Skip to content

Commit 45c4f63

Browse files
csasarakcsasarak
authored
Tls regression (#1418)
* Pin TLS to some version < 2.0. * Format cabal. * Documentation and commentary on TLS.
1 parent 9c24b80 commit 45c4f63

File tree

2 files changed

+11
-2
lines changed

2 files changed

+11
-2
lines changed

Changelog.md

+6
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,11 @@
11
# FOSSA CLI Changelog
22

3+
## v3.9.15
4+
- Change TLS to a version that takes advantage of but does not require 1.2 with EMS.
5+
This will be reverted in six months.
6+
On-prem users should upgrade their servers to support either TLS 1.2 with EMS or TLS 1.3.
7+
SAAS customers are unaffected. ([#1418](https://github.com/fossas/fossa-cli/pull/1418)).
8+
39
## v3.9.14
410
- Update cargo strategy to parse new `cargo metadata` format for cargo >= 1.77.0 ([#1416](https://github.com/fossas/fossa-cli/pull/1416)).
511
- `fossa release-group`: Add command to create a FOSSA release group release (`fossa release-group create-release`) [#1409](https://github.com/fossas/fossa-cli/pull/1409).

spectrometer.cabal

+5-2
Original file line numberDiff line numberDiff line change
@@ -76,8 +76,10 @@ common lang
7676

7777
-- TODO: Switch `semver` back to `versions` since https://github.com/fosskers/versions/issues/47 is fixed. This package maintainer seems much more responsive. Contrast https://github.com/brendanhay/semver/issues/12.
7878
-- codec-rpm is installed via cabal.project, so this number is an expected future version.
79-
-- Upgrade text and mtl after codec-rpm conflict is fixed, probably as part of 9.4 upgrade.
80-
-- Upgrade zip after text is upgraded
79+
-- TODO: Upgrade text and mtl after codec-rpm conflict is fixed, probably as part of 9.4 upgrade.
80+
-- TODO: Upgrade zip after text is upgraded.
81+
-- TODO: TLS isn't used directly but is pinned here while customers upgrade their servers to support TLS 1.2 with EMS or TLS 1.3.
82+
-- They've been warned about future support breaking. Upgrade to tls-2.* after 10/25/2024.
8183
common deps
8284
build-depends:
8385
, aeson ^>=2.2
@@ -146,6 +148,7 @@ common deps
146148
, text ^>=2.0.0
147149
, th-lift-instances ^>=0.1.17
148150
, time >=1.9 && <1.13
151+
, tls >=1.9 && <2.0
149152
, tomland ^>=1.3.3.0
150153
, transformers
151154
, typed-process ^>=0.2.6

0 commit comments

Comments
 (0)