Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Upgrade go dependencies #27599

Merged
merged 9 commits into from
Oct 13, 2023
Merged

Upgrade go dependencies #27599

merged 9 commits into from
Oct 13, 2023

Conversation

harryzcy
Copy link
Contributor

Upgrade all dependencies in go.mod

golang.org/x/net v0.17.0 also fixes CVE-2023-39325

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Oct 13, 2023
@pull-request-size pull-request-size bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Oct 13, 2023
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Oct 13, 2023
delvh
delvh approved these changes Oct 13, 2023
View reviewed changes
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Oct 13, 2023
@delvh delvh added the backport/v1.21 This PR should be backported to Gitea 1.21 label Oct 13, 2023
@silverwind
Copy link
Member

Need to re-run tests a few times to confirm gocron is stable, see #27511

@silverwind
Copy link
Member

gocron still causing the issue:

--- FAIL: TestAddTaskToScheduler (0.00s)
    tasks_test.go:39: 
        	Error Trace:	/home/runner/work/gitea/gitea/services/cron/tasks_test.go:39
        	Error:      	Not equal: 
        	            	expected: "30 5 4 * * *"
        	            	actual  : "5 4 * * *"
        	            	
        	            	Diff:
        	            	--- Expected
        	            	+++ Actual
        	            	@@ -1 +1 @@
        	            	-30 5 4 * * *
        	            	+5 4 * * *
        	Test:       	TestAddTaskToScheduler
FAIL

delvh
delvh previously requested changes Oct 13, 2023
View reviewed changes
@GiteaBot GiteaBot added lgtm/blocked A maintainer has reservations with the PR and thus it cannot be merged and removed lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. labels Oct 13, 2023
harryzcy and others added 2 commits October 13, 2023 04:50
@harryzcy @delvh
Update go.mod
2dfa485 
Co-authored-by: delvh <dev.lh@web.de>
@harryzcy
Update go.sum
64dc3f7
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/blocked A maintainer has reservations with the PR and thus it cannot be merged labels Oct 13, 2023
@techknowlogick techknowlogick enabled auto-merge (squash) October 13, 2023 15:25
@techknowlogick techknowlogick added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Oct 13, 2023
@techknowlogick techknowlogick merged commit b5a4ec0 into go-gitea:main Oct 13, 2023
@GiteaBot GiteaBot added this to the 1.22.0 milestone Oct 13, 2023
@GiteaBot
Copy link
Collaborator

I was unable to create a backport for 1.21. @harryzcy, please send one manually. 🍵

go run ./contrib/backport 27599
...  // fix git conflicts if any
go run ./contrib/backport --continue

@GiteaBot GiteaBot added backport/manual No power to the bots! Create your backport yourself! and removed reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. labels Oct 13, 2023
harryzcy added a commit to harryzcy/gitea that referenced this pull request Oct 13, 2023
@harryzcy @delvh
Upgrade go dependencies (go-gitea#27599)
d751144 
Backport go-gitea#27599

Upgrade all dependencies in `go.mod`

`golang.org/x/net` v0.17.0 also fixes
[CVE-2023-39325](GHSA-4374-p667-p6c8)

---------

Co-authored-by: delvh <dev.lh@web.de>
@harryzcy harryzcy mentioned this pull request Oct 13, 2023
Merged
@harryzcy harryzcy deleted the bump-go-deps branch October 13, 2023 16:57
techknowlogick pushed a commit that referenced this pull request Oct 13, 2023
@harryzcy @delvh
Upgrade go dependencies (#27599) (#27609)
9f22870 
Backport #27599

Upgrade all dependencies in `go.mod`

`golang.org/x/net` v0.17.0 also fixes
[CVE-2023-39325](GHSA-4374-p667-p6c8)

Co-authored-by: delvh <dev.lh@web.de>
zjjhot added a commit to zjjhot/gitea that referenced this pull request Oct 16, 2023
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
6454a58 
* giteaofficial/main:
  [skip ci] Updated licenses and gitignores
  Improve retrying index issues (go-gitea#27554)
  Replace more db.DefaultContext (go-gitea#27628)
  Fix 404 when there is an internal version of package (go-gitea#27615)
  [skip ci] Updated translations via Crowdin
  Add anchor to review types (go-gitea#26894)
  Update readme to remove drone svg (go-gitea#27624)
  Change the default branch in the agit docs (go-gitea#27621)
  Final round of `db.DefaultContext` refactor (go-gitea#27587)
  Fix permissions for Token DELETE endpoint to match GET and POST (go-gitea#27610)
  Enhanced auth token / remember me (go-gitea#27606)
  [skip ci] Updated translations via Crowdin
  rm outdated docs from some languages (go-gitea#27530)
  Upgrade go dependencies (go-gitea#27599)
  Fix build errors on BSD (in BSDMakefile) (go-gitea#27594)
  Enable shorthands in `declaration-strict-value` linter (go-gitea#27597)
  [skip ci] Updated translations via Crowdin
  Make disk clean action a bit more robust (go-gitea#27590)
@go-gitea go-gitea locked as resolved and limited conversation to collaborators Jan 11, 2024
@lunny lunny added the backport/done All backports for this PR have been created label Feb 22, 2024
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Reviewers

@lunny lunny lunny approved these changes

@silverwind silverwind silverwind approved these changes

@delvh delvh delvh left review comments

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created backport/manual No power to the bots! Create your backport yourself! backport/v1.21 This PR should be backported to Gitea 1.21 lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
1.22.0
Development

Successfully merging this pull request may close these issues.
6 participants
@harryzcy @silverwind @GiteaBot @lunny @delvh @techknowlogick