build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.5#321
Conversation
Codecov Report
❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more. @@ Coverage Diff @@
## main #321 +/- ##
=======================================
Coverage 74.80% 74.80%
=======================================
Files 23 23
Lines 2203 2203
=======================================
Hits 1648 1648
Misses 437 437
Partials 118 118 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
4cf99fe to
dc6111c
Compare
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.4.4 to 3.4.5. - [Release notes](https://github.com/go-ldap/ldap/releases) - [Commits](go-ldap/ldap@v3.4.4...v3.4.5) --- updated-dependencies: - dependency-name: github.com/go-ldap/ldap/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dc6111c to
b57eb7c
Compare
shizhMSFT
left a comment
There was a problem hiding this comment.
@priteshbandi @JeyJeyGao @Two-Hearts I've read the release notes of v3.4.5. It includes the following change
fix: parsedn not handling attributes with equal char in value by @james-d-elliott in go-ldap/ldap#425
which is critical to notation-go.
To prevent regression, we need to review the above code change in ldap. I'd like to put this PR on hold until we done the review.
|
I did a review on the code, Notation indeed needs to bump up the ldap/v3 version: |
|
Built Notation cli based on notation-go with ldap v3.4.5 and passed the E2E test cases, so the basic trust identity setting will still work after the bumping up to ldap v3.4.5. The PR go-ldap/ldap#425 fixs the issue that also relates to notation, so we need to update it. |
shizhMSFT
left a comment
There was a problem hiding this comment.
LGTM as the ParseDN() has been improved with reviews.
|
@dependabot merge |
Bumps github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.5.
Release notes
Sourced from github.com/go-ldap/ldap/v3's releases.
Commits
cdb0754feat: enable DirSync control in search operation (#436)039466eadd unmarshalling of generalizedTimestamp and DN (#434)b50d289fix: return errors upon panics or receiving unexpected responses (#433)b0d0dcfFix deadlocks caused by invalid connection state (#432)83b8f31gofumpt (#427)6a543b2Update actions32d292efix: parsedn not handling attributes with equal char in value (#425)6668c06Update dependencies (#420)b64a808implement server side sorting controls (rfc2891) (#414)a79fb6bLint/gofmt fixes. (#418)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)