Skip to content
This repository has been archived by the owner on Sep 17, 2022. It is now read-only.

Update nuget packages #19

Merged
merged 1 commit into from
Aug 29, 2022
Merged

Update nuget packages #19

merged 1 commit into from
Aug 29, 2022

Conversation

Yury-Fridlyand
Copy link
Collaborator

@Yury-Fridlyand Yury-Fridlyand commented Aug 25, 2022
edited
Loading

Signed-off-by: Yury-Fridlyand yuryf@bitquilltech.com

Description

Update some Nuget packages which had dependencies with critical CVEs reported.
See opensearch-project/opensearch-net#88 for more info about security update.

Issues Resolved

CVE-2021-26701 in System.Text.Encodings.Web

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@Yury-Fridlyand
Update nuget packages.
533cef0 
Signed-off-by: Yury-Fridlyand <yuryf@bitquilltech.com>
@Yury-Fridlyand Yury-Fridlyand requested a review from a team as a code owner August 25, 2022 19:51
This was referenced Aug 25, 2022
Closed
Merged
dblock
dblock suggested changes Aug 26, 2022
View reviewed changes
Copy link
Member

@dblock dblock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see some unexpected things looking carefully at https://github.com/opensearch-project/opensearch-net-abstractions/pull/19/files?w=1

src/OpenSearch.OpenSearch.Xunit/XunitPlumbing/SkippingTestCase.cs
SkipReason = skipReason ?? "skipped";

public int Timeout => 0;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks new, why was it added?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

xunit was updated and interface TestMethodTestCase got a new method Timeout which should be overloaded.

src/OpenSearch.Stack.ArtifactsApi/OpenSearch.Stack.ArtifactsApi.csproj
@@ -7,7 +7,9 @@

<ItemGroup>
<PackageReference Include="SemanticVersioning" Version="0.8.0" />
<PackageReference Include="System.Text.Json" Version="4.6.0" />
<PackageReference Include="System.Net.Http" Version="4.3.4" />
<PackageReference Include="System.Runtime.InteropServices.RuntimeInformation" Version="4.3.0" />
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks added, why?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are essential packages, compilation fails without them.
I'm also surprised how it was working before.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Eh 🤔

@joshuali925 joshuali925 mentioned this pull request Aug 29, 2022
Closed
@dblock dblock merged commit adc0396 into opensearch-project:main Aug 29, 2022
@Yury-Fridlyand Yury-Fridlyand deleted the dev-update-packages branch August 29, 2022 22:34
@Yury-Fridlyand Yury-Fridlyand mentioned this pull request Dec 15, 2022
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@dblock dblock dblock approved these changes

@joshuali925 joshuali925 joshuali925 approved these changes

@MaxKsyunz MaxKsyunz MaxKsyunz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Yury-Fridlyand @dblock @joshuali925 @MaxKsyunz