Skip to content

Update certificate-transparency-go to get static/tiled log support #8150

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Apr 30, 2025
Merged

Update certificate-transparency-go to get static/tiled log support #8150

merged 4 commits into from
Apr 30, 2025

Conversation

@aarongable
Copy link
Contributor

@aarongable aarongable commented Apr 29, 2025
edited
Loading

Update github.com/google/certificate-transparency-go from v1.1.6 to v1.3.1. This updates the loglist file schema to recognize logs which are tagged as being tiled logs / implementing the static CT API.

Transitively update:

  • github.com/go-sql-driver/mysql from v1.7.1 to v1.8.1
  • github.com/prometheus/client_golang from v1.15.1 to v1.22.0
  • github.com/prometheus/client_model from v0.4.0 to v0.6.1
  • go.opentelemetry.io/otel from v1.30.0 to v1.31.0
  • google.golang.org/grpc from v1.66.1 to v1.69.4
  • google.golang.org/protobuf from v1.34.2 to v1.36.5
  • and a variety of indirect dependencies

Remove one indirect dependency:

  • github.com/matttproud/golang_protobuf_extensions

Add two new indirect dependencies:

  • filippo.io/[email protected] (used by go-sql-driver to handle mariadb's custom encryption implementation)
  • github.com/munnerz/[email protected] (previously inlined into prometheus/common)

Also fix two unit tests which need minor modifications to work with updated type signatures and behavior.

Part of #7872

@aarongable aarongable marked this pull request as ready for review April 29, 2025 21:15
@aarongable aarongable requested a review from a team as a code owner April 29, 2025 21:15
@aarongable aarongable requested a review from jprenken April 29, 2025 21:15
jprenken
jprenken previously approved these changes Apr 29, 2025
View reviewed changes
@jprenken jprenken requested review from a team and jsha and removed request for a team April 29, 2025 21:51
@jsha
Copy link
Contributor

jsha commented Apr 30, 2025

I was kinda surprised by some of the new dependencies. Some go mod why:

jsha@chitin:~/boulder$ go mod why github.com/munnerz/goautoneg
# github.com/munnerz/goautoneg
github.com/letsencrypt/boulder/akamai
github.com/prometheus/client_golang/prometheus
github.com/prometheus/common/expfmt
github.com/munnerz/goautoneg
jsha@chitin:~/boulder$ go mod why github.com/klauspost/compress/zstd
# github.com/klauspost/compress/zstd
github.com/letsencrypt/boulder/cmd
github.com/prometheus/client_golang/prometheus/promhttp
github.com/klauspost/compress/zstd
jsha@chitin:~/boulder$ go mod why github.com/matttproud/golang_protobuf_extensions
go: downloading github.com/matttproud/golang_protobuf_extensions v1.0.1
# github.com/matttproud/golang_protobuf_extensions
(main module does not need package github.com/matttproud/golang_protobuf_extensions)
jsha@chitin:~/boulder$ go mod why k8s.io/klog/v2
# k8s.io/klog/v2
github.com/letsencrypt/boulder/ctpolicy/loglist
github.com/google/certificate-transparency-go/loglist3
k8s.io/klog/v2

So prometheus is responsible for our new dependencies on zstd and goautoneg. I'd like to dig into that repository's history and see why, and if there is an alternative.

Similarly, it's a little surprising to me that certificate-transparency-go requires k8s.io/klog, and I'd love to see if that dependency can be excised.

Still I don't think those need to block this PR.

@jsha
Copy link
Contributor

jsha commented Apr 30, 2025

Yeesh, I read the diff wrong for a few of these:

github.com/matttproud/golang_protobuf_extensions

This dependency is removed, yay!

k8s.io/klog/v2

We've had this dependency for a while and it's just being modified.

jsha
jsha requested changes Apr 30, 2025
View reviewed changes
@jsha
Copy link
Contributor

jsha commented Apr 30, 2025

github.com/munnerz/goautoneg

This package was originally inlined into the prometheus/common repo, and was changed to depend on an identical, but external, package in prometheus/common#625. It's an HTTP Content-Type negotiation library.

It's used in prometheus/common/expfmt as part of a Negotiate function that takes an HTTP header: https://github.com/prometheus/common/blob/8de85c23e0a24867586e51006eb260b57a10cc78/expfmt/encode.go#L60-L68

That Negotiate function isn't called from prometheus/client_golang, but a separate MetricFamilyToText is called: https://github.com/prometheus/client_golang/blob/96a5ad6ef56e0d41d3bf06ba0478b34a0c718a92/prometheus/registry.go#L605-L606

So, it's a dependency that's not strictly needed, but a PR to separate out its use in the prometheus packages would probably be too invasive.

@aarongable aarongable merged commit 1c1c4dc into main Apr 30, 2025
12 checks passed
@aarongable aarongable deleted the update-go-mysql-driver branch April 30, 2025 22:56
@aarongable aarongable mentioned this pull request Apr 30, 2025
Merged
aarongable added a commit that referenced this pull request May 2, 2025
@aarongable
Update protoc-gen-go to match updated grpc libraries (#8151)
e01bc22 
#8150 updated our runtime
protobuf dependency from v1.34.1 to v1.36.5. This change does the same
for our build-time dependency, to keep them in sync.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jsha jsha jsha approved these changes

@jprenken jprenken jprenken approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@aarongable @jsha @jprenken