Skip to content

build(deps): bump pygithub from 1.54.1 to 1.55 in /tools/github#24

Closed
dependabot[bot] wants to merge 1 commit intorebase/mainfrom
dependabot/pip/tools/github/pygithub-1.55
Closed

build(deps): bump pygithub from 1.54.1 to 1.55 in /tools/github#24
dependabot[bot] wants to merge 1 commit intorebase/mainfrom
dependabot/pip/tools/github/pygithub-1.55

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Aug 10, 2021

Bumps pygithub from 1.54.1 to 1.55.

Release notes

Sourced from pygithub's releases.

v1.55

Breaking Changes

  • Remove client_id/client_secret authentication (#1888) (901af8c8)
  • Adjust to Github API changes regarding emails (#1890) (2c77cfad)
    • This impacts what AuthenticatedUser.get_emails() returns
  • PublicKey.key_id could be int on Github Enterprise (#1894) (ad124ef4)
  • Export headers in GithubException (#1887) (ddd437a7)

Bug Fixes & Improvements

  • Do not import from unpackaged paths in typing (#1926) (27ba7838)
  • Implement hash for CompletableGithubObject (#1922) (4faff23c)
  • Use property decorator to improve typing compatibility (#1925) (e4168109)
  • Fix :rtype: directive (#1927) (54b6a97b)
  • Update most URLs to docs.github.com (#1896) (babcbcd0)
  • Tighten asserts for new Permission tests (#1893) (5aab6f5d)
  • Adding attributes "maintain" and "triage" to class "Permissions" (#1810) (76879613)
  • Add default arguments to Workflow method type annotations (#1857) (7d6bac9e)
  • Re-raise the exception when failing to parse JSON (#1892) (916da53b)
  • Allow adding attributes at the end of the list (#1807) (0245b758)
  • Updating links to Github documentation for deploy keys (#1850) (c27fb919)
  • Update PyJWT Version to 2.0+ (#1891) (a68577b7)
  • Use right variable in both get_check_runs() (#1889) (3003e065)
  • fix bad assertions in github.Project.edit (#1817) (6bae9e5c)
  • Test repr() for PublicKey (#1879) (e0acd8f4)
  • Add support for deleting repository secrets (#1868) (696793de)
  • Switch repository secrets to using f-strings (#1867) (aa240304)
  • Manually fixing paths for codecov.io to cover all project files (#1813) (b2232c89)
  • Add missing links to project metadata (#1789) (64f532ae)
  • No longer show username and password examples (#1866) (55d98373)
  • Adding github actions secrets (#1681) (c90c050e)
  • fix get_user_issues (#1842) (7db1b0c9)
  • Switch all string addition to using f-strings (#1774) (290b6272)
  • Enabling connetion pool_size definition (a77d4f48)
  • Always define the session adapter (aaec0a0f)
Changelog

Sourced from pygithub's changelog.

Version 1.55 (April 26, 2021)

Breaking Changes

  • Remove client_id/client_secret authentication (#1888) (901af8c8)
  • Adjust to Github API changes regarding emails (#1890) (2c77cfad)
    • This impacts what AuthenticatedUser.get_emails() returns
  • PublicKey.key_id could be int on Github Enterprise (#1894) (ad124ef4)
  • Export headers in GithubException (#1887) (ddd437a7)

Bug Fixes & Improvements

  • Do not import from unpackaged paths in typing (#1926) (27ba7838)
  • Implement hash for CompletableGithubObject (#1922) (4faff23c)
  • Use property decorator to improve typing compatibility (#1925) (e4168109)
  • Fix :rtype: directive (#1927) (54b6a97b)
  • Update most URLs to docs.github.com (#1896) (babcbcd0)
  • Tighten asserts for new Permission tests (#1893) (5aab6f5d)
  • Adding attributes "maintain" and "triage" to class "Permissions" (#1810) (76879613)
  • Add default arguments to Workflow method type annotations (#1857) (7d6bac9e)
  • Re-raise the exception when failing to parse JSON (#1892) (916da53b)
  • Allow adding attributes at the end of the list (#1807) (0245b758)
  • Updating links to Github documentation for deploy keys (#1850) (c27fb919)
  • Update PyJWT Version to 2.0+ (#1891) (a68577b7)
  • Use right variable in both get_check_runs() (#1889) (3003e065)
  • fix bad assertions in github.Project.edit (#1817) (6bae9e5c)
  • Test repr() for PublicKey (#1879) (e0acd8f4)
  • Add support for deleting repository secrets (#1868) (696793de)
  • Switch repository secrets to using f-strings (#1867) (aa240304)
  • Manually fixing paths for codecov.io to cover all project files (#1813) (b2232c89)
  • Add missing links to project metadata (#1789) (64f532ae)
  • No longer show username and password examples (#1866) (55d98373)
  • Adding github actions secrets (#1681) (c90c050e)
  • fix get_user_issues (#1842) (7db1b0c9)
  • Switch all string addition to using f-strings (#1774) (290b6272)
  • Enabling connection pool_size definition (a77d4f48)
  • Always define the session adapter (aaec0a0f)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump pygithub from 1.54.1 to 1.55 in /tools/github
49a73be 
Bumps [pygithub](https://github.com/pygithub/pygithub) from 1.54.1 to 1.55.
- [Release notes](https://github.com/pygithub/pygithub/releases)
- [Changelog](https://github.com/PyGithub/PyGithub/blob/master/doc/changes.rst)
- [Commits](PyGithub/PyGithub@v1.54.1...v1.55)

---
updated-dependencies:
- dependency-name: pygithub
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 10, 2021
@LukeShu LukeShu closed this Aug 12, 2021
@dependabot @github
Copy link
Copy Markdown
Author

dependabot bot commented on behalf of github Aug 12, 2021

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/pip/tools/github/pygithub-1.55 branch August 12, 2021 19:22
LanceEa pushed a commit that referenced this pull request Nov 15, 2022
@benjaminp
test: fix a race in http2 flood integration test (envoyproxy#23094)
860c607 
This test sends a large number of metadata frames in order to trigger a disconnect. However, it was possible for the disconnect to happen and the connection to be torn down before all the metadata frames had been sent. If that happened, ASAN detected a UAF:
```
==95==ERROR: AddressSanitizer: heap-use-after-free on address 0x60700037e5a0 at pc 0x000004811f9e bp 0x7ffc903af990 sp 0x7ffc903af988
READ of size 8 at 0x60700037e5a0 thread T0
    #0 0x4811f9d in Envoy::IntegrationCodecClient::sendMetadata(Envoy::Http::RequestEncoder&, Envoy::Http::MetadataMap) /proc/self/cwd/test/integration/http_integration.cc:168:3
    #1 0x46ed711 in Envoy::Http2FloodMitigationTest_RequestMetadata_Test::TestBody() /proc/self/cwd/test/integration/http2_flood_integration_test.cc:1486:20
    #2 0xd380e64 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:2580:10
    #3 0xd348dc2 in testing::Test::Run() /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:2655:5
    #4 0xd34a927 in testing::TestInfo::Run() /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:2832:11
    #5 0xd34ccc4 in testing::TestSuite::Run() /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:2986:28
    #6 0xd36f07a in testing::internal::UnitTestImpl::RunAllTests() /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:5697:44
    #7 0xd384e63 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /proc/self/cwd/external/com_google_googletest/googletest/src/
gtest.cc:2580:10
    #8 0xd36dd86 in testing::UnitTest::Run() /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:5280:10
    #9 0xa0e53a4 in Envoy::TestRunner::RunTests(int, char**) /proc/self/cwd/external/com_google_googletest/googletest/include/gtest/gtest.h:2485:46
    #10 0xa0e0af7 in main /proc/self/cwd/test/main.cc:34:10
    #11 0x7f442ef69082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
    #12 0x45ed36d in _start (/mnt/ssd/cas/work/1/exec/bazel-out/k8-dbg/bin/test/integration/http2_flood_integration_test.runfiles/envoy/test/integration/http2_flood_integration_test+0x45ed36d)

0x60700037e5a0 is located 48 bytes inside of 80-byte region [0x60700037e570,0x60700037e5c0)
freed by thread T0 here:
    #0 0x466f7d2 in free /local/mnt/workspace/bcain_clang_hu-bcain-lv_22036/final/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:52:3
    #1 0x831dde8 in Envoy::Http::CodecClient::ActiveRequest::~ActiveRequest() /proc/self/cwd/./source/common/http/codec_client.h:220:10
    #2 0x5aa33f9 in std::__1::unique_ptr<Envoy::Event::DeferredDeletable, std::__1::default_delete<Envoy::Event::DeferredDeletable> >::reset(Envoy::Event::DeferredDeletable*) /opt/llvm/bin/../include/c++/v1/__memory/unique_ptr.h:54:5
    #3 0xa3218e8 in Envoy::Event::DispatcherImpl::clearDeferredDeleteList() /proc/self/cwd/source/common/event/dispatcher_impl.cc:142:21
    #4 0xa3348df in void std::__1::__invoke_void_return_wrapper<void, true>::__call<Envoy::Event::DispatcherImpl::DispatcherImpl(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, Envoy::Thread::ThreadFactory&, Envoy::TimeSource&
, Envoy::Random::RandomGenerator&, Envoy::Filesystem::Instance&, Envoy::Event::TimeSystem&, std::__1::function<std::__1::unique_ptr<Envoy::Event::ScaledRangeTimerManager, std::__1::default_delete<Envoy::Event::ScaledRangeTimerManager> > (Envoy::Event::Dispatcher&)> const&
, std::__1::shared_ptr<Envoy::Buffer::WatermarkFactory> const&)::$_2&>(Envoy::Event::DispatcherImpl::DispatcherImpl(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, Envoy::Thread::ThreadFactory&, Envoy::TimeSource&, Envoy::Rand
om::RandomGenerator&, Envoy::Filesystem::Instance&, Envoy::Event::TimeSystem&, std::__1::function<std::__1::unique_ptr<Envoy::Event::ScaledRangeTimerManager, std::__1::default_delete<Envoy::Event::ScaledRangeTimerManager> > (Envoy::Event::Dispatcher&)> const&, std::__1::s
hared_ptr<Envoy::Buffer::WatermarkFactory> const&)::$_2&) /proc/self/cwd/source/common/event/dispatcher_impl.cc:79:30
    #5 0xa334603 in std::__1::__function::__func<Envoy::Event::DispatcherImpl::DispatcherImpl(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, Envoy::Thread::ThreadFactory&, Envoy::TimeSource&, Envoy::Random::RandomGenerator&,
Envoy::Filesystem::Instance&, Envoy::Event::TimeSystem&, std::__1::function<std::__1::unique_ptr<Envoy::Event::ScaledRangeTimerManager, std::__1::default_delete<Envoy::Event::ScaledRangeTimerManager> > (Envoy::Event::Dispatcher&)> const&, std::__1::shared_ptr<Envoy::Buffe
r::WatermarkFactory> const&)::$_2, std::__1::allocator<Envoy::Event::DispatcherImpl::DispatcherImpl(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, Envoy::Thread::ThreadFactory&, Envoy::TimeSource&, Envoy::Random::RandomGenera
tor&, Envoy::Filesystem::Instance&, Envoy::Event::TimeSystem&, std::__1::function<std::__1::unique_ptr<Envoy::Event::ScaledRangeTimerManager, std::__1::default_delete<Envoy::Event::ScaledRangeTimerManager> > (Envoy::Event::Dispatcher&)> const&, std::__1::shared_ptr<Envoy:
:Buffer::WatermarkFactory> const&)::$_2>, void ()>::operator()() /opt/llvm/bin/../include/c++/v1/__functional/function.h:180:16
    #6 0x4897039 in std::__1::__function::__value_func<void ()>::operator()() const /opt/llvm/bin/../include/c++/v1/__functional/function.h:507:16
    #7 0xa8e6aa4 in Envoy::Event::SchedulableCallbackImpl::SchedulableCallbackImpl(Envoy::CSmartPtr<event_base, &(event_base_free)>&, std::__1::function<void ()>)::$_0::__invoke(int, short, void*) /opt/llvm/bin/../include/c++/v1/__functional/function.h:1184:12
    #8 0xb557c5e in event_process_active_single_queue /mnt/ssd/cas/work/2/exec/external/com_github_libevent_libevent/event.c:1713:4
    #9 0xb539252 in event_process_active /mnt/ssd/cas/work/2/exec/external/com_github_libevent_libevent/event.c
    #10 0xb539252 in event_base_loop /mnt/ssd/cas/work/2/exec/external/com_github_libevent_libevent/event.c:2047:12
    #11 0xa8e1e3c in Envoy::Event::LibeventScheduler::run(Envoy::Event::Dispatcher::RunType) /proc/self/cwd/source/common/event/libevent_scheduler.cc:60:3
    #12 0xa32bd94 in Envoy::Event::DispatcherImpl::run(Envoy::Event::Dispatcher::RunType) /proc/self/cwd/source/common/event/dispatcher_impl.cc:299:19
    #13 0x480faad in Envoy::IntegrationCodecClient::flushWrite() /proc/self/cwd/test/integration/http_integration.cc:100:29
    #14 0x4811e94 in Envoy::IntegrationCodecClient::sendMetadata(Envoy::Http::RequestEncoder&, Envoy::Http::MetadataMap) /proc/self/cwd/test/integration/http_integration.cc:169:3
    #15 0x46ed711 in Envoy::Http2FloodMitigationTest_RequestMetadata_Test::TestBody() /proc/self/cwd/test/integration/http2_flood_integration_test.cc:1486:20
    #16 0xd380e64 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:2580:10
    #17 0xd348dc2 in testing::Test::Run() /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:2655:5
    #18 0xd34a927 in testing::TestInfo::Run() /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:2832:11
    #19 0xd34ccc4 in testing::TestSuite::Run() /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:2986:28
    #20 0xd36f07a in testing::internal::UnitTestImpl::RunAllTests() /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:5697:44
    #21 0xd384e63 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:2580:10
    #22 0xd36dd86 in testing::UnitTest::Run() /proc/self/cwd/external/com_google_googletest/googletest/src/gtest.cc:5280:10
    #23 0xa0e53a4 in Envoy::TestRunner::RunTests(int, char**) /proc/self/cwd/external/com_google_googletest/googletest/include/gtest/gtest.h:2485:46
    #24 0xa0e0af7 in main /proc/self/cwd/test/main.cc:34:10
    #25 0x7f442ef69082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
```

To fix that, write all metadata frames at once.

Signed-off-by: Benjamin Peterson <benjamin@engflow.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@LukeShu