Closed sicoyle closed 3 months ago
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 64.20%. Comparing base (
27248ba
) to head (83c9622
). Report is 14 commits behind head on main.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Since this suppresses important deprecation notices - there definitely should be a follow-up issue created to migrate the way we create grpc client connections going forwards.
yes, I opened one on dapr/dapr, but will open a similar one here as well and everywhere else I made these updates 😁
Since this suppresses important deprecation notices - there definitely should be a follow-up issue created to migrate the way we create grpc client connections going forwards.
yes, I opened one on dapr/dapr, but will open a similar one here as well and everywhere else I made these updates 😁
I appreciate snyk is unable to process this repo for one reason or another but have you noticed snyk not liking v1.64.0 as it has a dependency on x/net 0.22?
I appreciate snyk is unable to process this repo for one reason or another but have you noticed snyk not liking v1.64.0 as it has a dependency on x/net 0.22?
No, I have no insights to see why snyk fails tbh. It failed intermittently on my other security vulnerability bump PRs too. I can try v1.63.0 if you'd like and see if it likes that better or see if there is a version that will change the x/net dep
I appreciate snyk is unable to process this repo for one reason or another but have you noticed snyk not liking v1.64.0 as it has a dependency on x/net 0.22?
No, I have no insights to see why snyk fails tbh. It failed intermittently on my other security vulnerability bump PRs too. I can try v1.63.0 if you'd like and see if it likes that better or see if there is a version that will change the x/net dep
I've raised it, I'm not going crazy thankfully. There was an issue updating x/net to v0.22< and I've been told a release is on the way. This looks good to merge and we should have a minor grpc bump at some point in the future 👍
@holopin-bot @sicoyle Thanks Sam!
Congratulations @sicoyle, the maintainer of this repository has issued you a badge! Here it is: https://holopin.io/claim/clzvbao8b199510cjvilu5vmmt
This badge can only be claimed by you, so make sure that your GitHub account is linked to your Holopin account. You can manage those preferences here: https://holopin.io/account. Or if you're new to Holopin, you can simply sign up with GitHub, which will do the trick!
Description
Related to efforts to improve security vulnerabilities. Other efforts below that are related: https://github.com/dapr/dapr/pull/7681 https://github.com/dapr/components-contrib/pull/3390
Issue reference
Please reference the issue this PR will close: #[issue number]
Checklist
Please make sure you've completed the relevant tasks for this PR, out of the following list: