Skip to content
This repository has been archived by the owner on Dec 4, 2024. It is now read-only.

chore: bump dex #1109

Merged
merged 1 commit into from
May 5, 2021
Merged

chore: bump dex #1109

merged 1 commit into from
May 5, 2021

Conversation

jongiddy
Copy link
Contributor

@jongiddy jongiddy commented May 4, 2021

What type of PR is this?
Chore

What this PR does/ why we need it:
Bump dex to include a change that defers creation of AuthRequest objects to avoid Denial of Service.

Which issue(s) this PR fixes:
https://jira.d2iq.com/browse/COPS-6867
https://jira.d2iq.com/browse/D2IQ-75146

Special notes for your reviewer:

Tested in https://github.com/mesosphere/yakcl/pull/425

Does this PR introduce a user-facing change?:

Defer AuthRequest creation until after initial login page to avoid too many objects.

Checklist

  • The commit message explains the changes and why are needed.
  • The code builds and passes lint/style checks locally.
  • The relevant subset of integration tests pass locally.
  • The core changes are covered by tests.
  • The documentation is updated where needed.

@jongiddy jongiddy requested a review from a team as a code owner May 4, 2021 15:26
@d2iq-mergebot
Copy link
Contributor

This repo has @mesosphere-mergebot integration. You can perform the following commands by submitting a comment. Submit a comment with content "@mesosphere-mergebot help" to view more detailed help text and examples. Be sure the have a look at the mergebot documentation, too.

@mesosphere-mergebot backport

@jongiddy jongiddy added this to the release/next milestone May 4, 2021
@jongiddy jongiddy force-pushed the jongiddy/D2IQ-75146-dex-defer-authrequests branch from 60e8d4c to 8f20d25 Compare May 4, 2021 15:30
@jongiddy jongiddy requested review from hectorj2f, jr0d and mhrabovcin May 4, 2021 15:56
@jongiddy jongiddy self-assigned this May 4, 2021
gracedo
gracedo reviewed May 4, 2021
View reviewed changes
Copy link
Contributor

@gracedo gracedo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

addon revision should be bumped as well

@jongiddy jongiddy force-pushed the jongiddy/D2IQ-75146-dex-defer-authrequests branch from 8f20d25 to cd0a57b Compare May 4, 2021 16:17
@jongiddy jongiddy force-pushed the jongiddy/D2IQ-75146-dex-defer-authrequests branch from cd0a57b to 54e0994 Compare May 5, 2021 09:24
@jongiddy jongiddy force-pushed the jongiddy/D2IQ-75146-dex-defer-authrequests branch from 54e0994 to 5004961 Compare May 5, 2021 11:21
@jongiddy
Copy link
Contributor Author

jongiddy commented May 5, 2021

Force-push to sign commit

@jongiddy
chore: bump dex
3ba63c6 
Signed-off-by: Jonathan Giddy <[email protected]>
@jongiddy jongiddy force-pushed the jongiddy/D2IQ-75146-dex-defer-authrequests branch from 5004961 to 3ba63c6 Compare May 5, 2021 12:33
@jongiddy jongiddy merged commit 8db0484 into master May 5, 2021
@jongiddy jongiddy deleted the jongiddy/D2IQ-75146-dex-defer-authrequests branch May 5, 2021 12:57
@jongiddy
Copy link
Contributor Author

jongiddy commented May 5, 2021

@mesosphere-mergebot backport release/3 release/4

This was referenced May 5, 2021
Merged
Merged
@d2iq-mergebot
Copy link
Contributor

Backport PR for release/3: #1115
Backport PR for release/4: #1116

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@gracedo gracedo gracedo left review comments

@hectorj2f hectorj2f hectorj2f approved these changes

@makkes makkes makkes approved these changes

@jr0d jr0d Awaiting requested review from jr0d

@mhrabovcin mhrabovcin Awaiting requested review from mhrabovcin

Assignees

@jongiddy jongiddy

Labels
addon/dex needs backport ready
Projects
None yet
Milestone
release/next
Development

Successfully merging this pull request may close these issues.
5 participants
@jongiddy @d2iq-mergebot @makkes @hectorj2f @gracedo