search

apache / submarine

Submarine is Cloud Native Machine Learning Platform.
https://submarine.apache.org/
Apache License 2.0
691 stars 254 forks source link

Bump github.com/traefik/traefik/v2 from 2.4.8 to 2.9.10 in /submarine-cloud-v2 #1061

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps github.com/traefik/traefik/v2 from 2.4.8 to 2.9.10.

Release notes

Sourced from github.com/traefik/traefik/v2's releases.

v2.9.10

CVE-2023-29013 Related to CVE-2023-24534

v2.9.9

Bug fixes:

  • [acme] Update go-acme/lego to v4.10.2 (#9749 by ldez)
  • [http3] Update quic-go to v0.33.0 (#9737 by ldez)
  • [metrics] Include user-defined default cert for traefik_tls_certs_not_after metric (#9742 by rtribotte)
  • [middleware] Update vulcand/oxy to a0e9f7ff1040 (#9750 by ldez)
  • [nomad] Fix default configuration settings for Nomad Provider (#9758 by aofei)
  • [nomad] Fix Nomad client TLS defaults (#9795 by rtribotte)
  • [server] Remove User-Agent header removal from ReverseProxy director func (#9752 by rtribotte)

Documentation:

  • [middleware] Clarify ratelimit middleware (#9777 by mpl)
  • [tcp] Correcting variable name 'server address' in TCP Router (#9743 by ralphg6)

v2.9.8

Bug fixes:

  • [server] Update golang.org/x/net to v0.7.0 (#9716 by ldez)

fix CVE-2022-41724

v2.9.7

Bug fixes:

  • [acme] Update go-acme/lego to v4.10.0 (#9705 by ldez)
  • [ecs] Prevent panicking when a container has no network interfaces (#9661 by rtribotte)
  • [file] Make file provider more resilient wrt first configuration (#9595 by mpl)
  • [logs] Differentiate UDP stream and TCP connection in logs (#9687 by rtribotte)
  • [middleware] Prevent from no rate limiting when average is zero (#9621 by witalisoft)
  • [middleware] Prevents superfluous WriteHeader call in the error middleware (#9620 by tomMoulard)
  • [middleware] Sanitize X-Forwarded-Proto header in RedirectScheme middleware (#9598 by ldez)
  • [plugins] Update paerser to v0.2.0 (#9671 by ldez)
  • [plugins] Update Yaegi to v0.15.0 (#9700 by ldez)
  • [tls,http3] Bump quic-go to 89769f409f (#9685 by mpl)
  • [tls,tcp] Adds the support for IPv6 in the TCP HostSNI matcher (#9692 by rtribotte)

Documentation:

  • [acme] Add CNAME support and gotchas (#9698 by mpl)
  • [acme] Further Let's Encrypt ratelimit warnings (#9627 by hcooper)
  • [k8s] Add info admonition about routing to k8 services (#9645 by svx)
  • [k8s] Improve TLSStore CRD documentation (#9579 by mloiseleur)
  • [middleware] doc: add note about remoteaddr strategy (#9701 by mpl)
  • Update copyright to match new standard (#9651 by paulocfjunior)
  • Update copyright for 2023 (#9631 by kevinpollet)
  • Update submitting pull requests to include language about drafts (#9609 by tfny)

v2.9.6

... (truncated)

Changelog

Sourced from github.com/traefik/traefik/v2's changelog.

v2.9.10 (2023-04-06)

All Commits

v2.9.9 (2023-03-21)

All Commits

Bug fixes:

  • [acme] Update go-acme/lego to v4.10.2 (#9749 by ldez)
  • [http3] Update quic-go to v0.33.0 (#9737 by ldez)
  • [metrics] Include user-defined default cert for traefik_tls_certs_not_after metric (#9742 by rtribotte)
  • [middleware] Update vulcand/oxy to a0e9f7ff1040 (#9750 by ldez)
  • [nomad] Fix default configuration settings for Nomad Provider (#9758 by aofei)
  • [nomad] Fix Nomad client TLS defaults (#9795 by rtribotte)
  • [server] Remove User-Agent header removal from ReverseProxy director func (#9752 by rtribotte)

Documentation:

  • [middleware] Clarify ratelimit middleware (#9777 by mpl)
  • [tcp] Correcting variable name 'server address' in TCP Router (#9743 by ralphg6)

v2.9.8 (2023-02-15)

All Commits

Bug fixes:

  • [server] Update golang.org/x/net to v0.7.0 (#9716 by ldez)

v2.9.7 (2023-02-14)

All Commits

Bug fixes:

  • [acme] Update go-acme/lego to v4.10.0 (#9705 by ldez)
  • [ecs] Prevent panicking when a container has no network interfaces (#9661 by rtribotte)
  • [file] Make file provider more resilient wrt first configuration (#9595 by mpl)
  • [logs] Differentiate UDP stream and TCP connection in logs (#9687 by rtribotte)
  • [middleware] Prevent from no rate limiting when average is zero (#9621 by witalisoft)
  • [middleware] Prevents superfluous WriteHeader call in the error middleware (#9620 by tomMoulard)
  • [middleware] Sanitize X-Forwarded-Proto header in RedirectScheme middleware (#9598 by ldez)
  • [plugins] Update paerser to v0.2.0 (#9671 by ldez)
  • [plugins] Update Yaegi to v0.15.0 (#9700 by ldez)
  • [tls,http3] Bump quic-go to 89769f409f (#9685 by mpl)
  • [tls,tcp] Adds the support for IPv6 in the TCP HostSNI matcher (#9692 by rtribotte)

Documentation:

  • [acme] Add CNAME support and gotchas (#9698 by mpl)
  • [acme] Further Let's Encrypt ratelimit warnings (#9627 by hcooper)
  • [k8s] Add info admonition about routing to k8 services (#9645 by svx)
  • [k8s] Improve TLSStore CRD documentation (#9579 by mloiseleur)
  • [middleware] doc: add note about remoteaddr strategy (#9701 by mpl)
  • Update copyright to match new standard (#9651 by paulocfjunior)
  • Update copyright for 2023 (#9631 by kevinpollet)
  • Update submitting pull requests to include language about drafts (#9609 by tfny)

... (truncated)

Commits
  • 4ed3964 Prepare release v2.9.10
  • a020ab6 Prepare release v2.9.9
  • 48a2c8e Fix Nomad client TLS defaults
  • b3f162a Fix default configuration settings for Nomad Provider
  • 4aa3496 Add HTTP 103 early hints unit test
  • bbe6a5c doc: clarify ratelimit middleware
  • 21c455c Remove User-Agent header removal from ReverseProxy director func
  • 667b2a4 Update vulcand/oxy to a0e9f7ff1040
  • 4ae07d9 Update go-acme/lego to v4.10.2
  • 7bdf13e Correcting variable name 'server address' in TCP Router
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/submarine/network/alerts).
codecov[bot] commented 1 year ago

Codecov Report

Merging #1061 (a66312a) into master (1783097) will not change coverage. The diff coverage is n/a.

@@           Coverage Diff           @@
##           master    #1061   +/-   ##
=======================================
  Coverage   75.98%   75.98%           
=======================================
  Files         119      119           
  Lines        5000     5000           
=======================================
  Hits         3799     3799           
  Misses       1201     1201
Flag Coverage Δ
python-integration 59.72% <ø> (ø)
python-unit 52.48% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more

cdmikechen commented 1 year ago

We plan to stop updating and maintaining operator-v2 from 0.8.0, so this PR is temporarily closed.

dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.