[SERVER-84615] Define a version for linenoise Created: 05/Jan/24  Updated: 05/Feb/24  Resolved: 05/Feb/24

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 8.0.0-rc0

Type: Task Priority: Major - P3
Reporter: Spencer Jackson Assignee: Spencer Jackson
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Related
is related to SERVER-5246 Move linenoise out of third_party Closed
Assigned Teams:
Server Security
Backwards Compatibility: Fully Compatible
Backport Requested:
v7.3, v7.0, v6.0, v5.0, v4.4
Sprint: Security 2024-02-05, Security 2024-02-19
Participants:

 Description   

When we vendor third party libraries, we must ensure that they've been sourced from known origins and possess meaningful version identifiers. We use version identifiers to track security vulnerabilities and their mitigations, and libraries without versions cannot be easily audited. As we work toward publishing an SBOM, this information will be made public so that our customers can make informed decisions about supply chain risk.

Library linenoise doesn’t seem to be vendored from a specific release identified by a version identifier issued by its upstream vendor. Please either identify the release which originated the library and update README.third_party.md, update your library to a named release, or migrate to an alternative.

If you require an exception, please reach out to stacey.kingpoling@mongodb.com.



 Comments   
Comment by Githook User [ 02/Feb/24 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-84615 Identify original commit for linenoise (#18663)

GitOrigin-RevId: 4170a601d84f2a8189e32e830a73cbfb4f9fe363
Branch: master
https://github.com/mongodb/mongo/commit/502dab715a2daa1e498dce3b9559c7129def00a1

Generated at Thu Feb 08 06:55:31 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.