Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit580081c

Browse files
spikecurtisjohnstcnethanndickson
authored
fix: upgrade to 1.24.6 to fix race in lib/pq queries (#19214) (#19220)
THIS IS A SECURITY FIX - cherry picks#19214 upgrade to go 1.24.6 to avoidgolang/go#74831(CVE-2025-47907)Also points to a new version of our lib/pq fork that worked around theGo issue, which should restore better performance.---------Co-authored-by: Cian Johnston <cian@coder.com>Co-authored-by: Ethan <39577870+ethanndickson@users.noreply.github.com>
1 parent54d0575 commit580081c

File tree

6 files changed

+14
-9
lines changed

6 files changed

+14
-9
lines changed

‎.github/actions/setup-go/action.yaml‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ description: |
44
inputs:
55
version:
66
description:"The Go version to use."
7-
default:"1.24.2"
7+
default:"1.24.6"
88
use-preinstalled-go:
99
description:"Whether to use preinstalled Go."
1010
default:"false"

‎.github/workflows/ci.yaml‎

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -428,6 +428,11 @@ jobs:
428428
-name:Disable Spotlight Indexing
429429
if:runner.os == 'macOS'
430430
run:|
431+
enabled=$(sudo mdutil -a -s | grep "Indexing enabled" | wc -l)
432+
if [ $enabled -eq 0 ]; then
433+
echo "Spotlight indexing is already disabled"
434+
exit 0
435+
fi
431436
sudo mdutil -a -i off
432437
sudo mdutil -X /
433438
sudo launchctl bootout system /System/Library/LaunchDaemons/com.apple.metadata.mds.plist
@@ -1082,7 +1087,7 @@ jobs:
10821087
-name:Switch XCode Version
10831088
uses:maxim-lobanov/setup-xcode@60606e260d2fc5762a71e64e74b2174e8ea3c8bd# v1.6.0
10841089
with:
1085-
xcode-version:"16.0.0"
1090+
xcode-version:"16.1.0"
10861091

10871092
-name:Setup Go
10881093
uses:./.github/actions/setup-go

‎.github/workflows/release.yaml‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ jobs:
6060
-name:Switch XCode Version
6161
uses:maxim-lobanov/setup-xcode@60606e260d2fc5762a71e64e74b2174e8ea3c8bd# v1.6.0
6262
with:
63-
xcode-version:"16.0.0"
63+
xcode-version:"16.1.0"
6464

6565
-name:Setup Go
6666
uses:./.github/actions/setup-go
@@ -655,7 +655,7 @@ jobs:
655655
detached_signature="${binary}.asc"
656656
gcloud storage cp "./site/out/bin/${binary}" "gs://releases.coder.com/coder-cli/${version}/${binary}"
657657
gcloud storage cp "./site/out/bin/${detached_signature}" "gs://releases.coder.com/coder-cli/${version}/${detached_signature}"
658-
done
658+
done
659659
660660
-name:Publish release
661661
run:|

‎dogfood/coder/Dockerfile‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ RUN cargo install jj-cli typos-cli watchexec-cli
99
FROM ubuntu:jammy@sha256:0e5e4a57c2499249aafc3b40fcd541e9a456aab7296681a3994d631587203f97 AS go
1010

1111
# Install Go manually, so that we can control the version
12-
ARG GO_VERSION=1.24.2
12+
ARG GO_VERSION=1.24.6
1313

1414
# Boring Go is needed to build FIPS-compliant binaries.
1515
RUN apt-get update && \

‎go.mod‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
modulegithub.com/coder/coder/v2
22

3-
go1.24.2
3+
go1.24.6
44

55
// Required until a v3 of chroma is created to lazily initialize all XML files.
66
// None of our dependencies seem to use the registries anyways, so this
@@ -58,7 +58,7 @@ replace github.com/imulab/go-scim/pkg/v2 => github.com/coder/go-scim/pkg/v2 v2.0
5858
// Adds support for a new Listener from a driver.Connector
5959
// This lets us use rotating authentication tokens for passwords in connection strings
6060
// which we use in the awsiamrds package.
61-
replacegithub.com/lib/pq =>github.com/coder/pqv1.10.5-0.20240813183442-0c420cb5a048
61+
replacegithub.com/lib/pq =>github.com/coder/pqv1.10.5-0.20250807075151-6ad9b0a25151
6262

6363
// Removes an init() function that causes terminal sequences to be printed to the web terminal when
6464
// used in conjunction with agent-exec. See https://github.com/coder/coder/pull/15817

‎go.sum‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -907,8 +907,8 @@ github.com/coder/go-scim/pkg/v2 v2.0.0-20230221055123-1d63c1222136 h1:0RgB61LcNs
907907
github.com/coder/go-scim/pkg/v2v2.0.0-20230221055123-1d63c1222136/go.mod h1:VkD1P761nykiq75dz+4iFqIQIZka189tx1BQLOp0Skc=
908908
github.com/coder/gutsv1.5.0 h1:a94apf7xMf5jDdg1bIHzncbRiTn3+BvBZgrFSDbUnyI=
909909
github.com/coder/gutsv1.5.0/go.mod h1:0Sbv5Kp83u1Nl7MIQiV2zmacJ3o02I341bkWkjWXSUQ=
910-
github.com/coder/pqv1.10.5-0.20240813183442-0c420cb5a048 h1:3jzYUlGH7ZELIH4XggXhnTnP05FCYiAFeQpoN+gNR5I=
911-
github.com/coder/pqv1.10.5-0.20240813183442-0c420cb5a048/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
910+
github.com/coder/pqv1.10.5-0.20250807075151-6ad9b0a25151 h1:YAxwg3lraGNRwoQ18H7R7n+wsCqNve7Brdvj0F1rDnU=
911+
github.com/coder/pqv1.10.5-0.20250807075151-6ad9b0a25151/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
912912
github.com/coder/prettyv0.0.0-20230908205945-e89ba86370e0 h1:3A0ES21Ke+FxEM8CXx9n47SZOKOpgSE1bbJzlE4qPVs=
913913
github.com/coder/prettyv0.0.0-20230908205945-e89ba86370e0/go.mod h1:5UuS2Ts+nTToAMeOjNlnHFkPahrtDkmpydBen/3wgZc=
914914
github.com/coder/previewv0.0.2-0.20250527172548-ab173d35040c h1:lPIImqcf46QcK3hYlr20xt2SG66IAAK/kfZdEhM6OJc=

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp