-
Notifications
You must be signed in to change notification settings - Fork 3.3k
make websocket-client dependency more open #416
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
make websocket-client dependency more open #416
Conversation
Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please follow instructions at https://github.com/kubernetes/kubernetes/wiki/CLA-FAQ to sign the CLA. It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
I just finished signing it |
@prometheanfire did you see these bad versions here? : |
Can you please update this PR with those versions too? |
@prometheanfire i don't see a test when the cap was made :( |
cc @mbohlool |
in that case, if it's confirmed I'll mask them too |
@prometheanfire in the interest of caution (since the PR was filed by someone who had the problem), let's please mask them |
fixes: kubernetes-client#413 The issue as reported in kubernetes-client#262 was not reproduced in versions of websocketclient over 0.43.0, so just mask the known bad versions. This allows consumption of possible security fixes and allows the client to be co-installable with more python libraries.
1fe735b
to
a3ef4c4
Compare
I see tests are passing for "0.44" and we banned up to "0.42". Are we concern about "0.43". Did you test it with websocket 0.43? |
I was not able to reproduce the error at all, I was just masking what was reported elsewhere as known bad. |
Is there anything preventing this from being merged at this point? |
/lgtm |
fixes: #413
The issue as reported in #262
was not reproduced in versions of websocketclient over 0.40.0, so just mask
0.40.0. This allows consumption of possible security fixes and allows the
client to be co-installable with more python libraries.