web: Update moment for CVE-2022-31129 #8856
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Alex Leong <alex@buoyant.io>
mateiidavid
approved these changes
Jul 13, 2022
olix0r
approved these changes
Jul 13, 2022
olix0r
added a commit
that referenced
this pull request
Jul 13, 2022
* Policy controller suggestions * core: Use `http` crate instead of `hyper`'s re-export. `http` is just the core types. `hyper` includes client/server infrastructure which isn't needed. We already pull in both so there's practically no functional difference. * core: Rename `Hostname` to `HostMatch` to be consistent with API types. * core: Rename `HttpRoute`, `HttpFilter`, etc to `Inbound*`. These types are specific to inbound policies. We wouldn't use the same types for outbound policies. * core: Split individual filter types from the `InboundFilter` type so that the `InboundFilter` type doesn't hold all of the details for all of the filters. * core: Make `HeaderMatch` hold `HeaderName` and `HeaderValue` so that we can rely on the validation from these libraries. Notably, `Headervalue` does not necessarily hold a string. * core: Make `QueryParamMatch` an enum, since the `Value` type would only have that one use now. * index: Rename `RouteBinding` to `InboundRouteBinding`, as it holds inbound-specific route configuration. * index: Add a `InboundParentRef` type that describes a validated parent reference. * index: Update `InboundRouteBinding::try_from` to validate parent references and fail reading routes that do not reference servers. * grpc: Move general `http_route` conversions into a dedicated module (to simplify inbound coverters). * Cleanup imports as much as possible, shortening module names with aliases where possible. Because we're frequently converting between different representations of the same types, it's helpful to reference the modules explicitly rather than relying on large sets of imports. * Where possible, we destructure types to document that we are handling all fields on a type. * Update deny.toml for git dependency Signed-off-by: Oliver Gould <ver@buoyant.io> * Upgrade to moment 2.29.4 (#8856) Signed-off-by: Alex Leong <alex@buoyant.io> * build(deps): bump google.golang.org/grpc from 1.47.0 to 1.48.0 (#8857) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.47.0 to 1.48.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.47.0...v1.48.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add port to helm Values (#8855) Fix `linkerd-viz` helm chart documentation for jaeger integration. Adds miss port to jaeger url example in `value.yaml`. This port is required to allow the dashboard to proxy to the jaeger instance. This brings the example given in the `values.yaml` file in line with the web docs. Closes #8851 Signed-off-by: Harry Walter <harry@bluebamboostudios.com> * policy: Index authorization policies with no authentications (#8865) In 1a0c1c3 we updated the admission controller to allow `AuthorizationPolicy` resources with an empty `requiredAuthenticationRefs`. But we did NOT update the indexer, so we would allow these resources to be created but then fail to honor them in the API. To fix this: 1. The `AuthorizationPolicy` admission controller is updated to exercise the indexer's validation so that it is impossible to admit resources that will be discarded by the indexer; 2. An e2e test is added to exercise this configuration; 3. The indexer's validation is updated to accept resources with no authentications. Signed-off-by: Oliver Gould <ver@buoyant.io> * Simply ignore non-server parent refs when indexing Signed-off-by: Oliver Gould <ver@buoyant.io> Co-authored-by: Alex Leong <alex@buoyant.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Harry Walter <harry.walter@lqdinternet.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Moment 2.29.4 fixes moment/moment#6015 (comment)
Signed-off-by: Alex Leong alex@buoyant.io