luccasa / haproxy.agentcheck Goto Github PK
View Code? Open in Web Editor NEWOS system metrics probe for Haproxy agent-check feedback loop
License: MIT License
OS system metrics probe for Haproxy agent-check feedback loop
License: MIT License
Hello, there!
As part of the university research we are currently doing regarding the security of Github Actions, we noticed that one or many of the workflows that are part of this repository are referencing vulnerable versions of the third-party actions. As part of a disclosure process, we decided to open issues to notify GitHub Community.
Please note that there are could be some false positives in our methodology, thus not all of the open issues could be valid. If that is the case, please let us know, so that we can improve on our approach. You can contact me directly using an email: ikoishy [at] ncsu.edu
Thanks in advance
The vulnerability fix that is missing by actions' versions could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider updating the reference to the action.
If you end up updating the reference, please let us know. We need the stats for the paper :-)
If a IIS pool crash, we want to expose a 0% metric for a specific duration (the warmup time)
The implementation must be very protective (maximum number of events per hour, maximum window time)
Ex : Event ID: 5011 Source: WAS
Code sample : https://stackoverflow.com/a/33940854/533686
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
These branches will be created by Renovate only once you click their checkbox below.
These updates are currently rate-limited. Click on a checkbox below to force their creation now.
These updates have all been created already. Click a checkbox below to force a retry/rebase of any.
Microsoft.AspNetCore.Mvc.Testing
, Microsoft.Extensions.Diagnostics.Testing
)xunit
, xunit.runner.visualstudio
)Renovate has not found any CVEs on osv.dev.
.github/workflows/dotnetcore.yml
actions/checkout v4@b4ffde65f46336ab88eb53be808477a3936bae11
actions/setup-dotnet v4@4d6c8fcf3c8f7a60068d26b594648e99df24cee3
gittools/actions v0.10.2@a41619580c25efb59dfc062e92990914141abcad
gittools/actions v0.10.2@a41619580c25efb59dfc062e92990914141abcad
actions/upload-artifact v4@26f96dfa697d77e81fd5907df203aa23a56210a8
actions/upload-artifact v4@26f96dfa697d77e81fd5907df203aa23a56210a8
actions/create-release v1@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e
actions/upload-release-asset v1@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5
actions/upload-release-asset v1@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5
Directory.Packages.props
Microsoft.CodeAnalysis.BannedApiAnalyzers 3.3.4
SonarAnalyzer.CSharp 9.19.0.84025
xunit.runner.visualstudio 2.5.6
xunit 2.6.6
coverlet.msbuild 6.0.0
Microsoft.NET.Test.Sdk 17.8.0
System.IO.Pipelines 8.0.0
System.Diagnostics.PerformanceCounter 8.0.0
Serilog.Sinks.File 5.0.0
Serilog.Settings.Configuration 8.0.0
Serilog.Enrichers.Process 2.0.2
Serilog.Enrichers.Environment 2.3.0
Serilog.Enrichers.AssemblyName 1.0.9
Serilog.AspNetCore 8.0.1
Microsoft.Extensions.Hosting.WindowsServices 8.0.0
Microsoft.Extensions.Hosting.Systemd 8.0.0
Microsoft.Extensions.Diagnostics.Testing 8.2.0
Microsoft.Diagnostics.Tracing.TraceEvent 3.1.8
Microsoft.Diagnostics.NETCore.Client 0.2.505301
Microsoft.AspNetCore.Mvc.Testing 8.0.2
global.json
dotnet-sdk 8.0.201
The "weight" parameter is used to adjust the server's weight relative to
other servers. All servers will receive a load proportional to their weight
relative to the sum of all weights, so the higher the weight, the higher the
load. The default weight is 1, and the maximal value is 256. A value of 0
means the server will not participate in load-balancing but will still accept
persistent connections. If this parameter is used to distribute the load
according to server's capacity, it is recommended to start with values which
can both grow and shrink, for instance between 10 and 100 to leave enough
room above and below for later adjustments.
Current implementation only go to 100
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.