Skip to content

Upgraded guzzle4 to 4.1.6 in the framework tests #3368

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Upgraded guzzle4 to 4.1.6 in the framework tests #3368

wants to merge 1 commit into from

Conversation

GrahamCampbell
Copy link
Contributor

The passed tests changes from 93.01% to 92.54%.

Old stats:

Tests: 660, Assertions: 1575, Failures: 3, Errors: 43, Skipped: 2.

New stats:

Tests: 686, Assertions: 1628, Failures: 3, Errors: 48, Skipped: 2.

You can see the old and new error logs here: https://gist.github.com/GrahamCampbell/826d87c35e3049f683dc.

@facebook-github-bot
Copy link
Contributor

This pull request has been imported into Phabricator, and discussion and review of the diff will take place at https://reviews.facebook.net/D21087

@ptarjan
Copy link
Contributor

ptarjan commented Aug 6, 2014

Hilariously phabricator allows Tests: as a synonym for Test Plan:. I updated your summary to not have them starting the line

@GrahamCampbell
Copy link
Contributor Author

I'll remember that for the future. :)

@GrahamCampbell GrahamCampbell deleted the guzzle4 branch August 6, 2014 16:42
facebook-github-bot pushed a commit that referenced this pull request Sep 5, 2025
@facebook-github-bot
Update crate tracing-subscriber 0.3.19 -> 0.3.20 (fix RUSTSEC-2025-0055)
59180f0 
Summary:
X-link: meta-pytorch/monarch#1114

```
VULNERABILITY RUSTSEC-2025-0055 - 2025-08-29: Logging user input may result in poisoning logs with ANSI escape sequences
Package: tracing-subscriber 0.3.19

Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:

- Manipulate terminal title bars
- Clear screens or modify terminal display
- Potentially mislead users through terminal manipulation

In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.

This was patched in [PR #3368](tokio-rs/tracing#3368) to escape ANSI control characters from user input.
```

Reviewed By: dtolnay

Differential Revision: D81802144

fbshipit-source-id: 1430805e74df708af6cb7580eb1b0a2a58b14ac2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@GrahamCampbell @facebook-github-bot @ptarjan