artin/sourcegraph
1
0
Fork 0
mirror of https://github.com/sourcegraph/sourcegraph.git synced 2026-02-06 12:51:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Code AI platform with Code Search & Cody
37,117 Commits 3,552 Branches 700 Tags 2.2 GiB
Go 59.6%
TypeScript 30.5%
Starlark 4%
SCSS 1.4%
PLpgSQL 1.4%
Other 2.7%
9e95499625
Go to file
Shivasurya 9e95499625
chore(security) : upgrade src-cli version to address CVE (#63750) 
Docker images executor, executor-kubernetes, bundled-executor has
reported high/critical CVE-2024-24790 , CVE-2023-45288 reported on
golang stdlib. Upon testing, src version 5.3.0 was using `1.20.x` as per
e8e79e0311

This pull request attempts to upgrade src version to 5.4.0

## Test plan

- CI 🟢 
- src version should report 5.4.0 (I built the image locally and tested
it)
`docker run --platform linux/amd64 -it --entrypoint /bin/sh
executor:candidate`

## Changelog

<!-- OPTIONAL; info at
https://www.notion.so/sourcegraph/Writing-a-changelog-entry-dd997f411d524caabf0d8d38a24a878c
-->

Upgrade src-cli version to 5.4.0 to address CVE-2024-24790 ,
CVE-2023-45288
2024-07-10 09:57:16 -04:00
.apko Build images end-to-end using Bazel v2 (#61845) 2024-04-12 16:18:43 +01:00
.aspect update config for workflows 5.10 (#63554) 2024-07-01 14:35:41 +02:00
.buildkite chore(ci): remove Percy visual tests (#63515) 2024-06-27 16:20:06 +02:00
.github feat(codeintel): Add scip-ctags support for Magik (#63504) 2024-07-08 09:24:36 -04:00
.vscode feat(search): Make search aware of perforce changelist id mapping (#63563) 2024-07-09 14:01:05 -04:00
client chore(svelte): Update cody web version (#63747) 2024-07-10 07:58:21 +00:00
cmd docs: Fix inaccuracies in RangeInput GraphQL docs (#63640) 2024-07-10 09:47:10 +00:00
dev chore(security) : upgrade src-cli version to address CVE (#63750) 2024-07-10 09:57:16 -04:00
doc chore(ci): remove Percy visual tests (#63515) 2024-06-27 16:20:06 +02:00
docker-images Syntactic indexing produce scip files (#63580) 2024-07-09 13:49:55 +02:00
internal Adds a test for search-based usages (#63610) 2024-07-10 13:22:53 +00:00
lib feat/enterpriseportal: database layer for subscriptions upsert (#63703) 2024-07-09 14:35:00 -07:00
migrations notebooks: set default pattern type to keyword (#63662) 2024-07-09 09:36:20 +02:00
monitoring dotcom: Remove on-demand cloning of repositories (#63321) 2024-06-26 14:53:14 -07:00
schema feat/dotcom: add Enterprise Portal auth proxy (#63652) 2024-07-09 13:46:59 -07:00
testing feat/bazel: //cmd/{frontend,server} targets that don't include client bundle for backend integration tests (#62877) 2024-05-28 14:32:48 +01:00
third_party enterprise-portal: implement basic MSP IAM and RPCs (#63173) 2024-06-19 21:46:48 -04:00
third-party-licenses chore(ci): remove Percy visual tests (#63515) 2024-06-27 16:20:06 +02:00
tools Chore(release): Calendar Updates (#63583) 2024-07-02 10:42:12 -04:00
ui/assets feat/bazel: //cmd/{frontend,server} targets that don't include client bundle for backend integration tests (#62877) 2024-05-28 14:32:48 +01:00
wolfi-images security: Auto-update package lockfiles for Sourcegraph base images (#63606) 2024-07-10 09:21:27 +01:00
wolfi-packages s3proxy: Fix permissions on s3proxy package binary (#62907) 2024-05-24 15:55:00 +00:00
.bazel_fix_commands.json SG Start Bazel Improvements Take 2 (#60687) 2024-03-05 01:44:21 -08:00
.bazelignore Convert Appliance Maintenance UI to Bazel (#63661) 2024-07-10 13:47:18 +02:00
.bazeliskrc chore: upgrade to Aspect CLI 5.8.19 (#59203) 2024-01-02 15:13:24 +01:00
.bazelrc feat(ci): Adds playwright tests for sveltekit to bazel (#62560) 2024-06-06 12:45:05 -06:00
.bazelversion chore(bazel): bump to 7.2.0 (#63226) 2024-06-12 13:25:18 +00:00
.dockerignore
.editorconfig
.eslintrc.js looser eslint rules (#63511) 2024-06-27 08:42:51 +00:00
.gitattributes dev/linearhooks: add POC (#62367) 2024-05-07 00:14:05 -07:00
.gitignore chore(ci): emit compact executon log in CI (#63420) 2024-06-21 19:50:35 +01:00
.graphqlrc.yml
.hadolint.yaml
.mailmap
.mocharc.js reapply "switch from jest to vitest for faster, simpler tests (#57886)" (#58145) 2023-11-07 12:00:18 +02:00
.npmrc
.pre-commit-config.yaml chore(local): add FORBIDCOMMIT pragma to prevent accidental commits (#63581) 2024-07-01 18:27:26 +00:00
.prettierignore feat/release: appliance setup workflow and ui (#63291) 2024-06-19 16:21:13 +01:00
.stylelintignore
.stylelintrc.json
.swcrc use swc instead of babel for faster bazel typescript transpilation (#57912) 2023-11-02 22:49:03 -07:00
.tool-versions chore(tooling): bump Go version to 1.22.4 (#63124) 2024-06-06 15:19:03 +00:00
.trivyignore
BUILD.bazel symbols: Make symbols specific code internal (#63736) 2024-07-10 01:26:22 +02:00
CHANGELOG.md update changelog: Keyword search GA (#63715) 2024-07-09 08:34:24 -07:00
CODENOTIFY
CONTRIBUTING.md fix: update links for dev docs (#62758) 2024-05-17 13:47:34 +02:00
deps.bzl feat/dotcom: add Enterprise Portal auth proxy (#63652) 2024-07-09 13:46:59 -07:00
doc.go
eslint-relative-formatter.js
flake.lock nix: bump to bazel 7.1 (#61326) 2024-03-22 16:57:50 +00:00
flake.nix nix: use go1.22.4 (#63372) 2024-06-20 11:12:17 +02:00
gen.go chore: fixup go-mockgen run statement (#61028) 2024-03-12 13:06:36 +00:00
go.mod Remove unused package (#63646) 2024-07-10 02:30:28 +02:00
go.sum feat/dotcom: add Enterprise Portal auth proxy (#63652) 2024-07-09 13:46:59 -07:00
graphql-schema-linter.config.js
LICENSE
LICENSE.enterprise Update Enterprise license copyright notice (#62467) 2024-05-06 17:35:32 +00:00
linter_deps.bzl chore: Remove redundant loop captures (#62264) 2024-04-30 07:57:21 -06:00
mockgen.temp.yaml dotcom: Remove on-demand cloning of repositories (#63321) 2024-06-26 14:53:14 -07:00
mockgen.test.yaml symbols: Make symbols specific code internal (#63736) 2024-07-10 01:26:22 +02:00
mockgen.yaml bazel: native go-mockgen in Bazel (#60386) 2024-02-16 13:26:48 +00:00
nogo_config.json chore: Remove redundant loop captures (#62264) 2024-04-30 07:57:21 -06:00
package.json Bump cody-web-experimental to 0.2.4 (#63742) 2024-07-09 21:23:08 -06:00
pnpm-lock.yaml Convert Appliance Maintenance UI to Bazel (#63661) 2024-07-10 13:47:18 +02:00
pnpm-workspace.yaml Convert Appliance Maintenance UI to Bazel (#63661) 2024-07-10 13:47:18 +02:00
postcss.config.js
prettier.config.js
README.md chore: remove broken link in README (#63256) 2024-06-13 22:22:56 +00:00
release.yaml feat(ci): Trigger security scanner from release pipeline (#63280) 2024-06-19 19:16:36 +00:00
renovate.json chore(ci): disable renovate (#63313) 2024-06-19 13:17:15 +02:00
SECURITY.md
service-catalog.yaml
sg.config.yaml fix: remove watch path that's gone (#63746) 2024-07-10 06:56:25 +00:00
shell.nix bazel: use pgutil binaries from GCS instead of from the host (#61741) 2024-04-11 18:00:21 +01:00
stamp_tags.bzl
tsconfig.base.json
tsconfig.json release: drop legacy release tooling (#61220) 2024-04-09 14:29:35 -05:00
vitest.shared.ts remove Cody "upsells"—and all Cody links if Cody is disabled (#63430) 2024-06-27 05:29:54 +00:00
vitest.workspace.ts vitest: Fix workspace config wrt client/web/ (#58397) 2023-11-17 08:22:46 +00:00
WORKSPACE chore(migrator): bump migration archive (#63752) 2024-07-10 15:10:32 +02:00

README.md

DocsContributingTwitterDiscord

Build status Scorecard Latest release Discord Contributors


Sourcegraph makes it easy to read, write, and fix code—even in big, complex codebases.

  • Code search: Search all of your repositories across all branches and all code hosts.
  • Code intelligence: Navigate code, find references, see code owners, trace history, and more.
  • Fix and refactor: Roll out large-scale changes to many repositories at once and track big migrations.

Getting started



Development

Refer to the Developing Sourcegraph guide to get started.

Documentation

The doc directory has additional documentation for developing and understanding Sourcegraph:

License

This repository contains primarily non-OSS-licensed files. See LICENSE.

Copyright (c) 2018-present Sourcegraph Inc.