Bump BouncyCastle to 1.76 #10219
Bump BouncyCastle to 1.76 #10219
Conversation
willyborankin
requested review from
reta,
anasalkouz,
andrross,
Bukhtawar,
CEHENKLE,
dblock,
gbbafna,
setiah,
kartg,
kotwanikunal,
mch2,
nknize,
owaiskazi19,
peternied,
Rishikesh1159,
ryanbogan,
saratvemulapalli,
shwetathareja,
dreamer-89,
VachaShah,
dbwiddis,
sachinpkale,
sohami and
msfroh
as code owners
Signed-off-by: Andrey Pleskach <[email protected]>
willyborankin
force-pushed
the
bc-1-76
branch
from
a3b893e to
7e66e04
Compare
Compatibility status:Checks if related components are compatible with change 7e66e04 Incompatible componentsSkipped componentsCompatible componentsCompatible components: [https://github.com/opensearch-project/geospatial.git, https://github.com/opensearch-project/security-analytics.git, https://github.com/opensearch-project/security.git, https://github.com/opensearch-project/custom-codecs.git, https://github.com/opensearch-project/notifications.git, https://github.com/opensearch-project/opensearch-oci-object-storage.git, https://github.com/opensearch-project/neural-search.git, https://github.com/opensearch-project/index-management.git, https://github.com/opensearch-project/alerting.git, https://github.com/opensearch-project/sql.git, https://github.com/opensearch-project/job-scheduler.git, https://github.com/opensearch-project/observability.git, https://github.com/opensearch-project/anomaly-detection.git, https://github.com/opensearch-project/k-nn.git, https://github.com/opensearch-project/asynchronous-search.git, https://github.com/opensearch-project/common-utils.git, https://github.com/opensearch-project/reporting.git, https://github.com/opensearch-project/cross-cluster-replication.git, https://github.com/opensearch-project/performance-analyzer.git, https://github.com/opensearch-project/ml-commons.git, https://github.com/opensearch-project/performance-analyzer-rca.git] |
Gradle Check (Jenkins) Run Completed with:
|
Codecov Report
@@ Coverage Diff @@
## main #10219 +/- ##
============================================
- Coverage 71.23% 71.03% -0.21%
+ Complexity 58301 58164 -137
============================================
Files 4830 4830
Lines 274435 274435
Branches 39992 39992
============================================
- Hits 195492 194937 -555
- Misses 62626 63176 +550
- Partials 16317 16322 +5 |
Gradle Check (Jenkins) Run Completed with:
|
|
The backport to To backport manually, run these commands in your terminal: # Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/OpenSearch/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/OpenSearch/backport-2.x
# Create a new branch
git switch --create backport/backport-10219-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 f6646fbf134c62898926e6821e81f15e0dea4b51
# Push it to GitHub
git push --set-upstream origin backport/backport-10219-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/OpenSearch/backport-2.xThen, create a pull request where the |
|
@willyborankin please backport manually to |
Signed-off-by: Andrey Pleskach <[email protected]> Signed-off-by: Ivan Brusic <[email protected]>
Signed-off-by: Andrey Pleskach <[email protected]> (cherry picked from commit f6646fb)
Signed-off-by: Andrey Pleskach <[email protected]> (cherry picked from commit f6646fb)
Signed-off-by: Andrey Pleskach <[email protected]>
Signed-off-by: Andrey Pleskach <[email protected]> Signed-off-by: Shivansh Arora <[email protected]>
Signed-off-by: Milly Wilson <[email protected]>
…0172, CVE-2024-30171 and CVE-2024-29857) (#13484) * [Backport][1.3] Bump BouncyCastle to 1.76 (#10219) Signed-off-by: Milly Wilson <[email protected]> * [Backport][1.3] Update BouncyCastle dependencies from jdk15to18 to jdk18on (#12317) Signed-off-by: Milly Wilson <[email protected]> * [Backport][1.3] Bump bouncycastle from 1.77 to 1.78 (#13243) Signed-off-by: Milly Wilson <[email protected]> * PR#13484 Re-work * Update BC from 1.78 to 1.78.1 with latest fixes. * Remove incorrect jdk15to18 module replacement definitions as artifacts are still supported. * Add release notes. * Remove unneccessary license additions. Signed-off-by: Milly Wilson <[email protected]> * PR#13484 Re-work * Rename licenses from jdk18on to jdk15to18 and 1.78 to 1.78.1. * Update SHAs for BC 1.78.1 licenses. Signed-off-by: Milly Wilson <[email protected]> * PR#13484 Re-work Update Changelog and remove release notes file as this will be created upon release. Signed-off-by: Milly Wilson <[email protected]> --------- Signed-off-by: Milly Wilson <[email protected]> Co-authored-by: Andrey Pleskach <[email protected]> Co-authored-by: Stephen Crawford <[email protected]> Co-authored-by: Andriy Redko <[email protected]>
Description
Bump BouncyCastle to 1.76
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.