Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security: remove useless sshd-common dependence #4199

Merged
merged 1 commit into from
Feb 7, 2025
Merged

security: remove useless sshd-common dependence #4199

merged 1 commit into from
Feb 7, 2025
+4 −0

Conversation

ungreat
Copy link
Collaborator

@ungreat ungreat commented Jan 24, 2025
edited
Loading

What type of PR is this?

type-bug

What this PR does / why we need it:

Remove useless sshd-common dependence to avoid some security vulnerabilities.

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Additional documentation e.g., usage docs, etc.:

@ungreat ungreat added the enhancement New feature or request label Jan 24, 2025
@ungreat ungreat added this to the ODC 4.3.3 milestone Jan 24, 2025
@ungreat ungreat self-assigned this Jan 24, 2025
@MarkPotato777 MarkPotato777 changed the title fix(security): update sshd-common version security: update sshd-common version Jan 24, 2025
@ungreat ungreat force-pushed the fix/yiang_fix_433_update_sshd_common branch from 2357735 to 5f685f9 Compare January 24, 2025 07:31
@ungreat ungreat changed the title security: update sshd-common version security: remove useless sshd-common dependence Jan 24, 2025
MarkPotato777
MarkPotato777 reviewed Feb 6, 2025
View reviewed changes
Copy link
Collaborator

@MarkPotato777 MarkPotato777 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ungreat ungreat force-pushed the fix/yiang_fix_433_update_sshd_common branch from 5f685f9 to 79d6a17 Compare February 6, 2025 02:12
@ungreat ungreat force-pushed the fix/yiang_fix_433_update_sshd_common branch from 79d6a17 to 7f7a2e1 Compare February 6, 2025 02:19
LioRoger
LioRoger approved these changes Feb 7, 2025
View reviewed changes
Copy link
Collaborator

@LioRoger LioRoger left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maven dependency can help us analysis pom effect or conflict, my question is why this dependency should be removed explicit? is there any other dependency should be excluded or upgraded?

@ungreat
Copy link
Collaborator Author

ungreat commented Feb 7, 2025

maven dependency can help us analysis pom effect or conflict, my question is why this dependency should be removed explicit? is there any other dependency should be excluded or upgraded?

Spring Cloud Config Server typically depends on the sshd-common package to provide SSH-related functionalities. However, since ODC explicitly does not require this functionality, this dependency is excluded.

@LioRoger LioRoger merged commit e602afd into dev/4.3.3 Feb 7, 2025
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MarkPotato777 MarkPotato777 MarkPotato777 left review comments

@LioRoger LioRoger LioRoger approved these changes

@guowl3 guowl3 Awaiting requested review from guowl3 guowl3 is a code owner

Assignees

@ungreat ungreat

Labels
enhancement New feature or request
Projects
ODC
Status: Developed
Milestone
ODC 4.3.3
Development

Successfully merging this pull request may close these issues.
3 participants
@ungreat @LioRoger @MarkPotato777