Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade org.apache.ant:ant from 1.7.0 to 1.10.11 #1

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade org.apache.ant:ant from 1.7.0 to 1.10.11.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 35 versions ahead of your current version.
  • The recommended version was released 4 months ago, on 2021-07-10.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Insecure Default
SNYK-JAVA-ORGAPACHEANT-569130
475/1000
Why? Has a fix available, CVSS 6.5
No Known Exploit
Arbitrary Code Injection
SNYK-JAVA-ORGAPACHEANT-1015405
475/1000
Why? Has a fix available, CVSS 6.5
No Known Exploit

(*) Note that the real score may have changed since the PR was raised.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

hixio-mh pushed a commit that referenced this pull request Oct 28, 2023
… order.

1. `TestAttempt` events would wait for the `TargetCompleteEvent` to be posted before being posted.

2. There was an implicit requirement for the `TestAttempt` events to be posted in a specific order.

3. This didn't break in the noskymeld case because we fulfilled this ordering by using the order of performing the attempts themselves. The sequence would look like:
    + post `TargetCompleteEvent`
    -> perform attempt #1
    -> post `TestAttempt` #1
    -> perform attempt bazelbuild#2
    -> post `TestAttempt` bazelbuild#2

4. With skymeld, however, it could happen like this:

    + defer `TargetCompleteEvent` to wait for `CoverageActionFinishedEvent`
    + perform attempt #1 -> defer posting `TestAttempt` #1 & wait for `TargetCompleteEvent`
    + perform attempt bazelbuild#2 -> defer posting `TestAttempt` bazelbuild#2 & wait for `TargetCompleteEvent`
    + `CoverageActionFinishedEvent` -> release & post `TargetCompleteEvent`
    + `TargetCompleteEvent` -> release & post `TestAttempt` bazelbuild#2
    + `TargetCompleteEvent` -> release & post `TestAttempt` #1

Due to (2), the undefined ordering in (4) would cause an issue.

This CL fixes that by ensuring a FIFO ordering of the deferred events.

PiperOrigin-RevId: 572165337
Change-Id: Iac4d023d946865b8b81f15b119417192dc4b5c53
Copy link

github-actions bot commented Jul 1, 2024

Thank you for contributing to the Bazel repository! This pull request has been marked as stale since it has not had any activity in the last 1+ years. It will be closed in the next 90 days unless any other activity occurs. If you think this PR is still relevant and should stay open, please post any comment here and the PR will no longer be marked as stale.

@github-actions github-actions bot added the stale label Jul 1, 2024
@hixio-mh hixio-mh closed this Sep 18, 2024
@hixio-mh hixio-mh reopened this Sep 18, 2024
@hixio-mh hixio-mh added Layout Upgrade good first issue Good for newcomers labels Sep 18, 2024
@hixio-mh hixio-mh self-requested a review September 18, 2024 10:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants