Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: kserve/rest-proxy
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v0.11.1
Choose a base ref
...
head repository: kserve/rest-proxy
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: main
Choose a head ref
  • 17 commits
  • 15 files changed
  • 6 contributors

Commits on Oct 30, 2023

  1. chore: Add CodeQL configuration (#29) 

    Add configuration file for CodeQL vulnerability scanning.

Signed-off-by: Christian Kadner <ckadner@us.ibm.com>
    @ckadner
    ckadner authored Oct 30, 2023

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature.
    GPG key ID: B5690EEEBB952194
    Verified
    Learn about vigilant mode
    Copy the full SHA
    36cb079 View commit details

Commits on Nov 17, 2023

  1. fix: Specify Python 3.8 in Dockerfile (#34) 

    Specify and link python38 to fix build/test failures due to
the wrong Python version (3.6) being used from base image.

---------

Signed-off-by: Rafael Vasquez <raf.vasquez@ibm.com>
    @rafvasq
    rafvasq authored Nov 17, 2023
    Copy the full SHA
    7b8af3d View commit details

Commits on Nov 23, 2023

  1. chore(deps): Upgrade golang.org/x/net and golang.org/grpc (#30) 

    Issues addressed:
- https://github.com/kserve/rest-proxy/security/dependabot/1
- https://github.com/kserve/rest-proxy/security/dependabot/2
- https://github.com/kserve/rest-proxy/security/dependabot/3
- https://github.com/kserve/rest-proxy/security/dependabot/4
- https://github.com/kserve/rest-proxy/security/dependabot/5
- https://www.cve.org/CVERecord?id=CVE-2023-37788

---------

Signed-off-by: Spolti <fspolti@redhat.com>
    @spolti
    spolti authored Nov 23, 2023
    Copy the full SHA
    e2857ff View commit details

Commits on Nov 30, 2023

  1. chore: Upgrade Golang version from 1.18 to 1.19 (#28) 

    - Remove the linters for "deadcode", "structcheck", "varcheck"
- Use "os" packages instead of deprecated "io/ioutil" (SA1019)
- Capture pre-commit output in a local log file

---------

Signed-off-by: Spolti <fspolti@redhat.com>
    @spolti
    spolti authored Nov 30, 2023
    Copy the full SHA
    61dc700 View commit details

Commits on Jan 10, 2024

  1. chore: Upgrade google.golang.org/protobuf 

    chore: Fixes google.golang.org/protobuf Stack-based Buffer Overflow

https://security.snyk.io/vuln/SNYK-GOLANG-GOOGLEGOLANGORGPROTOBUFENCODINGPROTOJSON-6137908

Signed-off-by: Spolti <fspolti@redhat.com>
    @spolti
    spolti authored Jan 10, 2024
    Copy the full SHA
    2f63e34 View commit details

  2. chore: Upgrade golang.org/x/crypto (#36) 

    chore:	address the following CVE:
- [CVE-2023-48795](https://www.cve.org/CVERecord?id=CVE-2023-48795):
golang.org/x/crypto Authentication Bypass by Capture-replay

---------

Signed-off-by: Spolti <fspolti@redhat.com>
    @spolti
    spolti authored Jan 10, 2024
    Copy the full SHA
    513a3f2 View commit details

Commits on Mar 13, 2024

  1. chore: Make the builder configurable in the Makefile (#35) 

    Some developers might not have the `docker` CLI installed anymore.
Configurable builder allows to build using `podman` or `buildah`.
It can be invoked like this: `ENGINE=podman make build`

---------

Signed-off-by: Spolti <fspolti@redhat.com>
Signed-off-by: Filippe Spolti <filippespolti@gmail.com>
    @spolti
    spolti authored Mar 13, 2024
    Copy the full SHA
    4d8e991 View commit details

Commits on Mar 20, 2024

  1. chore: update google.golang.org/protobuf to v1.33.0 (#40) 

    This is to move away from CVE-20204-24786: infinite loop vulnerability.

Signed-off-by: Edgar Hernández <23639005+israel-hdez@users.noreply.github.com>
    @israel-hdez
    israel-hdez authored Mar 20, 2024
    Copy the full SHA
    9ce55d4 View commit details

Commits on Apr 18, 2024

  1. chore: Update golang.org/x/net (#41) 

    [RHOAIENG-5424] - golang.org/x/net Allocation of Resources Without
Limits or Throttling

chore: Fixes
[CVE-2023-45288](https://www.cve.org/CVERecord?id=CVE-2023-45288)

Signed-off-by: Spolti <fspolti@redhat.com>
    @spolti
    spolti authored Apr 18, 2024
    Copy the full SHA
    c5a4f74 View commit details

Commits on May 27, 2024

  1. chore: Use latest image tag (#42) 

    Signed-off-by: Spolti <fspolti@redhat.com>
    @spolti
    spolti authored May 27, 2024
    Copy the full SHA
    8e6487b View commit details

Commits on Jun 11, 2024

  1. ci: Add manual build trigger 

    Signed-off-by: Christian Kadner <ckadner@us.ibm.com>
    @ckadner
    ckadner authored Jun 11, 2024
    Copy the full SHA
    fa1637d View commit details

Commits on Jun 12, 2024

  1. ci: Add nightly builds twice a week (#44) 

    Signed-off-by: Christian Kadner <ckadner@us.ibm.com>
    @ckadner
    ckadner authored Jun 12, 2024
    Copy the full SHA
    c21e992 View commit details

Commits on Jun 26, 2024

  1. Create OWNERS file 

    Signed-off-by: Christian Kadner <ckadner@us.ibm.com>
    @ckadner
    ckadner authored Jun 26, 2024
    Copy the full SHA
    d2aa6a7 View commit details

Commits on Jun 27, 2024

  1. chore: Upgrade to Golang to 1.21 (#45) 

    Signed-off-by: Spolti <fspolti@redhat.com>
    @spolti
    spolti authored Jun 27, 2024
    Copy the full SHA
    32c7c01 View commit details

Commits on Sep 11, 2024

  1. fix: develop container image build (#46) 

    chore: Fix the following issue while tring to build the develop
container,
	(reproducible locally with: `make build`):
```
	go: downloading gopkg.in/yaml.v3 v3.0.1
	/root/go/pkg/mod/github.com/grpc-ecosystem/grpc-gateway/v2@v2.15.0/protoc-gen-grpc-gateway/main.go:18:2: github.com/golang/glog@v1.2.1: missing go.sum entry for go.mod file; to add it:
        	go mod download github.com/golang/glog
```

Signed-off-by: Spolti <fspolti@redhat.com>
    @spolti
    spolti authored Sep 11, 2024
    Copy the full SHA
    37aa1cd View commit details

Commits on Jan 20, 2025

  1. chore: Update dependencies (#47) 

    chore:  Fixes the following CVEs:
CVE-2023-45288 - Non-linear parsing of case-insensitive content in
golang.org/x/net/html
CVE-2024-45337 - Misuse of ServerConfig.PublicKeyCallback may cause
authorization bypass in golang.org/x/crypto

Signed-off-by: Spolti <fspolti@redhat.com>
    @spolti
    spolti authored Jan 20, 2025
    Copy the full SHA
    79c27d9 View commit details

Commits on Feb 25, 2025

  1. Use the REST_PROXY_SKIP_VERIFY env var for TLS setup (#48) 

    [RHOAIENG-14237](https://issues.redhat.com/browse/RHOAIENG-14237) 
Depends on kserve/modelmesh-serving#536

Signed-off-by: Hannah DeFazio <h2defazio@gmail.com>
    @hdefazio
    hdefazio authored Feb 25, 2025
    Copy the full SHA
    aecee27 View commit details
Loading