Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump github.com/gin-gonic/gin from 1.6.3 to 1.7.0 #310

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 26, 2021

Bumps github.com/gin-gonic/gin from 1.6.3 to 1.7.0.

Release notes

Sourced from github.com/gin-gonic/gin's releases.

Release v1.7.0

BUGFIXES

  • fix compile error from #2572 (#2600)
  • fix: print headers without Authorization header on broken pipe (#2528)
  • fix(tree): reassign fullpath when register new node (#2366)

ENHANCEMENTS

  • Support params and exact routes without creating conflicts (#2663)
  • chore: improve render string performance (#2365)
  • Sync route tree to httprouter latest code (#2368)
  • chore: rename getQueryCache/getFormCache to initQueryCache/initFormCa (#2375)
  • chore(performance): improve countParams (#2378)
  • Remove some functions that have the same effect as the bytes package (#2387)
  • update:SetMode function (#2321)
  • remove a unused type SecureJSONPrefix (#2391)
  • Add a redirect sample for POST method (#2389)
  • Add CustomRecovery builtin middleware (#2322)
  • binding: avoid 2038 problem on 32-bit architectures (#2450)
  • Prevent panic in Context.GetQuery() when there is no Request (#2412)
  • Add GetUint and GetUint64 method on gin.context (#2487)
  • update content-disposition header to MIME-style (#2512)
  • reduce allocs and improve the render WriteString (#2508)
  • implement ".Unwrap() error" on Error type (#2525) (#2526)
  • Allow bind with a map[string]string (#2484)
  • chore: update tree (#2371)
  • Support binding for slice/array obj [Rewrite] (#2302)
  • basic auth: fix timing oracle (#2609)
  • Add mixed param and non-param paths (port of httprouter#329) (#2663)
  • feat(engine): add trustedproxies and remoteIP (#2632)
Changelog

Sourced from github.com/gin-gonic/gin's changelog.

Gin v1.7.0

BUGFIXES

  • fix compile error from #2572 (#2600)
  • fix: print headers without Authorization header on broken pipe (#2528)
  • fix(tree): reassign fullpath when register new node (#2366)

ENHANCEMENTS

  • Support params and exact routes without creating conflicts (#2663)
  • chore: improve render string performance (#2365)
  • Sync route tree to httprouter latest code (#2368)
  • chore: rename getQueryCache/getFormCache to initQueryCache/initFormCa (#2375)
  • chore(performance): improve countParams (#2378)
  • Remove some functions that have the same effect as the bytes package (#2387)
  • update:SetMode function (#2321)
  • remove a unused type SecureJSONPrefix (#2391)
  • Add a redirect sample for POST method (#2389)
  • Add CustomRecovery builtin middleware (#2322)
  • binding: avoid 2038 problem on 32-bit architectures (#2450)
  • Prevent panic in Context.GetQuery() when there is no Request (#2412)
  • Add GetUint and GetUint64 method on gin.context (#2487)
  • update content-disposition header to MIME-style (#2512)
  • reduce allocs and improve the render WriteString (#2508)
  • implement ".Unwrap() error" on Error type (#2525) (#2526)
  • Allow bind with a map[string]string (#2484)
  • chore: update tree (#2371)
  • Support binding for slice/array obj [Rewrite] (#2302)
  • basic auth: fix timing oracle (#2609)
  • Add mixed param and non-param paths (port of httprouter#329) (#2663)
  • feat(engine): add trustedproxies and remoteIP (#2632)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [github.com/gin-gonic/gin](https://github.com/gin-gonic/gin) from 1.6.3 to 1.7.0.
- [Release notes](https://github.com/gin-gonic/gin/releases)
- [Changelog](https://github.com/gin-gonic/gin/blob/master/CHANGELOG.md)
- [Commits](gin-gonic/gin@v1.6.3...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/gin-gonic/gin
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from nhooyr as a code owner July 26, 2021 23:36
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 26, 2021
@coadler
Copy link
Member

coadler commented Sep 27, 2021

cc @nhooyr, we're getting CVE notifications about this even though it's just used in the websocket tests here. Would be nice if this could get merged!

See: GHSA-h395-qcrw-5vmq

@Jacalz
Copy link
Contributor

Jacalz commented Mar 5, 2022

Sorry to bump this, but could you please review this? @nhooyr I am experiencing the very same CVE notifications as mentioned above.

@Jacalz
Copy link
Contributor

Jacalz commented Mar 5, 2022

I opened a new PR (#332) instead, seeing as all these PRs were updating to older versions. Hopefully we can get that one merged instead. Should bring many improvements.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 9, 2023

Superseded by #368.

@dependabot dependabot bot closed this Feb 9, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/gin-gonic/gin-1.7.0 branch February 9, 2023 21:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants