Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Beta-1.77] Update libgit2 #13417

Merged
merged 1 commit into from
Feb 7, 2024
Merged

[Beta-1.77] Update libgit2 #13417

merged 1 commit into from
Feb 7, 2024

Conversation

ehuss
Copy link
Contributor

@ehuss ehuss commented Feb 7, 2024

This is a beta packport of #13412 to update libgit2 to fix the security issues mentioned in https://github.com/libgit2/libgit2/releases/tag/v1.7.2. From what I can tell, the threat to cargo is very small. The best I can come up with is a carefully crafted rev field in a Cargo.toml will cause cargo to hang. However, I would feel safer having this backported.

@rustbot
Copy link
Collaborator

rustbot commented Feb 7, 2024

r? @weihanglo

rustbot has assigned @weihanglo.
They will have a look at your PR within the next two weeks and either review your PR or
reassign to another reviewer.

Use r? to explicitly pick a reviewer

@rustbot
Copy link
Collaborator

rustbot commented Feb 7, 2024

⚠️ Warning ⚠️

  • Pull requests are usually filed against the master branch for this repo, but this one is against rust-1.77.0. Please double check that you specified the right target!

@rustbot rustbot added the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label Feb 7, 2024
weihanglo
weihanglo approved these changes Feb 7, 2024
View reviewed changes
Copy link
Member

@weihanglo weihanglo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. I'll include this in beta backport in rust-lang/rust later.

@weihanglo
Copy link
Member

@bors r+

@bors
Copy link
Collaborator

bors commented Feb 7, 2024

📌 Commit 8489dbe has been approved by weihanglo

It is now in the queue for this repository.

@bors bors added S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion. and removed S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. labels Feb 7, 2024
@bors
Copy link
Collaborator

bors commented Feb 7, 2024

⌛ Testing commit 8489dbe with merge c8a48fa...

@bors
Copy link
Collaborator

bors commented Feb 7, 2024

☀️ Test successful - checks-actions
Approved by: weihanglo
Pushing c8a48fa to rust-1.77.0...

@bors bors merged commit c8a48fa into rust-lang:rust-1.77.0 Feb 7, 2024
22 checks passed
@weihanglo weihanglo mentioned this pull request Feb 7, 2024
Merged
bors added a commit to rust-lang-ci/rust that referenced this pull request Feb 9, 2024
@bors
Auto merge of rust-lang#120659 - weihanglo:update-beta-cargo, r=weiha…
f204809 
…nglo

[beta-1.77.0] backport cargo

2 commits in 7bb7b539558dc88bea44cee4168b6269bf8177b0..c8a48facdaabe1d1fa8de11f90737801f38d8fa1
2024-01-20 00:15:32 +0000 to 2024-02-07 19:15:46 +0000
- [Beta-1.77] Update libgit2 (rust-lang/cargo#13417)
- [beta-1.77.0] Fix panic on empty spans when parsing Cargo.toml (rust-lang/cargo#13393)
@rustbot rustbot added this to the 1.77.0 milestone Feb 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@weihanglo weihanglo weihanglo approved these changes

Assignees

@weihanglo weihanglo

Labels
S-waiting-on-bors Status: Waiting on bors to run and complete tests. Bors will change the label on completion.
Projects
None yet
Milestone
1.77.0
Development

Successfully merging this pull request may close these issues.
4 participants
@ehuss @rustbot @weihanglo @bors