Update google-protobuf to v3.17.1
Due to https://github.com/protocolbuffers/protobuf/issues/8559, google-protobuf v3.15.8 can seg fault in the FindCommits RPC call if the options hash is garbage collected before gRPC encodes the message. This was fixed in google-protobuf v3.17.1 via https://github.com/protocolbuffers/protobuf/pull/8639. Unfortunately, pg_query has a hard dependency on google-protobuf v3.15.x. This was bumped in https://github.com/pganalyze/pg_query/pull/212, but an official version has not yet been tagged. In addition, https://github.com/pganalyze/pg_query/pull/213 would relax the dependency so that google-protobuf can be upgraded without having to update pg_query. Until pg_query releases a new version, we use our fork to ensure this seg fault cannot happen. Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/330998 Changelog: fixed
Showing
... | @@ -308,12 +308,12 @@ gem 'rack-attack', '~> 6.3.0' | ... | @@ -308,12 +308,12 @@ gem 'rack-attack', '~> 6.3.0' |
gem 'sentry-raven', '~> 3.1' | gem 'sentry-raven', '~> 3.1' | ||
# PostgreSQL query parsing | # PostgreSQL query parsing | ||
gem 'pg_query', '~> 2.0.3' | gem 'gitlab-pg_query', '~> 2.0.4', require: 'pg_query' | ||
gem 'premailer-rails', '~> 1.10.3' | gem 'premailer-rails', '~> 1.10.3' | ||
# LabKit: Tracing and Correlation | # LabKit: Tracing and Correlation | ||
gem 'gitlab-labkit', '~> 0.17.1' | gem 'gitlab-labkit', '~> 0.18.0' | ||
# Thrift is a dependency of gitlab-labkit, we want a version higher than 0.14.0 | # Thrift is a dependency of gitlab-labkit, we want a version higher than 0.14.0 | ||
# because of https://gitlab.com/gitlab-org/gitlab/-/issues/321900 | # because of https://gitlab.com/gitlab-org/gitlab/-/issues/321900 | ||
gem 'thrift', '>= 0.14.0' | gem 'thrift', '>= 0.14.0' | ||
... | @@ -483,7 +483,7 @@ gem 'gitaly', '~> 13.12.0.pre.rc1' | ... | @@ -483,7 +483,7 @@ gem 'gitaly', '~> 13.12.0.pre.rc1' |
gem 'grpc', '~> 1.30.2' | gem 'grpc', '~> 1.30.2' | ||
gem 'google-protobuf', '~> 3.15.8' | gem 'google-protobuf', '~> 3.17.1' | ||
gem 'toml-rb', '~> 1.0.0' | gem 'toml-rb', '~> 1.0.0' | ||
... | ... |
Please register or sign in to comment