chore(deps): Bump tdx-attest-rs from DCAP_1.16 to DCAP_1.19 #380
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
added
dependencies
|
it is not safe for the underlying lib version |
What's the concern? AFAICS the crate has not had functional changes since 1.16 and the builds are already using "latest" due to #352 |
I have checked inside the code that the API does not change, while I get suggestions from Intel folks that it is recommended to use the same version of DCAP as the underlying It is awkward that current rootfs uses |
|
Ok. Let's not merge this right now if we are uncertain about it. |
should it move to v1.16 for the release to match what guest-component uses? v1.15 is almost 1 year old |
Bumps [tdx-attest-rs](https://github.com/intel/SGXDataCenterAttestationPrimitives) from DCAP_1.16 to DCAP_1.19. - [Release notes](https://github.com/intel/SGXDataCenterAttestationPrimitives/releases) - [Commits](intel/SGXDataCenterAttestationPrimitives@71557c7...8a40733) --- updated-dependencies: - dependency-name: tdx-attest-rs dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/cargo/tdx-attest-rs-DCAP_1.19
branch
from
e904813 to
f08cbc9
Compare
Maybe now is the time? |
Could I assign this to you? |
I don't have the powers to merge. I think it needs to be made in two stages: 1) get this PR merged first, 2) update the rootfs packages at the same time a new version of this repo is pulled into the kata build |
I can help to get this merged
I know that people are busy doing merge-to-main things. I am not sure which branch and whether it is ok to do this now. Hi @fitzthum @stevenhorsman Could you share some contexts? |
So it order to get this merged and tested in kata-container's rootfs, we aren't in a good spot now:
I guess there are a couple of approaches we could take if this is urgent to merge into attestation-agent now:
I'm not sure if this helps - sorry if I'm missing background, or other suggestions. |
|
Superseded by #442. |
Bumps tdx-attest-rs from DCAP_1.16 to DCAP_1.19.
Release notes
Sourced from tdx-attest-rs's releases.
Commits
8a40733Intel(R) SGX DCAP 1.19 Release6882afaIntel(R) SGX DCAP 1.18 Releasee7604e0fix(sgx-dcap-quoteverify-sys): successfull build with SGX_SDK unsetb1cdd25build(deps): increase bindgen version0443ae2Intel(R) SGX DCAP 1.17 Release4cb5c8bFix typo in comments71bc4f6Fix typo in sgx_dcap_quoteverify.h7f84575Update to correct URL for Azure local_pck_url (#307)1e969e0QuoteGeneration/Makefile: Fix incorrect usage of exit3ea8e6bMerge pull request #300 from fqiu1/add-qgs-get-platform-infoYou can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)