Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Upgrade version of jwt-go package to v4.0.0 #19893

Merged
merged 2 commits into from
Nov 5, 2020
Merged

fix: Upgrade version of jwt-go package to v4.0.0 #19893

merged 2 commits into from
Nov 5, 2020

Conversation

ayang64
Copy link
Contributor

@ayang64 ayang64 commented Nov 3, 2020

Address CVE-2020-26160 for the jwt-go package.

Closes #

Describe your proposed changes here.

  • CHANGELOG.md updated with a link to the PR (not the Issue)
  • Well-formatted commit messages
  • Rebased/mergeable
  • Tests pass
  • http/swagger.yml updated (if modified Go structs or API)
  • Feature flagged (if modified API)
  • Documentation updated or issue created (provide link to issue/pr)
  • Signed CLA (if not already signed)

docmerlin
docmerlin previously approved these changes Nov 3, 2020
View reviewed changes
Copy link
Contributor

@docmerlin docmerlin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM assuming it passes CI.

@ayang64
fix: Update tests to reflect new error messages
f864136 
Prior to this commit, the TestHandler_Query_Auth() tests would fail as
it checked for specific error strigns returned by the jwt-go package.

Version 4.0.0-preview1 of the package changed the verbiage of those
errors a bit.  This patch updates the test to detect the new error
string.
docmerlin
docmerlin suggested changes Nov 5, 2020
View reviewed changes
@docmerlin docmerlin self-requested a review November 5, 2020 15:39
@ayang64 ayang64 self-assigned this Nov 5, 2020
@ayang64 ayang64 added the 1.x label Nov 5, 2020
@ayang64 ayang64 added this to the 1.8.4 milestone Nov 5, 2020
@ayang64 ayang64 merged commit 225bcec into master-1.x Nov 5, 2020
ayang64 added a commit that referenced this pull request Nov 5, 2020
@ayang64
fix: Upgrade version of jwt-go package to v4.0.0 (#19893)
7d7594b 
This commit updates the dependencies for influxdb to require v4.0.0-preview1 of
the jwt-go package.  This required updating the go.mod and go.sum files as well
as any source file that directly imported that package.

Prior to this commit, the TestHandler_Query_Auth() tests would fail as it
checked for specific error strigns returned by the jwt-go package.

Version 4.0.0-preview1 of the package changed the verbiage of those errors a
bit.  This patch updates the test to detect the new error string.
ayang64 added a commit that referenced this pull request Nov 6, 2020
@ayang64
fix: Upgrade version of jwt-go package to v4.0.0 (#19893) (#19910)
c6f38a8 
This commit updates the dependencies for influxdb to require v4.0.0-preview1 of
the jwt-go package.  This required updating the go.mod and go.sum files as well
as any source file that directly imported that package.

Prior to this commit, the TestHandler_Query_Auth() tests would fail as it
checked for specific error strigns returned by the jwt-go package.

Version 4.0.0-preview1 of the package changed the verbiage of those errors a
bit.  This patch updates the test to detect the new error string.
dgnorton pushed a commit that referenced this pull request Feb 3, 2021
@ayang64 @dgnorton
fix: Upgrade version of jwt-go package to v4.0.0 (#19893) (#19910)
55c0a51 
This commit updates the dependencies for influxdb to require v4.0.0-preview1 of
the jwt-go package.  This required updating the go.mod and go.sum files as well
as any source file that directly imported that package.

Prior to this commit, the TestHandler_Query_Auth() tests would fail as it
checked for specific error strigns returned by the jwt-go package.

Version 4.0.0-preview1 of the package changed the verbiage of those errors a
bit.  This patch updates the test to detect the new error string.
@danxmoran danxmoran removed their request for review February 10, 2021 20:53
davidby-influx pushed a commit that referenced this pull request Mar 2, 2021
@ayang64 @davidby-influx
fix: Upgrade version of jwt-go package to v4.0.0 (#19893) (#19910)
f2aa855 
This commit updates the dependencies for influxdb to require v4.0.0-preview1 of
the jwt-go package.  This required updating the go.mod and go.sum files as well
as any source file that directly imported that package.

Prior to this commit, the TestHandler_Query_Auth() tests would fail as it
checked for specific error strigns returned by the jwt-go package.

Version 4.0.0-preview1 of the package changed the verbiage of those errors a
bit.  This patch updates the test to detect the new error string.
@jacobmarble jacobmarble deleted the upgrade-jwt-package branch January 2, 2024 22:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@docmerlin docmerlin docmerlin approved these changes

@dgnorton dgnorton Awaiting requested review from dgnorton

@psteinbachs psteinbachs Awaiting requested review from psteinbachs

@davidby-influx davidby-influx Awaiting requested review from davidby-influx

Assignees

@ayang64 ayang64

Labels
1.x
Projects
None yet
Milestone
1.8.4
Development

Successfully merging this pull request may close these issues.
2 participants
@ayang64 @docmerlin