Update dependencies #244
Update dependencies #244
Conversation
| @@ -3,8 +3,8 @@ module github.com/trinodb/grafana-trino | |||
| go 1.18 | |||
|
|
|||
| require ( | |||
| github.com/grafana/grafana-plugin-sdk-go v0.162.0 | |||
| github.com/grafana/sqlds/v2 v2.5.1 | |||
| github.com/grafana/grafana-plugin-sdk-go v0.173.0 | |||
There was a problem hiding this comment.
Note that this version is still vulnerable to https://grafana.com/security/security-advisories/cve-2024-8986/. To avoid that this dependency should be updated to at least v0.250.0.
There was a problem hiding this comment.
This PR stalled, because I was waiting for a new secret used to sign the artifact during releases. The new secret is required after updating some of the tooling used here. It's already set in the repository, so I can get back to this now. I'll refresh all dependencies again.
|
@nineinchnick Is there anything I can do to help get this merged soon? |
Sorry for the delay, but I can only work on this in my spare time. I can try getting it done this week, but I can't commit to any specific dates. This update is significant, because it switches over to a new plugin SDK. I wanted to get this done before upgrading to a new Grafana major version. I see I left the CI green, so I only need to check if the release workflow will work, which signs the artifacts. I'd then open another PR with more updates, this is where you could help - maybe you can create a new PR based on this branch. |
Ah sorry, my bad for making you feel rushed. I had thought looking after this plugin was part of your duties in Starburst.
Alright fab 👍 Sounds quite promising.
Awesome thanks, yes I'll have a go at this on Friday. |
|
I've had a go and created #269. It updates |
This includes migrating to the new plugin toolkit and a major version update of Grafana.