diff --git a/CHANGELOG.md b/CHANGELOG.md index 119bb4b..0f5444d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,17 @@ +# v1.6.3 + +Released 2022-04-08 + +- dep bumps +- more secure permissions on the socket file + # v1.6.2 Released 2022-04-06 - dep bumps - optimize via object instance reuse of various clients etc +- graceful shutdown of the grpc server # v1.6.1 diff --git a/bin/democratic-csi b/bin/democratic-csi index 79ded9d..2a2148e 100755 --- a/bin/democratic-csi +++ b/bin/democratic-csi @@ -69,6 +69,11 @@ const args = require("yargs") describe: "listen socket for the server", type: "string", }) + .option("server-socket-permissions-mode", { + describe: "permissions on the socket file for the server", + type: "string", + default: "0600", // os default is 755 + }) .version() .help().argv; @@ -77,6 +82,8 @@ if (!args.serverSocket && !args.serverAddress && !args.serverPort) { process.exit(1); } +//console.log(args); + const package = require("../package.json"); args.version = package.version; @@ -455,7 +462,7 @@ if (require.main === module) { ); }); - fs.chmodSync(socketPath, 0o666); + fs.chmodSync(socketPath, args["server-socket-permissions-mode"]); } csiServer.start(); } catch (e) { diff --git a/package-lock.json b/package-lock.json index d6c08d8..d0ba2ca 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "democratic-csi", - "version": "1.6.2", + "version": "1.6.3", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "democratic-csi", - "version": "1.6.2", + "version": "1.6.3", "license": "MIT", "dependencies": { "@grpc/grpc-js": "^1.5.7", @@ -1689,9 +1689,9 @@ } }, "node_modules/keyv": { - "version": "4.2.1", - "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.2.1.tgz", - "integrity": "sha512-cAJq5cTfxQdq1DHZEVNpnk4mEvhP+8UP8UQftLtTtJ98beKkRHf+62M0mIDM2u/IWXyP8bmGB375/6uGdSX2MA==", + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.2.2.tgz", + "integrity": "sha512-uYS0vKTlBIjNCAUqrjlxmruxOEiZxZIHXyp32sdcGmP+ukFrmWUnE//RcPXJH3Vxrni1H2gsQbjHE0bH7MtMQQ==", "dependencies": { "compress-brotli": "^1.3.6", "json-buffer": "3.0.1" @@ -1757,9 +1757,9 @@ } }, "node_modules/lru-cache": { - "version": "7.7.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.7.3.tgz", - "integrity": "sha512-WY9wjJNQt9+PZilnLbuFKM+SwDull9+6IAguOrarOMoOHTcJ9GnXSO11+Gw6c7xtDkBkthR57OZMtZKYr+1CEw==", + "version": "7.8.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.8.0.tgz", + "integrity": "sha512-AmXqneQZL3KZMIgBpaPTeI6pfwh+xQ2vutMsyqOu1TBdEXFZgpG/80wuJ531w2ZN7TI0/oc8CPxzh/DKQudZqg==", "engines": { "node": ">=12" } @@ -2440,28 +2440,17 @@ "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, "node_modules/semver": { - "version": "7.3.5", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", - "integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", + "version": "7.3.6", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.6.tgz", + "integrity": "sha512-HZWqcgwLsjaX1HBD31msI/rXktuIhS+lWvdE4kN9z+8IVT4Itc7vqU2WvYsyD6/sjYCt4dEKH/m1M3dwI9CC5w==", "dependencies": { - "lru-cache": "^6.0.0" + "lru-cache": "^7.4.0" }, "bin": { "semver": "bin/semver.js" }, "engines": { - "node": ">=10" - } - }, - "node_modules/semver/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" + "node": "^10.0.0 || ^12.0.0 || ^14.0.0 || >=16.0.0" } }, "node_modules/shebang-command": { @@ -4278,9 +4267,9 @@ } }, "keyv": { - "version": "4.2.1", - "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.2.1.tgz", - "integrity": "sha512-cAJq5cTfxQdq1DHZEVNpnk4mEvhP+8UP8UQftLtTtJ98beKkRHf+62M0mIDM2u/IWXyP8bmGB375/6uGdSX2MA==", + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.2.2.tgz", + "integrity": "sha512-uYS0vKTlBIjNCAUqrjlxmruxOEiZxZIHXyp32sdcGmP+ukFrmWUnE//RcPXJH3Vxrni1H2gsQbjHE0bH7MtMQQ==", "requires": { "compress-brotli": "^1.3.6", "json-buffer": "3.0.1" @@ -4340,9 +4329,9 @@ "integrity": "sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA==" }, "lru-cache": { - "version": "7.7.3", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.7.3.tgz", - "integrity": "sha512-WY9wjJNQt9+PZilnLbuFKM+SwDull9+6IAguOrarOMoOHTcJ9GnXSO11+Gw6c7xtDkBkthR57OZMtZKYr+1CEw==" + "version": "7.8.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.8.0.tgz", + "integrity": "sha512-AmXqneQZL3KZMIgBpaPTeI6pfwh+xQ2vutMsyqOu1TBdEXFZgpG/80wuJ531w2ZN7TI0/oc8CPxzh/DKQudZqg==" }, "make-error": { "version": "1.3.6", @@ -4853,21 +4842,11 @@ "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==" }, "semver": { - "version": "7.3.5", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", - "integrity": "sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ==", + "version": "7.3.6", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.6.tgz", + "integrity": "sha512-HZWqcgwLsjaX1HBD31msI/rXktuIhS+lWvdE4kN9z+8IVT4Itc7vqU2WvYsyD6/sjYCt4dEKH/m1M3dwI9CC5w==", "requires": { - "lru-cache": "^6.0.0" - }, - "dependencies": { - "lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "requires": { - "yallist": "^4.0.0" - } - } + "lru-cache": "^7.4.0" } }, "shebang-command": { diff --git a/package.json b/package.json index 098fdd2..e8e807a 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "democratic-csi", - "version": "1.6.2", + "version": "1.6.3", "description": "kubernetes csi driver framework", "main": "bin/democratic-csi", "scripts": {