Skip to content

CORE-14938 pin urllib3 version#28907

Merged
tyson-redpanda merged 2 commits into
devfrom
tysonjh-CORE-14938-urllib3-snyk
Dec 9, 2025
Merged

CORE-14938 pin urllib3 version#28907
tyson-redpanda merged 2 commits into
devfrom
tysonjh-CORE-14938-urllib3-snyk

Conversation

@tyson-redpanda

@tyson-redpanda tyson-redpanda commented Dec 9, 2025
edited
Loading

Copy link
Copy Markdown
Contributor

Backports Required

  • none - not a bug fix
  • none - this is a backport
  • none - issue does not exist in previous branches
  • none - papercut/not impactful enough to backport
  • v25.3.x
  • v25.2.x
  • v25.1.x

Release Notes

Improvements

  • Fixes a vulnerability in aioboto3 by pinning the urllib3 dependency.

@CLAassistant

CLAassistant commented Dec 9, 2025
edited
Loading

Copy link
Copy Markdown

CLA assistant check
All committers have signed the CLA.

@tyson-redpanda tyson-redpanda force-pushed the tysonjh-CORE-14938-urllib3-snyk branch 2 times, most recently from 0a896a4 to 12e785f Compare December 9, 2025 16:56
@tyson-redpanda

tyson-redpanda commented Dec 9, 2025

Copy link
Copy Markdown
Contributor Author

/dt

@vbotbuildovich

vbotbuildovich commented Dec 9, 2025
edited
Loading

Copy link
Copy Markdown
Collaborator

CI test results

test results on build#77593
test_class test_method test_arguments test_kind job_url test_status passed reason test_history
MountUnmountIcebergTest test_simple_remount {"cloud_storage_type": 1} integration https://buildkite.com/redpanda/redpanda/builds/77593#019b0444-391c-4106-8156-15deb657118c FLAKY 8/11 Test PASSES after retries.No significant increase in flaky rate(baseline=0.2031, p0=0.6336, reject_threshold=0.0100. adj_baseline=0.4940, p1=0.0590, trust_threshold=0.5000) https://redpanda.metabaseapp.com/dashboard/87-tests?tab=142-dt-individual-test-history&test_class=MountUnmountIcebergTest&test_method=test_simple_remount
test results on build#77606
test_class test_method test_arguments test_kind job_url test_status passed reason test_history
PartitionReassignmentsTest test_reassignments_cancel null integration https://buildkite.com/redpanda/redpanda/builds/77606#019b050e-4805-4d6c-916d-674f72d9d865 FLAKY 8/11 Test PASSES after retries.No significant increase in flaky rate(baseline=0.1132, p0=0.3152, reject_threshold=0.0100. adj_baseline=0.3026, p1=0.3760, trust_threshold=0.5000) https://redpanda.metabaseapp.com/dashboard/87-tests?tab=142-dt-individual-test-history&test_class=PartitionReassignmentsTest&test_method=test_reassignments_cancel

@tyson-redpanda tyson-redpanda marked this pull request as ready for review December 9, 2025 19:46
@tyson-redpanda tyson-redpanda merged commit cbaa057 into dev Dec 9, 2025
17 of 18 checks passed
@tyson-redpanda tyson-redpanda deleted the tysonjh-CORE-14938-urllib3-snyk branch December 9, 2025 23:06
@vbotbuildovich

vbotbuildovich commented Dec 9, 2025

Copy link
Copy Markdown
Collaborator

/backport v25.3.x

@vbotbuildovich

vbotbuildovich commented Dec 9, 2025

Copy link
Copy Markdown
Collaborator

Failed to create a backport PR to v25.3.x branch. I tried:

git remote add upstream https://github.com/redpanda-data/redpanda.git
git fetch --all
git checkout -b backport-pr-28907-v25.3.x-160 remotes/upstream/v25.3.x
git cherry-pick -x 12e785fcaa 7f25903edb

Workflow run logs.

@vbotbuildovich vbotbuildovich mentioned this pull request Dec 9, 2025
Closed
@tyson-redpanda tyson-redpanda mentioned this pull request Dec 10, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@michael-redpanda michael-redpanda Awaiting requested review from michael-redpanda

1 more reviewer

@rockwotj rockwotj rockwotj approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@rockwotj rockwotj

Labels

area/build

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@tyson-redpanda @CLAassistant @vbotbuildovich @rockwotj