SECCOMP-27660: Fix vulnerabilities with upstream repo changes #95
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Ryan J. Geyer <[email protected]>
Signed-off-by: Joe Adams <[email protected]>
It is necessary to be able to exclude backups from long-running transaction alerts, as they are to be expected. With the current pg_stat_activity metric there is no ability to filter out specific users or application names. Resolves prometheus-community#668 Signed-off-by: cezmunsta <[email protected]>
Signed-off-by: cezmunsta <[email protected]>
Signed-off-by: prombot <[email protected]>
… leak Signed-off-by: Kurtis Bass <[email protected]>
Signed-off-by: Julien Pivotto <[email protected]> Signed-off-by: Khiem Doan <[email protected]>
Signed-off-by: Khiem Doan <[email protected]>
Signed-off-by: Khiem Doan <[email protected]>
Signed-off-by: Oleksandr Mysyura <[email protected]>
…-dashboard-linting Dashboard linting improvements for mixin
New unit value 64kB
Add postgres 15 for CI test
…/repo_sync Synchronize common files from prometheus/prometheus
Signed-off-by: prombot <[email protected]>
…/repo_sync Synchronize common files from prometheus/prometheus
Update to the latest exporter-toolkit * Enables multi-listener and systemd socket activation. * Bump Go to 1.19. * Remove `PG_EXPORTER_WEB_LISTEN_ADDRESS` env var because this is now a repeatable flag. Signed-off-by: SuperQ <[email protected]>
Signed-off-by: SuperQ <[email protected]>
Signed-off-by: Zachary Caldarola <[email protected]>
…/bjk/exporter-toolkit-bump Update exporter-toolkit
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.13.0 to 1.14.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.13.0...v1.14.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
…/dependabot/go_modules/github.com/prometheus/client_golang-1.14.0 Bump github.com/prometheus/client_golang from 1.13.0 to 1.14.0
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.37.0 to 0.39.0. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.37.0...v0.39.0) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
…/dependabot/go_modules/github.com/prometheus/common-0.39.0 Bump github.com/prometheus/common from 0.37.0 to 0.39.0
Signed-off-by: Zachary Caldarola <[email protected]>
Signed-off-by: Zachary Caldarola <[email protected]>
Signed-off-by: Zachary Caldarola <[email protected]>
Signed-off-by: Zachary Caldarola <[email protected]>
The leak was introduced in PR#882 Signed-off-by: Christian Albrecht <[email protected]> Co-authored-by: Christian Albrecht <[email protected]>
Signed-off-by: David Cook <[email protected]>
Signed-off-by: Vladimir Luksha <[email protected]> Co-authored-by: Vladimir Luksha <[email protected]>
Signed-off-by: David Cook <[email protected]>
) * Fix bugs mentioned in prometheus-community#908 These collectors are disabled by default, so unless enabled, they are not tested regularly. Signed-off-by: Joe Adams <[email protected]> --------- Signed-off-by: Joe Adams <[email protected]>
Signed-off-by: prombot <[email protected]>
* Add changelog for v0.14 - Add changelog entries since v0.13.2 - Update README with new options - Bump version file Signed-off-by: Joe Adams <[email protected]> * Add changelog entry for prometheus-community#904 Signed-off-by: Joe Adams <[email protected]> --------- Signed-off-by: Joe Adams <[email protected]>
Signed-off-by: Eric tyrrell <[email protected]>
…ty#918) Signed-off-by: Joe Adams <[email protected]>
Another case of untyped integer overflows on 32-bit arch. Signed-off-by: Daniel Swarbrick <[email protected]>
Run Go tests with 32-bit to validate value overflow. Signed-off-by: SuperQ <[email protected]>
…theus-community#925) * Bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.16.0 to 1.17.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.16.0...v1.17.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Update tests for latest client_golang. Signed-off-by: SuperQ <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: SuperQ <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: SuperQ <[email protected]>
Signed-off-by: prombot <[email protected]>
…mmunity#931) Fixes prometheus-community#921 Signed-off-by: Joe Adams <[email protected]>
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.10.0 to 0.17.0. - [Commits](golang/net@v0.10.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* [ENHANCEMENT] Add 1kB and 2kB units prometheus-community#915 * [BUGFIX] Add error log when probe collector creation fails prometheus-community#918 * [BUGFIX] Fix test build failures on 32-bit arch prometheus-community#919 * [BUGFIX] Adjust collector to use separate connection per scrape prometheus-community#936 Signed-off-by: SuperQ <[email protected]>
Signed-off-by: prombot <[email protected]>
Signed-off-by: prombot <[email protected]>
Signed-off-by: Alex Simenduev <[email protected]>
…ommunity#948) Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.44.0 to 0.45.0. - [Release notes](https://github.com/prometheus/common/releases) - [Commits](prometheus/common@v0.44.0...v0.45.0) --- updated-dependencies: - dependency-name: github.com/prometheus/common dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/prometheus/client_model](https://github.com/prometheus/client_model) from 0.4.1-0.20230718164431-9a2bf3000d16 to 0.5.0. - [Release notes](https://github.com/prometheus/client_model/releases) - [Commits](https://github.com/prometheus/client_model/commits/v0.5.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_model dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…-community#961) * feat(pg_stat_database): active time metric --------- Signed-off-by: Jiri Sveceny <[email protected]>
) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.17.0. - [Commits](golang/crypto@v0.14.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…theus-community#993) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.17.0 to 1.18.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.17.0...v1.18.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ty#1003) This is the only log message which didn't specify a level in the postgres_exporter. I am unsure if this log message should be info or debug, but leaning towards the more important since previously it would just always log. The way I validated this was the only non-leveled logger was via grep. Both of these only returned this callsite previously: git grep 'logger\.Log' git grep '\.Log(' | grep -v level Signed-off-by: Keegan Carruthers-Smith <[email protected]>
eckelon
approved these changes
Feb 22, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.