable multiple connections with WinHttpHandler by default by [@​JamesNK](https://github.com/JamesNK) in [https://github.com/grpc/grpc-dotnet/pull/2416](https://github.com/grpc/grpc-dotnet/pull/2416) - Fix memory leak when using call context propagation with cancellation token by [@​JamesNK](https://github.com/JamesNK) in [https://github.com/grpc/grpc-dotnet/pull/2421](https://github.com/grpc/grpc-dotnet/pull/2421) - Fix HTTP/3 test errors on .NET 6 by [@​JamesNK](https://github.com/JamesNK) in [https://github.com/grpc/grpc-dotnet/pull/2423](https://github.com/grpc/grpc-dotnet/pull/2423) - Add semaphore to limit subchannel connect to prevent race conditions by [@​JamesNK](https://github.com/JamesNK) in [https://github.com/grpc/grpc-dotnet/pull/2422](https://github.com/grpc/grpc-dotnet/pull/2422) - Don't capture async locals in resolver by [@​JamesNK](https://github.com/JamesNK) in [https://github.com/grpc/grpc-dotnet/pull/2426](https://github.com/grpc/grpc-dotnet/pull/2426) - Update Grpc.Tools to 2.63 by [@​apolcyn](https://github.com/apolcyn) in [https://github.com/grpc/grpc-dotnet/pull/2429](https://github.com/grpc/grpc-dotnet/pull/2429) - Bump 2.63.x branch to 2.63.0-pre1 by [@​apolcyn](https://github.com/apolcyn) in [https://github.com/grpc/grpc-dotnet/pull/2430](https://github.com/grpc/grpc-dotnet/pull/2430) - Fix build on v2.63.x - cherry pick [https://github.com/grpc/grpc-dotnet/pull/2437](https://github.com/grpc/grpc-dotnet/pull/2437) by [@​apolcyn](https://github.com/apolcyn) in [https://github.com/grpc/grpc-dotnet/pull/2442](https://github.com/grpc/grpc-dotnet/pull/2442) - Bump 2.63.x to stable release by [@​apolcyn](https://github.com/apolcyn) in [https://github.com/grpc/grpc-dotnet/pull/2440](https://github.com/grpc/grpc-dotnet/pull/2440) ##### New Contributors - [@​jjanuszkiewicz](https://github.com/jjanuszkiewicz) made their first contribution in [https://github.com/grpc/grpc-dotnet/pull/2397](https://github.com/grpc/grpc-dotnet/pull/2397) - [@​thompson-tomo](https://github.com/thompson-tomo) made their first contribution in [https://github.com/grpc/grpc-dotnet/pull/2402](https://github.com/grpc/grpc-dotnet/pull/2402) - [@​drewnoakes](https://github.com/drewnoakes) made their first contribution in [https://github.com/grpc/grpc-dotnet/pull/2415](https://github.com/grpc/grpc-dotnet/pull/2415) **Full Changelog**: grpc/grpc-dotnet@v2.62.0...v2.63.0 </details> <details> <summary>microsoft/vstest (Microsoft.NET.Test.Sdk)</summary> ### [`v17.10.0`](https://github.com/microsoft/vstest/releases/tag/v17.10.0) ##### What's Changed - Add missing runtimeconfig.json file for 8.0 by [@​MarcoRossignoli](https://github.com/MarcoRossignoli) in [https://github.com/microsoft/vstest/pull/4792](https://github.com/microsoft/vstest/pull/4792) - Localized file check-in by OneLocBuild Task: Build definition ID 1222: Build ID [`2338548`](https://github.com/microsoft/vstest/commit/2338548) by [@​dotnet-bot](https://github.com/dotnet-bot) in [https://github.com/microsoft/vstest/pull/4794](https://github.com/microsoft/vstest/pull/4794) - Disable testhost prestart by [@​nohwnd](https://github.com/nohwnd) in [https://github.com/microsoft/vstest/pull/4833](https://github.com/microsoft/vstest/pull/4833) - Terminal logger fixes by [@​nohwnd](https://github.com/nohwnd) in [https://github.com/microsoft/vstest/pull/4834](https://github.com/microsoft/vstest/pull/4834) - Add RiscV64 by [@​nohwnd](https://github.com/nohwnd) in [https://github.com/microsoft/vstest/pull/4838](https://github.com/microsoft/vstest/pull/4838) - Add deterministic source mapping storing for Microsoft.CodeCoverage by [@​jakubch1](https://github.com/jakubch1) in [https://github.com/microsoft/vstest/pull/4849](https://github.com/microsoft/vstest/pull/4849) - Fix terminal logger encoding & error by [@​nohwnd](https://github.com/nohwnd) in [https://github.com/microsoft/vstest/pull/4853](https://github.com/microsoft/vstest/pull/4853) - Update sourcebuild configuration to build net previous and net current by [@​Evangelink](https://github.com/Evangelink) in [https://github.com/microsoft/vstest/pull/4856](https://github.com/microsoft/vstest/pull/4856) - Updating version of Microsoft.VisualStudio.Interop to 17.10 by [@​MSLukeWest](https://github.com/MSLukeWest) in [https://github.com/microsoft/vstest/pull/4866](https://github.com/microsoft/vstest/pull/4866) - Add VSTEST_DIAG_VERBOSITY to help by [@​nohwnd](https://github.com/nohwnd) in [https://github.com/microsoft/vstest/pull/4882](https://github.com/microsoft/vstest/pull/4882) - Fix feature flag name by [@​nohwnd](https://github.com/nohwnd) in [https://github.com/microsoft/vstest/pull/4885](https://github.com/microsoft/vstest/pull/4885) - Improve terminal logger by [@​nohwnd](https://github.com/nohwnd) in [https://github.com/microsoft/vstest/pull/4877](https://github.com/microsoft/vstest/pull/4877) - Remove PackageLicenseFile preventing PackageLicenseExpression from working by [@​lahma](https://github.com/lahma) in [https://github.com/microsoft/vstest/pull/4890](https://github.com/microsoft/vstest/pull/4890) - Add GitHub Actions logger by [@​martincostello](https://github.com/martincostello) in [https://github.com/microsoft/vstest/pull/4906](https://github.com/microsoft/vstest/pull/4906) - Ensure to send a session complete event by [@​drognanar](https://github.com/drognanar) in [https://github.com/microsoft/vstest/pull/4878](https://github.com/microsoft/vstest/pull/4878) - specify Win10 + maxversiontested to enable xaml APIs to be used in tests running under testhost.exe by [@​ChrisGuzak](https://github.com/ChrisGuzak) in [https://github.com/microsoft/vstest/pull/4888](https://github.com/microsoft/vstest/pull/4888) - Make VSTest repo buildable in VMR non-source-build by [@​ViktorHofer](https://github.com/ViktorHofer) in [https://github.com/microsoft/vstest/pull/4920](https://github.com/microsoft/vstest/pull/4920) - Migrate pipelines by [@​nohwnd](https://github.com/nohwnd) in [https://github.com/microsoft/vstest/pull/4921](https://github.com/microsoft/vstest/pull/4921) - Add test name to MSBuild where we have frame. by [@​nohwnd](https://github.com/nohwnd) in [https://github.com/microsoft/vstest/pull/4935](https://github.com/microsoft/vstest/pull/4935) - \[rel/17.10] Add list of known TestingPlatform dlls by [@​nohwnd](https://github.com/nohwnd) in [https://github.com/microsoft/vstest/pull/4982](https://github.com/microsoft/vstest/pull/4982) And many infrastructure related changes and updates. ##### New Contributors - [@​ellahathaway](https://github.com/ellahathaway) made their first contribution in [https://github.com/microsoft/vstest/pull/4785](https://github.com/microsoft/vstest/pull/4785) - [@​MSLukeWest](https://github.com/MSLukeWest) made their first contribution in [https://github.com/microsoft/vstest/pull/4866](https://github.com/microsoft/vstest/pull/4866) - [@​lahma](https://github.com/lahma) made their first contribution in [https://github.com/microsoft/vstest/pull/4890](https://github.com/microsoft/vstest/pull/4890) - [@​ChrisGuzak](https://github.com/ChrisGuzak) made their first contribution in [https://github.com/microsoft/vstest/pull/4888](https://github.com/microsoft/vstest/pull/4888) **Full Changelog**: microsoft/vstest@v17.9.0...v17.10.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/cerbos/cerbos-sdk-net). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImJvdHMiLCJjaG9yZSIsImNpIl19--> Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oğuzhan Durgun <oguzhandurgun95@gmail.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
fixes OpenTelemetry package vulnerability
https://github.com/grpc/grpc-dotnet/actions/runs/8697880404/job/23853935764