Skip to content

build(deps): update linkerd2-proxy-api from 0.18.0 to 0.20.0#4552

Merged
cratelyn merged 1 commit into
mainfrom
kate/update-linkerd2-proxy-api-to-v0.20.0
Jun 3, 2026
Merged

build(deps): update linkerd2-proxy-api from 0.18.0 to 0.20.0#4552
cratelyn merged 1 commit into
mainfrom
kate/update-linkerd2-proxy-api-to-v0.20.0

Conversation

@cratelyn

@cratelyn cratelyn commented Jun 3, 2026

Copy link
Copy Markdown
Member

see:

this commit updates linkerd2-proxy-api, pulling in the latest release.

aside from a slew of dependency updates, this new version most
importantly includes changes to set the state for forthcoming
load-balancing work.

these new fields are marked with "todo" comments to indicate where
future work in linkerd-proxy-client-policy in that vein will introduce
future enum variants, fields, marshalling and validation, etc.

this new version also includes an update to the most recent version of
rand, which will allow us to properly update to the latest version of
hickory-resolver without introducing breakage in our audit job in CI.

Signed-off-by: katelyn martin kate@buoyant.io

see:

* https://github.com/linkerd/linkerd2-proxy-api/releases/tag/v0.20.0
* linkerd/linkerd2-proxy-api#562
* linkerd/linkerd2-proxy-api#559
* linkerd/linkerd2-proxy-api#565
* #4537
* #4546
* #4544

this commit updates linkerd2-proxy-api, pulling in the latest release.

aside from a slew of dependency updates, this new version most
importantly includes changes to set the state for forthcoming
load-balancing work.

these new fields are marked with "todo" comments to indicate where
future work in `linkerd-proxy-client-policy` in that vein will introduce
future enum variants, fields, marshalling and validation, etc.

this new version also includes an update to the most recent version of
rand, which will allow us to properly update to the latest version of
hickory-resolver without introducing breakage in our audit job in CI.

Signed-off-by: katelyn martin <kate@buoyant.io>
@cratelyn cratelyn self-assigned this Jun 3, 2026

@cratelyn cratelyn left a comment

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

notes for review...

Comment on lines +399 to +401

#[error("penalty peak ewma mode is not yet supported")]
PenaltyPeakEwmaUnsupported,

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

as you can see, i've added error variants where we have a new protobuf variant that is not yet supported. support for this will be introduced in #4537, #4546, etc.

at that point, we can remove these variants.

Forward(SocketAddr, Arc<EndpointMetadata>),
BalanceP2c(Load, EndpointDiscovery),
Fail { message: Arc<str> },
// TODO(kate): add a `PenaltyPeakEwma` variant here.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

and as the description notes, i've left some TODO(kate) comments here and elsewhere to leave breadcrumbs for when we wire this up.

@cratelyn
cratelyn requested review from adleong and unleashed June 3, 2026 18:04
@cratelyn
cratelyn marked this pull request as ready for review June 3, 2026 18:04
@cratelyn
cratelyn requested a review from a team as a code owner June 3, 2026 18:04
@cratelyn
cratelyn merged commit fe48279 into main Jun 3, 2026
14 of 15 checks passed
@cratelyn
cratelyn deleted the kate/update-linkerd2-proxy-api-to-v0.20.0 branch June 3, 2026 20:10
cratelyn added a commit that referenced this pull request Jun 4, 2026
see:

* https://rustsec.org/advisories/RUSTSEC-2026-0120.html
* https://rustsec.org/advisories/RUSTSEC-2026-0119.html
* GHSA-3v94-mw7p-v465
* GHSA-q2qq-hmj6-3wpp
* https://www.cve.org/CVERecord?id=CVE-2024-8508

this branch provides changes, updating `hickory-resolver` in particular,
to address RUSTSEC-2026-0120 (_aka GHSA-3v94-mw7p-v465_) and
RUSTSEC-2026-0119 (_aka GHSA-q2qq-hmj6-3wpp, CVE-2024-8508_).

we update `hickory-resolver` from 0.25.2 to 0.26.1.

this is a significant release that includes many changes to the
hickory-resolver public interface. see the release notes in 0.26.0 for a
detailed summary of changes to that library since 0.25.2.

see also:

* #4552
* linkerd/linkerd2-proxy-api#561
* linkerd/linkerd2-proxy-api#562
* linkerd/linkerd2-proxy-api#563
* open-telemetry/opentelemetry-rust#3536

this branch updates the `quickcheck` library to 1.1.0, now that the
linkerd2-proxy-api dependency has been updated to v0.20.0. this removes
a dependency on rand@0.8.

rand 0.9 is still in our dependency tree, and is ignored in our `cargo
deny` at the time of writing.
open-telemetry/opentelemetry-rust#3536 updates
our remaining dependency on rand 0.9, but otherwise we now depend
entirely on rand 0.10.

Signed-off-by: katelyn martin <kate@buoyant.io>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants