Skip to main content

Browse the archive

Revision 3eee19a17a23489bb9461e0526f42d7f71da35ed authored by Quentin Monnet on 16 January 2023, 13:56:21 UTC, committed by Quentin Monnet on 17 January 2023, 09:41:25 UTC 
docs: Drop sphinxcontrib-openapi fork, switch back to upstream
 
Once upon a time, Cilium docs used the openapi Sphinx add-on to generate
its API reference based on the code. And things were good.

One day, Dependabot raised a security alert, stating that Mistune v2.0.2
was vulnerable to catastrophic backtracking [0] - this is a regex
parsing thing. Mistune was a dependency to m2r, an add-on to parse
Markdown in Sphinx, which in turn was a dependency to openapi.

The easy path would have been to update m2r to use the latest, fixed
Mistune version; but m2r was incompatible with Mistune >= 2.0.0, and
also it was no longer in development.

There was a fork, m2r2, which had little activity, and would avoid the
security issue by very simply pinning the Mistune version to 0.8.4
(which would either fail to build Cilium's reference correctly, or bring
some incompatibilities with other dependencies, at this point the
narrator does not remember for sure).

There was a fork of the fork, sphinx-mdinclude. We could use that
project to update openapi, except that it was not compatible with recent
versions of docutils, and that this would cause openapi's test suite to
fail to pass.

... So we ended up forking the openapi repository to update the
dependency to sphinx-mdinclude locally, and this is what we've been
using since last summer. And things were good again.

But things are even better when they go upstream [citation needed]. We
also filed the issue for docutils compatibility in sphinx-mdinclude [1].
It was fixed (thanks!). We submitted a PR to have openapi switch to
sphinx-mdinclude [2]. It was adjusted (thanks!), merged, and a new tag
was created.

Now at last, we can switch back to the upstream version of openapi!
[And the build system lived happily ever after.]

[0]: https://github.com/advisories/GHSA-fw3v-x4f2-v673
[1]: https://github.com/omnilib/sphinx-mdinclude/issues/8
[2]: https://github.com/sphinx-contrib/openapi/pull/127

I did _not_ run `make -C Documentation update-requirements`, because the
resulting changes seemed to break the Netlify preview [3]. I stuck to
openapi and bumped sphinx-mdinclude to >= 0.5.2, as required by openapi.

[3] https://app.netlify.com/sites/docs-cilium-io/deploys/63c55fcc5531c6000838b87c

Signed-off-by: Quentin Monnet <quentin@isovalent.com>
1 parent 4ec82bb
Raw File
MAINTAINERS.md 
# Maintainers

See [Governance](Documentation/community/governance/commit_access.rst) for
governance, commit, and vote guidelines as well as maintainer responsibilities.
Everybody listed is a committer as per governance definition.

All committers and maintainers have identical voting rights. Maintainers have
additional administrative and janitorial responsibilities.

Regardless of maintainer or committer status, any code contribution is subject
to code review requirements as per [CODEOWNERS](CODEOWNERS) and PRs get merged
by the "janitor role" which is rotated between all committers.

## Cilium Maintainers

 * [André Martins] (Isovalent)
 * [Joe Stringer] (Isovalent)

## Hubble Maintainers

 * [Glib Smaga] (Isovalent)
 * [Sebastian Wicki] (Isovalent)

## Cilium & Hubble Committers

 * [Aditi Ghag] (Isovalent)
 * [Alexandre Perrin] (Isovalent)
 * [Beatriz Martínez] (Isovalent)
 * [Bill Mulligan] (Isovalent)
 * [Bruno M. Custódio] (Isovalent)
 * [Chance Zibolski] (Isovalent)
 * [Chris Tarazi] (Isovalent)
 * [Daniel Borkmann] (Isovalent)
 * [Dan Wendlandt] (Isovalent)
 * [Deepesh Pathak]
 * [Eloy Coto] (Red Hat)
 * [Gilberto Bertin] (Isovalent)
 * [Hemanth Malla] (Datadog)
 * [Ian Vernon]
 * [Ilya Dmitrichenko] (Docker)
 * [Jarno Rajahalme] (Isovalent)
 * [John Fastabend] (Isovalent)
 * [Kornilios Kourtis] (Isovalent)
 * [Laurent Bernaille] (Datadog)
 * [Liz Rice] (Isovalent)
 * [Louis DeLosSantos] (Isovalent)
 * [Maciej Kwiek] (Isovalent)
 * [Martynas Pumputis] (Isovalent)
 * [Michal Rostecki] (SUSE)
 * [Michi Mutsuzaki] (Isovalent)
 * [Natália Réka Ivánkó] (Isovalent)
 * [Nathan Sweet] (Isovalent)
 * [Nicolas Busseneau] (Isovalent)
 * [Nirmoy Das] (AMD)
 * [Paul Chaignon] (Isovalent)
 * [Quentin Monnet] (Isovalent)
 * [Ray Bejjani]
 * [Robin Hahling] (Isovalent)
 * [Tam Mach] (Isovalent)
 * [Thomas Graf] (Isovalent)
 * [Timo Beckers] (Isovalent)
 * [Tobias Klauser] (Isovalent)
 * [Tom Hadlaw] (Isovalent)
 * [Tom Payne] (Isovalent)
 * [Vlad Ungureanu] (Palantir)
 * [Weilong Cui] (Google)
 * [Yongkun Gui] (Google)
 * [Zang Li] (Google)

## Cilium & Hubble Emeritus Committers

We would like to acknowledge previous committers and their huge contributions to our collective success:


Please see the AUTHORS file for the full list of contributors to the Cilium
project.

[Aditi Ghag]: https://github.com/aditighag
[Alexandre Perrin]: https://github.com/kaworu
[André Martins]: https://github.com/aanm
[Beatriz Martínez]: https://github.com/b3a-dev
[Bill Mulligan]: https://github.com/xmulligan
[Bruno M. Custódio]: https://github.com/bmcustodio
[Chance Zibolski]: https://github.com/chancez
[Chris Tarazi]: https://github.com/christarazi
[Daniel Borkmann]: https://github.com/borkmann
[Dan Wendlandt]: https://github.com/danwent
[Deepesh Pathak]: https://github.com/fristonio
[Eloy Coto]: https://github.com/eloycoto
[Gilberto Bertin]: https://github.com/jibi
[Glib Smaga]: https://github.com/glibsm
[Hemanth Malla]: https://github.com/hemanthmalla
[Ian Vernon]: https://github.com/ianvernon
[Ilya Dmitrichenko]: https://github.com/errordeveloper
[Jarno Rajahalme]: https://github.com/jrajahalme
[Joe Stringer]: https://github.com/joestringer
[John Fastabend]: https://github.com/jrfastab
[Kornilios Kourtis]: https://github.com/kkourt
[Laurent Bernaille]: https://github.com/lbernail
[Liz Rice]: https://github.com/lizrice
[Louis DeLosSantos]: https://github.com/ldelossa
[Maciej Kwiek]: https://github.com/nebril
[Martynas Pumputis]: https://github.com/brb
[Michal Rostecki]: https://github.com/vadorovsky
[Michi Mutsuzaki]: https://github.com/michi-covalent
[Natália Réka Ivánkó]: https://github.com/sharlns
[Nathan Sweet]: https://github.com/nathanjsweet
[Nicolas Busseneau]: https://github.com/nbusseneau
[Nirmoy Das]: https://github.com/nirmoy
[Paul Chaignon]: https://github.com/pchaigno
[Quentin Monnet]: https://github.com/qmonnet
[Ray Bejjani]: https://github.com/raybejjani
[Robin Hahling]: https://github.com/rolinh
[Sebastian Wicki]: https://github.com/gandro
[Tam Mach]: https://github.com/sayboras
[Thomas Graf]: https://github.com/tgraf
[Timo Beckers]: https://github.com/ti-mo
[Tobias Klauser]: https://github.com/tklauser
[Tom Hadlaw]: https://github.com/tommyp1ckles
[Tom Payne]: https://github.com/twpayne
[Vlad Ungureanu]: https://github.com/ungureanuvladvictor
[Weilong Cui]: https://github.com/Weil0ng
[Yongkun Gui]: https://github.com/anfernee
[Zang Li]: https://github.com/lzang
back to top