-
Notifications
You must be signed in to change notification settings - Fork 168
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade to OpenSSL 3 #6097
Upgrade to OpenSSL 3 #6097
Conversation
801e5cc
to
5c6a7b5
Compare
5c6a7b5
to
4a1e54f
Compare
Do we need to worry about these warnings on Android Arm64 Debug (in Jenkins):
|
Yes, these APIs are apparently deprecated. I'll replace them with the recommended usage. |
Removing myself because my opinion on this does not matter. |
find_dependency(ZLIB) | ||
if(ANDROID) | ||
set(CMAKE_FIND_LIBRARY_SUFFIXES ${_CMAKE_FIND_LIBRARY_SUFFIXES_orig}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can this be added to elseif above?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, it needs to happen after the find_dependency
call. CMAKE_FIND_LIBRARY_SUFFIXES
influences it so we need to change it before and after.
There are some errors on macOS now:
|
@danieltabacaru the macOS errors are unrelated to this PR. They occur in macOS SDK headers pulled in by To be honest as far as I can tell they are errors about the Foundation headers themselves, not our code, so I'm unsure how they can be resolved. |
@fealebenpae I see. It does look like something recent. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
<h3>Snyk has created this PR to upgrade realm from 11.3.1 to 11.5.0.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **3 versions** ahead of your current version. - The recommended version was released **25 days ago**, on 2023-02-19. <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>realm</b></summary> <ul> <li> <b>11.5.0</b> - <a href="https://snyk.io/redirect/github/realm/realm-js/releases/tag/v11.5.0">2023-02-19</a></br><h3>Deprecations</h3> <ul> <li>The ECMAScript Array APIs (such as <code>map</code>, <code>every</code>, access using indexing operator <code>[]</code>, etc.) on the <code>SubscriptionSet</code> types were deprecated. <ul> <li>The existing methods will continue to work until the next major version.</li> <li>The following will <strong>not</strong> be removed from <code>BaseSubscriptionSet</code>: <ul> <li>Being iterable (e.g using <code>for-of</code> loop).</li> <li>Being able to spread (e.g. <code>[...realm.subscriptions]</code>).</li> </ul> </li> </ul> </li> </ul> <h3>Enhancements</h3> <ul> <li>Converting flexible sync Realms to bundled and local Realms is now supported. (<a href="https://snyk.io/redirect/github/realm/realm-core/pull/6076" data-hovercard-type="pull_request" data-hovercard-url="/realm/realm-core/pull/6076/hovercard">realm/realm-core#6076</a>)</li> <li>For client reset mode <code>onRecoveryOrDiscard</code>, the <code>onDiscard</code> and <code>onRecovery</code> callbacks now have simple default values. (<a href="https://snyk.io/redirect/github/realm/realm-js/pull/5288" data-hovercard-type="pull_request" data-hovercard-url="/realm/realm-js/pull/5288/hovercard">#5288</a>, since v11.1.0)</li> </ul> <h3>Fixed</h3> <ul> <li>Fixed possible segfault in sync client where async callback was using object after being deallocated. (<a href="https://snyk.io/redirect/github/realm/realm-core/issues/6053" data-hovercard-type="issue" data-hovercard-url="/realm/realm-core/issues/6053/hovercard">realm/realm-core#6053</a>, since v10.11.0)</li> <li>Fixed crash when using client reset with recovery and flexible sync with a single subscription (<a href="https://snyk.io/redirect/github/realm/realm-core/issues/6070" data-hovercard-type="issue" data-hovercard-url="/realm/realm-core/issues/6070/hovercard">#6070</a>, since v10.19.5)</li> <li>If <code>path</code> is defined in the configuration, it will used for synced Realms too. Relative paths will be appended to a default prefix (prefix is computed using app id and user id). Absolute paths are left untouched. (since v10.0.0)</li> <li>Fixed a bug related to parsing the client reset configuration. (<a href="https://snyk.io/redirect/github/realm/realm-js/pull/5288" data-hovercard-type="pull_request" data-hovercard-url="/realm/realm-js/pull/5288/hovercard">#5288</a>, since v11.1.0)</li> <li>Client reset with recovery or discard local could fail if there were dangling links in lists that got ressurected while the list was being transferred from the fresh Realm. (<a href="https://snyk.io/redirect/github/realm/realm-core/issues/6292" data-hovercard-type="issue" data-hovercard-url="/realm/realm-core/issues/6292/hovercard">realm/realm-core#6292</a>, since v10.10.0)</li> <li>Sharing Realm files between a Catalyst app and Realm Studio did not properly synchronize access to the Realm file. (<a href="https://snyk.io/redirect/github/realm/realm-core/pull/6258" data-hovercard-type="pull_request" data-hovercard-url="/realm/realm-core/pull/6258/hovercard">realm/realm-core#6258</a>, since v6.1.0)</li> <li>When client reset with recovery is used and the recovery does not actually result in any new local commits, the sync client may have gotten stuck in a cycle with a <code>A fatal error occured during client reset: 'A previous 'Recovery' mode reset from <timestamp> did not succeed, giving up on 'Recovery' mode to prevent a cycle'</code> error message. (<a href="https://snyk.io/redirect/github/realm/realm-core/issues/6195" data-hovercard-type="issue" data-hovercard-url="/realm/realm-core/issues/6195/hovercard">realm/realm-core#6195</a>, since v10.18.0)</li> <li>Fixed diverging history in flexible sync if writes occur during bootstrap to objects that just came into view. (<a href="https://snyk.io/redirect/github/realm/realm-core/issues/5804" data-hovercard-type="issue" data-hovercard-url="/realm/realm-core/issues/5804/hovercard">realm/realm-core#5804</a>, since v10.11.0)</li> <li>If a client reset with recovery or discard local is interrupted while the "fresh" Realm is being downloaded, the sync client may crash with a <code>MultipleSyncAgents</code> exception (<a href="https://snyk.io/redirect/github/realm/realm-core/issues/6217" data-hovercard-type="issue" data-hovercard-url="/realm/realm-core/issues/6217/hovercard">realm/realm-core#6217</a>, since v10.15.0)</li> <li>Online compaction may cause a single commit to take a long time. (<a href="https://snyk.io/redirect/github/realm/realm-core/pull/6245" data-hovercard-type="pull_request" data-hovercard-url="/realm/realm-core/pull/6245/hovercard">realm/realm-core#6245</a>, since v11.3.0-rc.0)</li> </ul> <h3>Compatibility</h3> <ul> <li>React Native >= v0.71.0</li> <li>Atlas App Services.</li> <li>Realm Studio v13.0.0.</li> <li>File format: generates Realms with format v23 (reads and upgrades file format v5 or later for non-synced Realm, upgrades file format v10 or later for synced Realms).</li> </ul> <h3>Internal</h3> <ul> <li>Upgrade Example to use React Native 0.71.1 (<a href="https://snyk.io/redirect/github/realm/realm-js/pull/5438" data-hovercard-type="pull_request" data-hovercard-url="/realm/realm-js/pull/5438/hovercard">#5438</a>)</li> <li>Upgraded Realm Core from v13.1.1 to v13.4.2. (<a href="https://snyk.io/redirect/github/realm/realm-js/issues/5174" data-hovercard-type="issue" data-hovercard-url="/realm/realm-js/issues/5174/hovercard">#5174</a>, <a href="https://snyk.io/redirect/github/realm/realm-js/issues/5244" data-hovercard-type="issue" data-hovercard-url="/realm/realm-js/issues/5244/hovercard">#5244</a>, <a href="https://snyk.io/redirect/github/realm/realm-js/issues/5419" data-hovercard-type="issue" data-hovercard-url="/realm/realm-js/issues/5419/hovercard">#5419</a> and <a href="https://snyk.io/redirect/github/realm/realm-js/issues/5450" data-hovercard-type="issue" data-hovercard-url="/realm/realm-js/issues/5450/hovercard">#5450</a>)</li> <li>Unpin Xcode version when building locally and upgrade the Xcode version used by Github Actions.</li> <li>Enable tests for notifications on dictionary.</li> <li>Automate releasing package on Github Actions.</li> <li>Upgrade OpenSSL v1.1.1n to v3.0.8. (<a href="https://snyk.io/redirect/github/realm/realm-core/pull/6097" data-hovercard-type="pull_request" data-hovercard-url="/realm/realm-core/pull/6097/hovercard">realm/realm-core#6097</a> and <a href="https://snyk.io/redirect/github/realm/realm-core/pull/6305" data-hovercard-type="pull_request" data-hovercard-url="/realm/realm-core/pull/6305/hovercard">realm/realm-core#6305</a>)</li> </ul> </li> <li> <b>11.4.0</b> - <a href="https://snyk.io/redirect/github/realm/realm-js/releases/tag/v11.4.0">2023-01-23</a></br><h3>Fixed</h3> <ul> <li>Fix no notification for write transaction that contains only change to backlink property. (<a href="https://snyk.io/redirect/github/realm/realm-core/issues/4994" data-hovercard-type="issue" data-hovercard-url="/realm/realm-core/issues/4994/hovercard">realm/realm-core#4994</a>, since v10.8.0)</li> </ul> <h3>Compatibility</h3> <ul> <li>React Native >= v0.71.0</li> <li>File format: generates Realms with format v23 (reads and upgrades file format v5 or later for non-synced Realm, upgrades file format v10 or later for synced Realms).</li> </ul> <h3>Internal</h3> <ul> <li>Upgraded Realm Core from v13.1.1 to v13.1.2. (<a href="https://snyk.io/redirect/github/realm/realm-js/issues/5174" data-hovercard-type="issue" data-hovercard-url="/realm/realm-js/issues/5174/hovercard">#5174</a>)</li> <li>Switching from NDK 21 to NDK 23 for Android builds, and bumping the required CMake version to 3.21.4. Sizes of binaries are found below. (<a href="https://snyk.io/redirect/github/realm/realm-js/issues/3905" data-hovercard-type="issue" data-hovercard-url="/realm/realm-js/issues/3905/hovercard">#3905</a>)</li> </ul> <table> <thead> <tr> <th>Architecture</th> <th>NDK 21</th> <th>NDK 23</th> </tr> </thead> <tbody> <tr> <td>armeabi-v7a</td> <td>5415116</td> <td>5554692</td> </tr> <tr> <td>x86</td> <td>9760312</td> <td>10905472</td> </tr> <tr> <td>arm64-v8a</td> <td>8883176</td> <td>9547032</td> </tr> <tr> <td>x86_64</td> <td>9879208</td> <td>10574368</td> </tr> </tbody> </table> </li> <li> <b>11.3.2</b> - <a href="https://snyk.io/redirect/github/realm/realm-js/releases/tag/v11.3.2">2023-01-17</a></br><h3>DEPRECATED</h3> <p>Please use either 11.3.1 or 11.4.0, depending on what version of React Native you are using.</p> </li> <li> <b>11.3.1</b> - <a href="https://snyk.io/redirect/github/realm/realm-js/releases/tag/v11.3.1">2022-12-07</a></br><h3>Fixed</h3> <ul> <li>Not possible to open an encrypted file on a device with a page size bigger than the one on which the file was produced. (<a href="https://snyk.io/redirect/github/realm/realm-swift/issues/8030" data-hovercard-type="issue" data-hovercard-url="/realm/realm-swift/issues/8030/hovercard">#8030</a>, since v11.1.0)</li> <li>Empty binary values will no longer be treated as null (<a href="https://snyk.io/redirect/github/realm/realm-js/issues/5114" data-hovercard-type="issue" data-hovercard-url="/realm/realm-js/issues/5114/hovercard">#5114</a>, since v10.5.0)</li> </ul> <h3>Compatibility</h3> <ul> <li>React Native >= v0.70.0</li> <li>Atlas App Services.</li> <li>Realm Studio v13.0.0.</li> <li>File format: generates Realms with format v23 (reads and upgrades file format v5 or later for non-synced Realm, upgrades file format v10 or later for synced Realms).</li> </ul> <h3>Internal</h3> <ul> <li>Upgraded Realm Core from v13.1.0 to v13.1.1. (<a href="https://snyk.io/redirect/github/realm/realm-js/issues/5154" data-hovercard-type="issue" data-hovercard-url="/realm/realm-js/issues/5154/hovercard">#5154</a>)</li> </ul> </li> </ul> from <a href="https://snyk.io/redirect/github/realm/realm-js/releases">realm GitHub release notes</a> </details> </details> <details> <summary><b>Commit messages</b></summary> </br> <details> <summary>Package name: <b>realm</b></summary> <ul> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/12bc38cbb02bd2ebbce4b9d311c316ca7c205b1a">12bc38c</a> [11.5.0] Bump version</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/d3697007858dc91a722f9e654ae02e2d5c06c93c">d369700</a> Upgrade to Realm Core v13.4.2 (#5453)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/4cbf5d49d289642261211f6e30f7cc91dbb784df">4cbf5d4</a> Upgrade to Realm Core v13.4.1 (#5435)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/d3cedd84f132df420f26a597d49ee6c883b4f1db">d3cedd8</a> Use `rollup` for building `@ realm/react` (#5446)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/106a9f323944022390f2a997c656977cb9b58276">106a9f3</a> Update deploy-cluster.yml</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/61524c62cfe9ed15d94463240648944d32c4ae29">61524c6</a> Update publish-release.yml</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/5057178932a06fb94a6360496729d243bfd43750">5057178</a> Update deploy-cluster.yml</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/4c3ad08d6e98694821515db657b31faa4be276f8">4c3ad08</a> Update deploy-cluster.yml</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/196201c089771b945d0fd49b3675fbd2f7c80657">196201c</a> Deploy cluster workflow (#5420)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/f0ffa3c65deec6a479b3eab37d6438e5a74f454c">f0ffa3c</a> Derive the config when deleting.</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/24783288671f60b7882cd3264a3c5548d4663d72">2478328</a> Update `useUser` to never return `null` (#5443)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/fe0a4e3757c6bb8f2f5858d5ea41ba25fbeee76f">fe0a4e3</a> Revert "Use clusterName as differentiator"</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/b6696df7b99a0268842778bd84263e2386916f34">b6696df</a> Use clusterName as differentiator</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/1b804bfc02953c001f3b2f6f78b36687f3ae8e7f">1b804bf</a> Moved `closeThisRealm` and simplified `closeRealm` (#5437)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/2cc1541b2ddbe82c5a8ccd5c334331ef8e5b3279">2cc1541</a> Fix "Invalid Realm passed to bind_to_context()" when clearing test state (#5436)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/84f1d3cb0185b4486f3edb36057631d7f99da7b6">84f1d3c</a> Create Default Provider and Hooks for `@ realm/react` (#5340)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/4a5e32475c907748772c55a55bbcb84759ac8046">4a5e324</a> Update Example to use Realm 0.71 (#5442)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/c04099fc7b7a2087c33a10d2d6c9fea3c8c6f782">c04099f</a> Revert "Update Example to use Realm 0.71 (#5438)" (#5441)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/14f8179fd5f54eff8a127020e8ecfeba43b2e557">14f8179</a> Update Example to use Realm 0.71 (#5438)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/dd7708373afd51fde6c752ba72f31697a142457f">dd77083</a> Adding a `longTimeout` method to `Suite` and `Context` (#5360)</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/c9c4853431ae7730406806bf20267f0e0c891fa4">c9c4853</a> Updated package-lock of the tests package</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/308ce4f80252624b4852e883c97265550cebc801">308ce4f</a> Update .gitignore</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/650b6ed6a05b166589ee4a436e9a85668d18fb84">650b6ed</a> Fixed vscode integration tests task</li> <li><a href="https://snyk.io/redirect/github/realm/realm-js/commit/e3bebc66a3fad604dcaf618bd224043b412b73f2">e3bebc6</a> Merge pull request #5434 from realm/papafe-patch-1</li> </ul> <a href="https://snyk.io/redirect/github/realm/realm-js/compare/14ddea6f64062f3f404de6ca3e6744ea803359b2...12bc38cbb02bd2ebbce4b9d311c316ca7c205b1a">Compare</a> </details> </details> <hr/> **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJmYzRiZjQ0MS03YjdjLTQ1NWUtYmIwNy1kOTIxZTViOTVkMWYiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImZjNGJmNDQxLTdiN2MtNDU1ZS1iYjA3LWQ5MjFlNWI5NWQxZiJ9fQ==" width="0" height="0"/> 🧐 [View latest project report](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55/settings/integration?pkg=realm&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) <!--- (snyk:metadata:{"prId":"fc4bf441-7b7c-455e-bb07-d921e5b95d1f","prPublicId":"fc4bf441-7b7c-455e-bb07-d921e5b95d1f","dependencies":[{"name":"realm","from":"11.3.1","to":"11.5.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/sandbox-2ba/project/852e6e4f-be96-45c8-b370-1060f5ebee55?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"852e6e4f-be96-45c8-b370-1060f5ebee55","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":3,"publishedDate":"2023-02-19T15:33:31.722Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]}) ---> --------- Co-authored-by: snyk-bot <[email protected]>
What, How & Why?
The actual change necessary was handling one extra command inOpenSSL 3 deprecated some APIs and replacements were necessary.util::network::Stream::bio_ctrl
.But the bulk of the work was setting up a new infrastructure to prebuild OpenSSL in https://github.com/realm/ci/pull/331 and before that building cross-compiler toolchains to spit out prebuilds for exotic platforms in realm/cross-compiler-toolchains. Our new prebuilds and toolchains allow us to target armv7 and arm64 Linux builds with the same ABI compatibility (CentOS 7-era glibc) as our x86_64 builds.
Because we now have OpenSSL and ZLib prebuilds on Windows as well I'm ripping out the vcpkg infrastructure needed for Windows builds.
Fixes #5903
☑️ ToDos