The first dedicated release for the containerd 1.7 API. This release is
separately tagged from the main 1.7.x releases after the v1.7.18
release but follows the versioning.
The nineteenth patch release for containerd 1.7 contains various updates and
splits the main module from the api module in preparation for the same change
in containerd 2.0. Splitting the modules will allow 1.7 and 2.x to both exist
... (truncated)
Commits
2bf793e Merge pull request #10391 from dmcgowan/prepare-v1.7.19
grpc: channel idleness enabled by default with an idle_timeout of 30m (#6585)
Documentation
examples: add an example of flow control behavior (#6648)
Bug Fixes
xds: fix hash policy header to skip "-bin" headers and read content-type header as expected (#6609)
Release 1.58.3
Security
server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)
In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.
Release 1.58.2
Bug Fixes
balancer/weighted_round_robin: fix ticker leak on update
A new ticker is created every time there is an update of addresses or configuration, but was not properly stopped. This change stops the ticker when it is no longer needed.
Release 1.58.1
Bug Fixes
grpc: fix a bug that was decrementing active RPC count too early for streaming RPCs; leading to channel moving to IDLE even though it had open streams
grpc: fix a bug where transports were not being closed upon channel entering IDLE
Now you can choose globally or on a per request basis how to convert to/from JSON. For example, you can opt in to using the new experimental https://github.com/go-json-experiment/json library planned for a future version of the Go standard library.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
cpanato
commented
3 months ago
Bumps the gomod group with 3 updates in the / directory: github.com/containerd/containerd, github.com/carlmjohnson/requests and github.com/gorilla/mux.
Updates
github.com/containerd/containerdfrom 1.7.2 to 1.7.19Release notes
Sourced from github.com/containerd/containerd's releases.
... (truncated)
Commits
2bf793eMerge pull request #10391 from dmcgowan/prepare-v1.7.1974a3d29Prepare release notes for v1.7.19043c712Merge pull request #10406 from samuelkarp/nri-panic-1.75a587e8Merge pull request #10403 from thaJeztah/1.7_backport_hcsshim_version7f5d3c5cri: ensure NRI API never has nil CRIaea977fMerge pull request #10397 from thaJeztah/1.7_backport_deprecate_reference_Spl...6efc5bbupdate runhcs binary to v0.11.7945ae09Windows: Supply windows shim version via filebb84d90Merge pull request #10396 from yyatmsft/updatehcsshim-release17dba5357pkg/reference: deprecate SplitObjectUpdates
github.com/opencontainers/image-specfrom 1.1.0-rc4 to 1.1.0Release notes
Sourced from github.com/opencontainers/image-spec's releases.
Commits
e7f7c0cversion: release v1.1.0365fa41Merge pull request #1160 from sudo-bmitch/pr-subject-dag-associationd0f90e6Clarify that subject references a separate DAG9703222Merge pull request #1157 from sudo-bmitch/pr-v1.1.0-rc68b1e951version: bump back to +dev6c2b5faversion: release v1.1.0-rc656fb783Merge pull request #1107 from sudo-bmitch/pr-release-noticea6d741aMerge pull request #1148 from dejanu/update_oci_implementations53d9855new section for projects no longer maintainedceeb2ebMerge pull request #1114 from sudo-bmitch/pr-go-1.21Updates
google.golang.org/grpcfrom 1.56.2 to 1.59.0Release notes
Sourced from google.golang.org/grpc's releases.
... (truncated)
Commits
7765221Change version to 1.59.0 (#6695)e88f12eserver: prohibit more than MaxConcurrentStreams handlers from running at once...be7919ctransport: Pass Header metadata to tap handle. (#6652)e3f1514Reapply "status: fix/improve status handling (#6662)" (#6673) (#6688)696faa9client: add a test for NewSubConn / StateListener / cc.Close racing (#6678)318c717readme: fix badges (#6687)39972fdgithub: add code coverage with codecov.io (#6676)93dbc05xds: move virtual host matcher test to the xdsresource package (#6680)2c00469github: update actions/setup-go and actions/checkout (#6675)1f73ed5Replace the gRFC pull request with the permanent link. (#6674)Updates
github.com/carlmjohnson/requestsfrom 0.23.4 to 0.23.5Release notes
Sourced from github.com/carlmjohnson/requests's releases.
Commits
976948dMore cleanup of ExampleBuilder_BodyJSONd87154aDocs: More comments on ExampleBuilder_BodyJSON0aefa30Docs: Fix ExampleBuilder_ToDeserializer1393bf3Docs: More serializer documentation2c42bf3Docs: Better JSONSerializer docs77d422fAdd example JSONSerializerb38e637Docs: Document Serializer/Deserializer9485e7dRename json.go to serializer.go4010c30Docs: Mention JSONSerialer with ToJSON/BodyJSON219bc7aExampleBuilder_ToDeserializer: Fix typoUpdates
github.com/gorilla/muxfrom 1.8.0 to 1.8.1Release notes
Sourced from github.com/gorilla/mux's releases.
Commits
b4617d0update GitHub workflows (#734)3401478fix SPA handler in README.md (#733)4a671cbAdd GetVarNames() (#676)85123bfchanged the routeVariables text content. (#708)79f2f45Clarify documentation examples of Route methods (#672)395ad81[BUG] Inconsistent HTTP status code on query mismatch (#712)24c3e7fFixSingle Page Applicationexample inREADME.mdfile (#678)546dd0crun go fmt with Go 1.20 (#725)651928cUpdate issues.yml (#727)cfc696dUpdate issues.yml (#726)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show