From b19e6b9271ec28211c152b2b5946f3209de663e4 Mon Sep 17 00:00:00 2001 From: Josep Prat Date: Fri, 11 Feb 2022 10:28:41 +0100 Subject: [PATCH 1/3] Update protobuf version to 3.15.0 Resolves: #337 Updates vulnerable version of protobuf --- CONTRIBUTING.md | 6 ++++++ requirements.txt | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 73ffcaea7..d53a306b3 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -41,6 +41,12 @@ tests should be engineered with this in mind: - Don't reuse schema/subject/topic names - Expect other clients to be interacting with the servers at the same time. +Before running the tests make sure you have `protoc` installed. `protoc` is part of the protobuf-compiler package. +In Fedora distributions you can install it using: +``` +dnf install protobuf-compiler +``` + To run the tests use `make`. It will download Kafka to be used in the tests for you: ```sh diff --git a/requirements.txt b/requirements.txt index f7caceb0e..d18577ac7 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,7 +7,7 @@ lz4==3.0.2 requests==2.27.1 networkx==2.5 python-dateutil==2.8.2 -protobuf~=3.14.0 +protobuf~=3.15.0 # Patched dependencies # From b67113dc086074e16ad206b35192348520d7f12a Mon Sep 17 00:00:00 2001 From: Josep Prat Date: Fri, 11 Feb 2022 10:42:25 +0100 Subject: [PATCH 2/3] Add trademark for Fedora --- CONTRIBUTING.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index d53a306b3..520f7ef83 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -42,7 +42,7 @@ tests should be engineered with this in mind: - Expect other clients to be interacting with the servers at the same time. Before running the tests make sure you have `protoc` installed. `protoc` is part of the protobuf-compiler package. -In Fedora distributions you can install it using: +In Fedora® distributions you can install it using: ``` dnf install protobuf-compiler ``` @@ -94,3 +94,7 @@ override the `bootstrap_uri` config value, one would use the environment variabl - Choose a meaningful title for your pull request. - The pull request description should focus on what changed and why. - Check that the tests pass (and add test coverage for your changes if appropriate). + +## Trademarks: +Fedora and the Infinity design logo are trademarks of Red Hat, Inc. + From 3c5905388a74f810cd2809b4c2cafad0ff5874dc Mon Sep 17 00:00:00 2001 From: Josep Prat Date: Fri, 11 Feb 2022 10:52:14 +0100 Subject: [PATCH 3/3] Fix lint and update to a newer version of protobuf --- CONTRIBUTING.md | 1 - requirements.txt | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 520f7ef83..6e60be56d 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -97,4 +97,3 @@ override the `bootstrap_uri` config value, one would use the environment variabl ## Trademarks: Fedora and the Infinity design logo are trademarks of Red Hat, Inc. - diff --git a/requirements.txt b/requirements.txt index d18577ac7..41e7a1868 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,7 +7,7 @@ lz4==3.0.2 requests==2.27.1 networkx==2.5 python-dateutil==2.8.2 -protobuf~=3.15.0 +protobuf~=3.19.4 # Patched dependencies #