Comments (5)
rhamzeh
commented on September 19, 2024
Hi @stgraber - Will have chat with the team before reverting around this. We can bump it up in CI, but that means that folks running earlier builds of Go may be vulnerable.
If we agree on this path, we'll revert to 1.21 next week - sorry for this.
Main reason for the bump is Go's vulnerability reporting. It was raising errors on the CI.
If I am not mistaken, this issue is what triggered govulncheck for us, golang/go#65065. Fixed in Go 1.21.8.
On one hand we can say the choice of the runtime should be up to the user, but we're usually erring a lot on the side of caution.
Apologies if it takes us a bit of time to get back on this, I'd rather not revert without a team consensus.
from go-sdk.
rhamzeh
commented on September 19, 2024
Hi @stgraber - just an update, we agreed to revert to 1.21 - sorry for the delay and the noise. A release with this fix should go out tomorrow.
from go-sdk.
stgraber
commented on September 19, 2024
Thanks!
from go-sdk.
rhamzeh
commented on September 19, 2024
v0.3.7 is now out and reverts to go1.21 - thanks @stgraber!
from go-sdk.
stgraber
commented on September 19, 2024
thanks!
from go-sdk.
Related Issues (20)
- README content display format is incorrect
- Export metrics
- Allow users to pass in extra data that should be sent in the payload to the token issuer
- Validate that the Store ID and Authorization Model ID are valid ULIDs
- Better handling of errors during Client Credentials flow
- ListRelations, BatchCheck & non-txn Write should attempt to validate connection before writing and return proper error
- OpenFgaClient - Read sends an empty user/relation/object when not provided
- Client should be interface
- chore: move the utils.go functionality to the utils directory
- NewSdkClient should return SdkClient interface
- Need to allow empty string for ulid
- HasContinuationToken() methods return true whereas there is no more page HOT 3
- Consider wrapping idempotent requests with singleflight
- When the Authorization Model ID is `""`, the SDK attempts to send `""` as an I
- GoSDK client not respecting options and body HOT 1
- Example for writeTuples should refer to body rather than requestBody HOT 5
- Cannot make calls to OpenFGA when exposed under path HOT 1
- oauth2 package retains canonical import path from original code HOT 1
- Client credentials flow does not support token issuer url with a path
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from go-sdk.