Open renovate[bot] opened 2 weeks ago
Latest commit: |
437fbd8
|
Status: | ✅ Deploy successful! |
Preview URL: | https://2ae97900.sanguine-fe.pages.dev |
Branch Preview URL: | https://renovate-cctp-relayer-go-goo.sanguine-fe.pages.dev |
[!IMPORTANT]
Review skipped
Bot user detected.
To trigger a single review, invoke the
@coderabbitai review
command.You can disable this status message by setting the
reviews.review_status
tofalse
in the CodeRabbit configuration file.
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 25.64149%. Comparing base (
0a083a5
) to head (437fbd8
).
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
This PR contains the following updates:
v1.64.0
->v1.64.1
GitHub Vulnerability Alerts
GHSA-xr7q-jx4m-x55m
Impact
This issue represents a potential PII concern. If applications were printing or logging a context containing gRPC metadata, the affected versions will contain all the metadata, which may include private information.
Patches
The issue first appeared in 1.64.0 and is patched in 1.64.1 and 1.65.0
Workarounds
If using an affected version and upgrading is not possible, ensuring you do not log or print contexts will avoid the problem.
Release Notes
grpc/grpc-go (google.golang.org/grpc)
### [`v1.64.1`](https://togithub.com/grpc/grpc-go/releases/tag/v1.64.1): Release 1.64.1 [Compare Source](https://togithub.com/grpc/grpc-go/compare/v1.64.0...v1.64.1) ### Dependencies - Update x/net/http2 to address [CVE-2023-45288](https://nvd.nist.gov/vuln/detail/CVE-2023-45288) ([#7352](https://togithub.com/grpc/grpc-go/issues/7352)) - metadata: remove String method from MD to make printing consistent ([#7374](https://togithub.com/grpc/grpc-go/issues/7374))Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.