Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Manual Backport 2.x] Bump org.bouncycastle:bc-fips from 1.0.2.3 to 1.0.2.4 in /distribution/tools/plugin-cli (#10297) #10672

Merged
merged 1 commit into from
Oct 17, 2023
Merged

[Manual Backport 2.x] Bump org.bouncycastle:bc-fips from 1.0.2.3 to 1.0.2.4 in /distribution/tools/plugin-cli (#10297) #10672

merged 1 commit into from
Oct 17, 2023

Conversation

noCharger
Copy link
Contributor

@noCharger noCharger commented Oct 17, 2023
edited
Loading

  • Bump org.bouncycastle:bc-fips in /distribution/tools/plugin-cli

Bumps org.bouncycastle:bc-fips from 1.0.2.3 to 1.0.2.4.

updated-dependencies:

  • dependency-name: org.bouncycastle:bc-fips dependency-type: direct:production update-type: version-update:semver-patch ...

Signed-off-by: dependabot[bot] support@github.com

  • Updating SHAs

Signed-off-by: dependabot[bot] support@github.com

  • Update changelog

Signed-off-by: dependabot[bot] support@github.com

Signed-off-by: dependabot[bot] support@github.com
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
(cherry picked from commit c6c07f3)

Description

Cherry pick c6c07f3

Related Issues

Resolves #[Issue number to be closed when this PR is merged]

#10297

CVE https://nvd.nist.gov/vuln/detail/CVE-2022-45146

Check List

  • Commits are signed per the DCO using --signoff
  • Commit changes are listed out in CHANGELOG.md file (See: Changelog)

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@dependabot @noCharger
Bump org.bouncycastle:bc-fips from 1.0.2.3 to 1.0.2.4 in /distributio…
ca7db28 
…n/tools/plugin-cli (opensearch-project#10297)

* Bump org.bouncycastle:bc-fips in /distribution/tools/plugin-cli

Bumps org.bouncycastle:bc-fips from 1.0.2.3 to 1.0.2.4.

---
updated-dependencies:
- dependency-name: org.bouncycastle:bc-fips
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

* Update changelog

Signed-off-by: dependabot[bot] <support@github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
(cherry picked from commit c6c07f3)
@github-actions
Copy link
Contributor

Compatibility status:

Checks if related components are compatible with change ca7db28

Incompatible components

Skipped components

Compatible components

Compatible components: [https://github.com/opensearch-project/security.git, https://github.com/opensearch-project/alerting.git, https://github.com/opensearch-project/index-management.git, https://github.com/opensearch-project/anomaly-detection.git, https://github.com/opensearch-project/asynchronous-search.git, https://github.com/opensearch-project/sql.git, https://github.com/opensearch-project/common-utils.git, https://github.com/opensearch-project/observability.git, https://github.com/opensearch-project/job-scheduler.git, https://github.com/opensearch-project/reporting.git, https://github.com/opensearch-project/cross-cluster-replication.git, https://github.com/opensearch-project/k-nn.git, https://github.com/opensearch-project/security-analytics.git, https://github.com/opensearch-project/custom-codecs.git, https://github.com/opensearch-project/geospatial.git, https://github.com/opensearch-project/ml-commons.git, https://github.com/opensearch-project/performance-analyzer.git, https://github.com/opensearch-project/notifications.git, https://github.com/opensearch-project/performance-analyzer-rca.git, https://github.com/opensearch-project/neural-search.git]

@github-actions
Copy link
Contributor

Gradle Check (Jenkins) Run Completed with:

@github-actions
Copy link
Contributor

Gradle Check (Jenkins) Run Completed with:

@codecov
Copy link

codecov bot commented Oct 17, 2023

Codecov Report

Merging #10672 (ca7db28) into 2.x (e611185) will decrease coverage by 0.13%.
Report is 4 commits behind head on 2.x.
The diff coverage is 42.85%.

@@             Coverage Diff              @@
##                2.x   #10672      +/-   ##
============================================
- Coverage     70.93%   70.80%   -0.13%     
+ Complexity    58575    58493      -82     
============================================
  Files          4830     4830              
  Lines        276453   276460       +7     
  Branches      40588    40588              
============================================
- Hits         196091   195750     -341     
- Misses        63676    64031     +355     
+ Partials      16686    16679       -7
Files Coverage Δ
...ch/repositories/gcs/GoogleCloudStorageService.java 82.43% <100.00%> (ø)
.../org/opensearch/repositories/gcs/SocketAccess.java 68.42% <33.33%> (-14.92%) ⬇️

... and 450 files with indirect coverage changes

@reta reta merged commit 3763207 into opensearch-project:2.x Oct 17, 2023
67 of 68 checks passed
@m-jin m-jin mentioned this pull request Dec 6, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@reta reta reta approved these changes

@anasalkouz anasalkouz Awaiting requested review from anasalkouz anasalkouz is a code owner

@andrross andrross Awaiting requested review from andrross andrross is a code owner

@Bukhtawar Bukhtawar Awaiting requested review from Bukhtawar Bukhtawar is a code owner

@CEHENKLE CEHENKLE Awaiting requested review from CEHENKLE CEHENKLE is a code owner

@dblock dblock Awaiting requested review from dblock dblock is a code owner

@gbbafna gbbafna Awaiting requested review from gbbafna gbbafna is a code owner

@setiah setiah Awaiting requested review from setiah

@kartg kartg Awaiting requested review from kartg

@kotwanikunal kotwanikunal Awaiting requested review from kotwanikunal kotwanikunal is a code owner

@mch2 mch2 Awaiting requested review from mch2 mch2 is a code owner

@nknize nknize Awaiting requested review from nknize nknize is a code owner

@owaiskazi19 owaiskazi19 Awaiting requested review from owaiskazi19 owaiskazi19 is a code owner

@peternied peternied Awaiting requested review from peternied

@Rishikesh1159 Rishikesh1159 Awaiting requested review from Rishikesh1159 Rishikesh1159 is a code owner

@ryanbogan ryanbogan Awaiting requested review from ryanbogan

@saratvemulapalli saratvemulapalli Awaiting requested review from saratvemulapalli saratvemulapalli is a code owner

@shwetathareja shwetathareja Awaiting requested review from shwetathareja shwetathareja is a code owner

@dreamer-89 dreamer-89 Awaiting requested review from dreamer-89

@VachaShah VachaShah Awaiting requested review from VachaShah VachaShah is a code owner

@dbwiddis dbwiddis Awaiting requested review from dbwiddis dbwiddis is a code owner

@sachinpkale sachinpkale Awaiting requested review from sachinpkale sachinpkale is a code owner

@sohami sohami Awaiting requested review from sohami sohami is a code owner

@msfroh msfroh Awaiting requested review from msfroh msfroh is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@noCharger @reta