mirror of
https://github.com/xataio/pgroll.git
synced 2024-10-05 17:47:59 +03:00
main
22 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Andrew Farries
|
3f792b789d
|
Bump testcontainers package dependencies (#381)
`testcontainers/go`: v0.23.0 -> v0.32.0 `testcontainers-go/modules/postgres`: v0.23.0 -> v0.32.0 Addresses https://github.com/xataio/pgroll/security/dependabot/12 Makes https://github.com/xataio/pgroll/pull/379 obsolete as this dependency update includes that one. |
||
Andrew Farries
|
5c1aef2f24
|
Retry on lock_timeout errors (#353)
Retry statements and transactions that fail due to `lock_timeout` errors. DDL operations and backfills are run in a session in which `SET lock_timout TO xms'` has been set (`x` defaults to `500` but can be specified with the `--lock-timeout` parameter). This ensures that a long running query can't cause other queries to queue up behind a DDL operation as it waits to acquire its lock. The current behaviour if a DDL operation or backfill batch times out when requesting a lock is to fail, forcing the user to retry the migration operation (start, rollback, or complete). This PR retries individual statements (like the DDL operations run by migration operations) and transactions (used by backfills) if they fail due to a `lock_timeout` error. The retry uses an exponential backoff with jitter. Fixes #171 |
||
Andrew Farries
|
4f0a715613
|
Support setting table and column comments to NULL (#345)
Build on #344 to allow removing column comments by setting them to `null`. Make use of https://github.com/omissis/go-jsonschema/pull/220 and use the [nullable](https://github.com/oapi-codegen/nullable) package so that it's possible to distingush between a missing `comment` field and one that is explicitly set to `null`. With https://github.com/omissis/go-jsonschema/pull/220 not being part of a release yet, use a custom build of `go-jsonschema`. It should be possible to switch back to the official release images once https://github.com/omissis/go-jsonschema/pull/220 is part of a release. Without this change it becomes impossible to remove a comment from a column using the 'set comment' 'alter column' sub-operation (https://github.com/xataio/pgroll/pull/344). |
||
dependabot[bot]
|
37d2c28803
|
Bump golang.org/x/net from 0.20.0 to 0.23.0 (#343)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.20.0 to 0.23.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot]
|
3e49151648
|
Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible (#324)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.7+incompatible to 24.0.9+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v24.0.9</h2> <h2>24.0.9</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A24.0.9">docker/cli, 24.0.9 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A24.0.9">moby/moby, 24.0.9 milestone</a></li> </ul> <h2>Security</h2> <p>This release contains security fixes for the following CVEs affecting Docker Engine and its components.</p> <table> <thead> <tr> <th>CVE</th> <th>Component</th> <th>Fix version</th> <th>Severity</th> </tr> </thead> <tbody> <tr> <td><a href="https://scout.docker.com/v/CVE-2024-21626">CVE-2024-21626</a></td> <td>runc</td> <td>1.1.12</td> <td>High, CVSS 8.6</td> </tr> <tr> <td><a href="https://scout.docker.com/v/CVE-2024-24557">CVE-2024-24557</a></td> <td>Docker Engine</td> <td>24.0.9</td> <td>Medium, CVSS 6.9</td> </tr> </tbody> </table> <blockquote> <p><strong>Important</strong> ⚠️</p> <p>Note that this release of Docker Engine doesn't include fixes for the following known vulnerabilities in BuildKit:</p> <ul> <li><a href="https://scout.docker.com/v/CVE-2024-23651">CVE-2024-23651</a></li> <li><a href="https://scout.docker.com/v/CVE-2024-23652">CVE-2024-23652</a></li> <li><a href="https://scout.docker.com/v/CVE-2024-23653">CVE-2024-23653</a></li> <li><a href="https://scout.docker.com/v/CVE-2024-23650">CVE-2024-23650</a></li> </ul> <p>To address these vulnerabilities, upgrade to <a href="https://github.com/docker/docker/blob/HEAD/25.0.md#2502">Docker Engine v25.0.2</a>.</p> </blockquote> <p>For more information about the security issues addressed in this release, and the unaddressed vulnerabilities in BuildKit, refer to the <a href="https://www.docker.com/blog/docker-security-advisory-multiple-vulnerabilities-in-runc-buildkit-and-moby/">blog post</a>. For details about each vulnerability, see the relevant security advisory:</p> <ul> <li><a href="https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv">CVE-2024-21626</a></li> <li><a href="https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc">CVE-2024-24557</a></li> </ul> <h3>Packaging updates</h3> <ul> <li>Upgrade runc to <a href="https://github.com/opencontainers/runc/releases/tag/v1.1.12">v1.1.12</a>. <a href="https://redirect.github.com/moby/moby/pull/47269">moby/moby#47269</a></li> <li>Upgrade containerd to <a href="https://github.com/containerd/containerd/releases/tag/v1.7.13">v1.7.13</a> (static binaries only). <a href="https://redirect.github.com/moby/moby/pull/47280">moby/moby#47280</a></li> </ul> <h2>v24.0.8</h2> <h2>24.0.8</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A24.0.8">docker/cli, 24.0.8 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A24.0.8">moby/moby, 24.0.8 milestone</a></li> </ul> <h3>Bug fixes and enhancements</h3> <ul> <li>Live restore: Containers with auto remove (<code>docker run --rm</code>) are no longer forcibly removed on engine restart. <a href="https://redirect.github.com/moby/moby/pull/46869">moby/moby#46857</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot]
|
14a2217910
|
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 (#319)
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/protobuf&package-manager=go_modules&previous-version=1.31.0&new-version=1.33.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/xataio/pgroll/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
Andrew Farries
|
d00d804649
|
Add JSON schema tests (#263)
Add tests for the JSON schema defined in `schema.json`. Add testcases for examples of migrations that we expect to be valid and invalid according to the schema. These are initially focussed on the 'alter_column' operation as that is the most complex migration operation in terms of schema and dependencies between different fields. Uses: * https://github.com/santhosh-tekuri/jsonschema for JSON schema validation * https://pkg.go.dev/golang.org/x/tools/txtar to define testcases. |
||
dependabot[bot]
|
c5a3dbdcd5
|
Bump github.com/opencontainers/runc from 1.1.5 to 1.1.12 (#260)
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.1.5 to 1.1.12. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/opencontainers/runc/releases">github.com/opencontainers/runc's releases</a>.</em></p> <blockquote> <h2>runc 1.1.12 -- "Now you're thinking with Portals™!"</h2> <p>This is the twelfth patch release in the 1.1.z release branch of runc. It fixes a high-severity container breakout vulnerability involving leaked file descriptors, and users are strongly encouraged to update as soon as possible.</p> <ul> <li> <p>Fix <a href="https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv">CVE-2024-21626</a>, a container breakout attack that took advantage of a file descriptor that was leaked internally within runc (but never leaked to the container process).</p> <p>In addition to fixing the leak, several strict hardening measures were added to ensure that future internal leaks could not be used to break out in this manner again.</p> <p>Based on our research, while no other container runtime had a similar leak, none had any of the hardening steps we've introduced (and some runtimes would not check for any file descriptors that a calling process may have leaked to them, allowing for container breakouts due to basic user error).</p> </li> </ul> <h3>Static Linking Notices</h3> <p>The <code>runc</code> binary distributed with this release are <em>statically linked</em> with the following <a href="https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html">GNU LGPL-2.1</a> licensed libraries, with <code>runc</code> acting as a "work that uses the Library":</p> <ul> <li><a href="https://github.com/seccomp/libseccomp">libseccomp</a></li> </ul> <p>The versions of these libraries were not modified from their upstream versions, but in order to comply with the LGPL-2.1 (§6(a)), we have attached the complete source code for those libraries which (when combined with the attached runc source code) may be used to exercise your rights under the LGPL-2.1.</p> <p>However we strongly suggest that you make use of your distribution's packages or download them from the authoritative upstream sources, especially since these libraries are related to the security of your containers.</p> <!-- raw HTML omitted --> <p>Thanks to all of the contributors who made this release possible:</p> <ul> <li>Aleksa Sarai <a href="mailto:cyphar@cyphar.com">cyphar@cyphar.com</a></li> <li>hang.jiang <a href="mailto:hang.jiang@daocloud.io">hang.jiang@daocloud.io</a></li> <li>lfbzhm <a href="mailto:lifubang@acmcoder.com">lifubang@acmcoder.com</a></li> </ul> <p>Signed-off-by: Aleksa Sarai <a href="mailto:cyphar@cyphar.com">cyphar@cyphar.com</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/opencontainers/runc/blob/v1.1.12/CHANGELOG.md">github.com/opencontainers/runc's changelog</a>.</em></p> <blockquote> <h2>[1.1.12] - 2024-01-31</h2> <blockquote> <p>Now you're thinking with Portals™!</p> </blockquote> <h3>Security</h3> <ul> <li>Fix <a href="https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv">CVE-2024-21626</a>, a container breakout attack that took advantage of a file descriptor that was leaked internally within runc (but never leaked to the container process). In addition to fixing the leak, several strict hardening measures were added to ensure that future internal leaks could not be used to break out in this manner again. Based on our research, while no other container runtime had a similar leak, none had any of the hardening steps we've introduced (and some runtimes would not check for any file descriptors that a calling process may have leaked to them, allowing for container breakouts due to basic user error).</li> </ul> <h2>[1.1.11] - 2024-01-01</h2> <blockquote> <p>Happy New Year!</p> </blockquote> <h3>Fixed</h3> <ul> <li>Fix several issues with userns path handling. (<a href="https://redirect.github.com/opencontainers/runc/issues/4122">#4122</a>, <a href="https://redirect.github.com/opencontainers/runc/issues/4124">#4124</a>, <a href="https://redirect.github.com/opencontainers/runc/issues/4134">#4134</a>, <a href="https://redirect.github.com/opencontainers/runc/issues/4144">#4144</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Support memory.peak and memory.swap.peak in cgroups v2. Add <code>swapOnlyUsage</code> in <code>MemoryStats</code>. This field reports swap-only usage. For cgroupv1, <code>Usage</code> and <code>Failcnt</code> are set by subtracting memory usage from memory+swap usage. For cgroupv2, <code>Usage</code>, <code>Limit</code>, and <code>MaxUsage</code> are set. (<a href="https://redirect.github.com/opencontainers/runc/issues/4000">#4000</a>, <a href="https://redirect.github.com/opencontainers/runc/issues/4010">#4010</a>, <a href="https://redirect.github.com/opencontainers/runc/issues/4131">#4131</a>)</li> <li>build(deps): bump github.com/cyphar/filepath-securejoin. (<a href="https://redirect.github.com/opencontainers/runc/issues/4140">#4140</a>)</li> </ul> <h2>[1.1.10] - 2023-10-31</h2> <blockquote> <p>Śruba, przykręcona we śnie, nie zmieni sytuacji, jaka panuje na jawie.</p> </blockquote> <h3>Added</h3> <ul> <li>Support for <code>hugetlb.<pagesize>.rsvd</code> limiting and accounting. Fixes the issue of postres failing when hugepage limits are set. (<a href="https://redirect.github.com/opencontainers/runc/issues/3859">#3859</a>, <a href="https://redirect.github.com/opencontainers/runc/issues/4077">#4077</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Fixed permissions of a newly created directories to not depend on the value of umask in tmpcopyup feature implementation. (<a href="https://redirect.github.com/opencontainers/runc/issues/3991">#3991</a>, <a href="https://redirect.github.com/opencontainers/runc/issues/4060">#4060</a>)</li> <li>libcontainer: cgroup v1 GetStats now ignores missing <code>kmem.limit_in_bytes</code> (fixes the compatibility with Linux kernel 6.1+). (<a href="https://redirect.github.com/opencontainers/runc/issues/4028">#4028</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot]
|
72cc1552a3
|
Bump github.com/containerd/containerd from 1.7.3 to 1.7.11 (#217)
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.7.3 to 1.7.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/containerd/containerd/releases">github.com/containerd/containerd's releases</a>.</em></p> <blockquote> <h2>containerd 1.7.11</h2> <p>Welcome to the v1.7.11 release of containerd!</p> <p>The eleventh patch release for containerd 1.7 contains various fixes and updates including one security issue.</p> <h3>Notable Updates</h3> <ul> <li><strong>Fix Windows default path overwrite issue</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/9440">#9440</a>)</li> <li><strong>Update push to always inherit distribution sources from parent</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/9452">#9452</a>)</li> <li><strong>Update shim to use net dial for gRPC shim sockets</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/9458">#9458</a>)</li> <li><strong>Fix otel version incompatibility</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/9483">#9483</a>)</li> <li><strong>Fix Windows snapshotter blocking snapshot GC on remove failure</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/9482">#9482</a>)</li> <li><strong>Mask <code>/sys/devices/virtual/powercap</code> path in runtime spec and deny in default apparmor profile</strong> (<a href="https://github.com/containerd/containerd/security/advisories/GHSA-7ww5-4wqc-m92c">GHSA-7ww5-4wqc-m92c</a>)</li> </ul> <h3>Deprecation Warnings</h3> <ul> <li><strong>Emit deprecation warning for AUFS snapshotter</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/9436">#9436</a>)</li> <li><strong>Emit deprecation warning for v1 runtime</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/9450">#9450</a>)</li> <li><strong>Emit deprecation warning for deprecated CRI configs</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/9469">#9469</a>)</li> <li><strong>Emit deprecation warning for CRI v1alpha1 usage</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/9479">#9479</a>)</li> <li><strong>Emit deprecation warning for CRIU config in CRI</strong> (<a href="https://redirect.github.com/containerd/containerd/pull/9481">#9481</a>)</li> </ul> <p>See the changelog for complete list of changes</p> <p>Please try out the release binaries and report any issues at <a href="https://github.com/containerd/containerd/issues">https://github.com/containerd/containerd/issues</a>.</p> <h3>Contributors</h3> <ul> <li>Samuel Karp</li> <li>Derek McGowan</li> <li>Phil Estes</li> <li>Bjorn Neergaard</li> <li>Danny Canter</li> <li>Sebastiaan van Stijn</li> <li>ruiwen-zhao</li> <li>Akihiro Suda</li> <li>Amit Barve</li> <li>Charity Kathure</li> <li>Maksym Pavlenko</li> <li>Milas Bowman</li> <li>Paweł Gronowski</li> <li>Wei Fu</li> </ul> <h3>Changes</h3> <!-- raw HTML omitted --> <ul> <li>[release/1.7] Prepare release notes for v1.7.11 (<a href="https://redirect.github.com/containerd/containerd/pull/9491">#9491</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Carlos Pérez-Aradros Herce
|
66ccf91978
|
Add unique & FK constraints info to the schema (#218)
This info is useful to better validate incoming migrations, also it reflects better the resulting schema example output: ``` { "name": "public", "tables": { "table1": { "oid": "66508", "name": "table1", "columns": { "id": { "name": "id", "type": "integer", "unique": true, "comment": null, "default": null, "nullable": false } }, "comment": null, "indexes": { "table1_pkey": { "name": "table1_pkey" } }, "primaryKey": [ "id" ], "foreignKeys": null }, "table2": { "oid": "66513", "name": "table2", "columns": { "fk": { "name": "fk", "type": "integer", "unique": false, "comment": null, "default": null, "nullable": false } }, "comment": null, "indexes": null, "primaryKey": null, "foreignKeys": { "fk_fkey": { "name": "fk_fkey", "columns": [ "fk" ], "referencedTable": "table1", "referencedColumns": [ "id" ] } } } } } ``` |
||
dependabot[bot]
|
3023c0e365
|
Bump github.com/docker/docker from 24.0.5+incompatible to 24.0.7+incompatible (#194)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.5+incompatible to 24.0.7+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v24.0.7</h2> <h2>24.0.7</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A24.0.7">docker/cli, 24.0.7 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A24.0.7">moby/moby, 24.0.7 milestone</a></li> </ul> <h3>Bug fixes and enhancements</h3> <ul> <li>Write overlay2 layer metadata atomically. <a href="https://redirect.github.com/moby/moby/pull/46703">moby/moby#46703</a></li> <li>Fix "Rootful-in-Rootless" Docker-in-Docker on systemd version 250 and later. <a href="https://redirect.github.com/moby/moby/pull/46626">moby/moby#46626</a></li> <li>Fix <code>dockerd-rootless-setuptools.sh</code> when username contains a backslash. <a href="https://redirect.github.com/moby/moby/pull/46407">moby/moby#46407</a></li> <li>Fix a bug that would prevent network sandboxes to be fully deleted when stopping containers with no network attachments and when <code>dockerd --bridge=none</code> is used. <a href="https://redirect.github.com/moby/moby/pull/46702">moby/moby#46702</a></li> <li>Fix a bug where cancelling an API request could interrupt container restart. <a href="https://redirect.github.com/moby/moby/pull/46697">moby/moby#46697</a></li> <li>Fix an issue where containers would fail to start when providing <code>--ip-range</code> with a range larger than the subnet. <a href="https://redirect.github.com/docker/for-mac/issues/6870">docker/for-mac#6870</a></li> <li>Fix data corruption with zstd output. <a href="https://redirect.github.com/moby/moby/pull/46709">moby/moby#46709</a></li> <li>Fix the conditions under which the container's MAC address is applied. <a href="https://redirect.github.com/moby/moby/pull/46478">moby/moby#46478</a></li> <li>Improve the performance of the stats collector. <a href="https://redirect.github.com/moby/moby/pull/46448">moby/moby#46448</a></li> <li>Fix an issue with source policy rules ending up in the wrong order. <a href="https://redirect.github.com/moby/moby/pull/46441">moby/moby#46441</a></li> </ul> <h3>Packaging updates</h3> <ul> <li>Add support for Fedora 39 and Ubuntu 23.10. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/940">docker/docker-ce-packaging#940</a>, <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/955">docker/docker-ce-packaging#955</a></li> <li>Fix <code>docker.socket</code> not getting disabled when uninstalling the <code>docker-ce</code> RPM package. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/852">docker/docker-ce-packaging#852</a></li> <li>Upgrade Go to <code>go1.20.10</code>. <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/951">docker/docker-ce-packaging#951</a></li> <li>Upgrade containerd to <code>v1.7.6</code> (static binaries only). <a href="https://redirect.github.com/moby/moby/pull/46103">moby/moby#46103</a></li> <li>Upgrade the <code>containerd.io</code> package to <a href="https://github.com/containerd/containerd/releases/tag/v1.6.24"><code>v1.6.24</code></a>.</li> </ul> <h3>Security</h3> <ul> <li>Deny containers access to <code>/sys/devices/virtual/powercap</code> by default. This change hardens against <a href="https://scout.docker.com/v/CVE-2020-8694">CVE-2020-8694</a>, <a href="https://scout.docker.com/v/CVE-2020-8695">CVE-2020-8695</a>, and <a href="https://scout.docker.com/v/CVE-2020-12912">CVE-2020-12912</a>, and an attack known as <a href="https://platypusattack.com/">the PLATYPUS attack</a>. For more details, see <a href="https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p">advisory</a>, <a href=" |
||
dependabot[bot]
|
5412895d81
|
Bump google.golang.org/grpc from 1.57.0 to 1.57.1 (#192)
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.57.0 to 1.57.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.57.1</h2> <h1>Security</h1> <ul> <li> <p>server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)</p> <p>In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot]
|
0792d6b250
|
Bump golang.org/x/net from 0.10.0 to 0.17.0 (#185)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.10.0 to 0.17.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Andrew Farries
|
3eae4ec9b8
|
Allow CLI flags to be specified by environment variable (#152)
Bind command line arguments to env vars. Allow the flags: * `--postgres-url` * `--schema` * `--pgroll-schema` To be set via these env vars: * `PGROLL_PG_URL` * `PGROLL_SCHEMA` * `PGROLL_STATE_SCHEMA` If a flag is specified both via a CLI flag and an env var the CLI flag takes priority. |
||
Andrew Farries
|
3e3860f656
|
Add spinners and progress notifications to CLI output (#139)
Add spinners and progress notification to the CLI output. The `start` command has progress updates while the other commands just have their output displayed consistently with the `start` command; no progress updates as these operations are expected to be short-running. Only the operations that perform backfills currently publish any progress updates as this is the longest running part of any operation. --- **start**: https://github.com/xataio/pgroll/assets/8225907/75b67093-719b-4c92-bcf2-2faacca7eef7 **init** <img width="294" alt="image" src="https://github.com/xataio/pgroll/assets/8225907/61c22774-bf2d-498c-bb4a-5ca4afe84c31"> **rollback** <img width="706" alt="image" src="https://github.com/xataio/pgroll/assets/8225907/14ea4946-5879-4ffb-ab03-ceb40a95206e"> **complete** <img width="254" alt="image" src="https://github.com/xataio/pgroll/assets/8225907/3b582682-138a-4ef8-afaf-e4fd93aa636c"> |
||
Andrew Farries
|
3e7918815e
|
Upgrade to Go 1 21 (#54)
Upgrade CI and local builds to Go 1.21. Also upgrade `testcontainers-go` to 0.23.0 as earlier versions were not compatible with Go > 1.20.5. |
||
Carlos Pérez-Aradros Herce
|
28187f3cb3
|
Rename table op (#23)
Add rename table operation. I worked a bit toward table-based testing with reusable code in `op_common_test.go` --------- Co-authored-by: Andrew Farries <andyrb@gmail.com> |
||
Andrew Farries
|
99dd68815d
|
Reimplement analyze subcommand (#24)
The hidden `analyze` subcommand to dump the inferred database schema to stdout was implemented in #1. We've since changed how the schema is inferred (in #12). This PR updates the `analyze` command to use the schema retrieval implemented in #12. Example `go run . analyze public`: ```json { "tables": { "bills": { "oid": "16417", "name": "bills", "comment": "", "columns": { "date": { "name": "date", "type": "time with time zone", "default": null, "nullable": false, "comment": "" }, "id": { "name": "id", "type": "integer", "default": null, "nullable": false, "comment": "" }, "quantity": { "name": "quantity", "type": "integer", "default": null, "nullable": false, "comment": "" } } }, "customers": { "oid": "16408", "name": "customers", "comment": "", "columns": { "credit_card": { "name": "credit_card", "type": "text", "default": null, "nullable": true, "comment": "" }, "id": { "name": "id", "type": "integer", "default": null, "nullable": false, "comment": "" }, "name": { "name": "name", "type": "varchar(255)", "default": null, "nullable": false, "comment": "" } } } } } ``` |
||
dependabot[bot]
|
0139d75560
|
Bump google.golang.org/grpc from 1.47.0 to 1.53.0 (#18)
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.47.0 to 1.53.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.53.0</h2> <h1>API Changes</h1> <ul> <li>balancer: support injection of per-call metadata from LB policies (<a href="https://redirect.github.com/grpc/grpc-go/issues/5853">#5853</a>)</li> <li>resolver: remove deprecated field <code>resolver.Target.Endpoint</code> and replace with <code>resolver.Target.Endpoint()</code> (<a href="https://redirect.github.com/grpc/grpc-go/issues/5852">#5852</a>) <ul> <li>Special Thanks: <a href="https://github.com/kylejb"><code>@kylejb</code></a></li> </ul> </li> </ul> <h1>New Features</h1> <ul> <li>xds/ringhash: introduce <code>GRPC_RING_HASH_CAP</code> environment variable to override the maximum ring size. (<a href="https://redirect.github.com/grpc/grpc-go/issues/5884">#5884</a>)</li> <li>rls: propagate headers received in RLS response to backends (<a href="https://redirect.github.com/grpc/grpc-go/issues/5883">#5883</a>)</li> </ul> <h1>Bug Fixes</h1> <ul> <li>transport: drain client transport when streamID approaches MaxStreamID (<a href="https://redirect.github.com/grpc/grpc-go/issues/5889">#5889</a>)</li> <li>server: after GracefulStop, ensure connections are closed when final RPC completes (<a href="https://redirect.github.com/grpc/grpc-go/issues/5968">#5968</a>)</li> <li>server: fix a few issues where grpc server uses RST_STREAM for non-HTTP/2 errors (<a href="https://redirect.github.com/grpc/grpc-go/issues/5893">#5893</a>)</li> <li>xdsclient: fix race which can happen when multiple load reporting calls are made at the same time. (<a href="https://redirect.github.com/grpc/grpc-go/issues/5927">#5927</a>)</li> <li>rls: fix a data race involving the LRU cache (<a href="https://redirect.github.com/grpc/grpc-go/issues/5925">#5925</a>)</li> <li>xds: fix panic involving double close of channel in xDS transport (<a href="https://redirect.github.com/grpc/grpc-go/issues/5959">#5959</a>)</li> <li>gcp/observability: update method name validation (<a href="https://redirect.github.com/grpc/grpc-go/issues/5951">#5951</a>)</li> </ul> <h1>Documentation</h1> <ul> <li>credentials/oauth: mark <code>NewOauthAccess</code> as deprecated (<a href="https://redirect.github.com/grpc/grpc-go/issues/5882">#5882</a>) <ul> <li>Special Thanks: <a href="https://github.com/buzzsurfr"><code>@buzzsurfr</code></a></li> </ul> </li> </ul> <h2>Release 1.52.3</h2> <h1>Bug Fixes</h1> <ul> <li>Fix user-agent version</li> </ul> <h2>Release 1.52.2</h2> <h1>Bug Fixes</h1> <ul> <li>xds: fix panic involving double close of channel in xDS transport (<a href="https://redirect.github.com/grpc/grpc-go/issues/5959">#5959</a>)</li> </ul> <h2>Release 1.52.1</h2> <h1>Bug Fixes</h1> <ul> <li>grpclb: rename grpclbstate package back to state (<a href="https://redirect.github.com/grpc/grpc-go/issues/5963">#5963</a>)</li> </ul> <h2>Release 1.52.0</h2> <h1>New Features</h1> <ul> <li>xdsclient: log node ID with verbosity INFO (<a href="https://redirect.github.com/grpc/grpc-go/issues/5860">#5860</a>)</li> <li>ringhash: impose cap on <code>max_ring_size</code> to reduce possibility of OOMs (<a href="https://redirect.github.com/grpc/grpc-go/issues/5801">#5801</a>)</li> </ul> <h1>Behavior Changes</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Andrew Farries
|
20c57553b6 | Add tests for create table operation | ||
Andrew Farries
|
2c6a6631fa |
Add analyze as a hidden subcommand
|
||
Carlos Pérez-Aradros Herce
|
bdaf08f54c |
Initial commit
Basic skeleton and simple op |