This message was deleted.
# generals
Slackbot
11/14/2023, 10:25 PMThis message was deleted.
o
Oleg Nenashev
11/15/2023, 5:54 AMHello. It is a wrapper for managing users and permissions in POSIX systems https://github.com/tianon/gosu
Oleg Nenashev
11/15/2023, 5:55 AMIf you suspect any security issue introduced by it, see the reporting process here: https://github.com/wiremock/.github/blob/main/SECURITY.md
k
Kevin Wang
11/15/2023, 1:55 PM@Oleg Nenashev thanks for your explanation. do you know if that
gosuo
Oleg Nenashev
11/15/2023, 1:59 PMIt configures the permissions inside the image during the build , that's it
k
Kevin Wang
11/15/2023, 4:11 PMGot it. btw, I notice there are two docker images for wiremock
wiremock/wiremockholomekc/wiremock-guio
Oleg Nenashev
11/15/2023, 4:12 PMOnly wiremock/wiremock is official
k
Kevin Wang
11/15/2023, 4:13 PMWhy is wiremock helm chart operator using the
holomekc/wiremock-guio
Oleg Nenashev
11/15/2023, 4:15 PMBecause the new version is yet to be released. We haven't yet released the official version of the Helm chart, only moved the repo. See the pull requests
k
Kevin Wang
11/15/2023, 4:18 PMI see. Does Wiremock have a plan to support GUI like what the project
holomekc/wiremock-guio
Oleg Nenashev
11/15/2023, 4:21 PMThe plan always depends on contributions
k
Kevin Wang
11/15/2023, 4:43 PMThat's true. Thanks for the answers
o
Oleg Nenashev
11/15/2023, 4:45 PMThere are multiple open source implementations of the user interface, but none of them is official at the moment. You can find the links in GitHub.com/WireMock/ecosystem
👍 1
Oleg Nenashev
11/15/2023, 6:33 PMk
Kevin Wang
11/15/2023, 6:33 PMgot it. thanks
👍 1
m
Makakmayum Amir Sidik
11/28/2023, 7:44 AMHi @Oleg Nenashev, regarding this vulnerabilities, can we upgrade the gosu package from the current 1.14 to 1.17 as this fixes our vulnerabilities for now? I have already prepared a PR for the same. Thanks
o
Oleg Nenashev
11/28/2023, 8:56 AMYes, I think so. A PR would be appreciated
m
Makakmayum Amir Sidik
11/28/2023, 9:14 AMHi @Oleg Nenashev, thank you for the reply. Can you please approve this PR which is raised for the above mentioned issue. Thank you
https://github.com/wiremock/wiremock-docker/pull/97
👍 1
o
Oleg Nenashev
11/28/2023, 2:44 PMPlease note that none of these vulnerabilities are really related to
gosuOleg Nenashev
11/28/2023, 2:47 PMI mean, gosu does not have full golang bundled
m
Makakmayum Amir Sidik
11/29/2023, 3:59 PMStill the gosu package uses go language and the vulnerabilities we saw at the moment are all pointing to gosu package. And for the moment we can upgrade the package version.
o
Oleg Nenashev
11/29/2023, 5:27 PMYep, I hope to release it tonight if the bigger test suite passes
m
Makakmayum Amir Sidik
11/30/2023, 8:28 AMThank you. Please do let me know if it does pass
Makakmayum Amir Sidik
12/05/2023, 6:25 AMHi @Oleg Nenashev, can I please get a review on this PR so we can merge it. Thanks
o
Oleg Nenashev
12/08/2023, 10:09 AMYeah, sorry for the delay. I will do my best to catch up on all stuck PRs across the repositories this afternoon
m
Makakmayum Amir Sidik
12/11/2023, 8:30 AMThank you. The PR checks are failing(docker-build) has failed. Please have a look.
o
Oleg Nenashev
12/11/2023, 1:42 PMHi. Finally fixed it: https://github.com/wiremock/wiremock-docker/releases/tag/3.3.1-2
👍 1
16 Views