Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

zh: add security notes #2692

Merged
merged 2 commits into from
Jan 23, 2025
Merged

zh: add security notes #2692

merged 2 commits into from
Jan 23, 2025

Conversation

csuzhangxc
Copy link
Member

@csuzhangxc csuzhangxc commented Jan 23, 2025
edited
Loading

First-time contributors' checklist

What is changed, added, or deleted? (Required)

Which TiDB Operator version(s) do your changes apply to? (Required)

  • master (the latest development version)
  • v1.6 (TiDB Operator 1.6 versions)
  • v1.5 (TiDB Operator 1.5 versions)
  • v1.4 (TiDB Operator 1.4 versions)
  • v1.3 (TiDB Operator 1.3 versions)

What is the related PR or file link(s)?

  • This PR is translated from:
  • Other reference link(s):

@ti-chi-bot ti-chi-bot bot added missing-translation-status This PR does not have translation status info. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jan 23, 2025
@Oreoxmt
Copy link
Collaborator

Oreoxmt commented Jan 23, 2025

/cc @Oreoxmt

@ti-chi-bot ti-chi-bot bot requested a review from Oreoxmt January 23, 2025 07:58
Oreoxmt
Oreoxmt reviewed Jan 23, 2025
View reviewed changes
zh/tidb-operator-overview.md Outdated
Comment on lines 11 to 13
安全风险说明:

由于受 Kubernetes 兼容性的限制,Patch 版本无法进行跨大版本的三方依赖升级,这可能带来因使用过时组件而引发的潜在安全风险。我们建议所有用户优先选择部署最新版本的 TiDB Operator,以确保您的系统能够运行在更安全和稳定的环境中,同时避免因组件老化而可能引发的风险。
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
安全风险说明:
由于受 Kubernetes 兼容性的限制,Patch 版本无法进行跨大版本的三方依赖升级,这可能带来因使用过时组件而引发的潜在安全风险。我们建议所有用户优先选择部署最新版本的 TiDB Operator,以确保您的系统能够运行在更安全和稳定的环境中,同时避免因组件老化而可能引发的风险
> **警告:**
>
> 由于 Kubernetes 兼容性的限制,TiDB Operator 的补丁版本无法跨主干版本升级三方依赖,例如 xxx。这可能导致因使用过时组件而引发的潜在安全风险。建议优先部署最新版本的 TiDB Operator,以确保你的系统运行在更安全和稳定的环境中,同时避免因组件版本过旧可能引发的风险

@Oreoxmt Oreoxmt added translation/doing This PR’s assignee is translating this PR. needs-cherry-pick-release-1.4 Should cherry pick this PR to release-1.4 branch. needs-cherry-pick-release-1.5 Should cherry pick this PR to release-1.5 branch. labels Jan 23, 2025
@ti-chi-bot ti-chi-bot bot removed the missing-translation-status This PR does not have translation status info. label Jan 23, 2025
@Oreoxmt Oreoxmt added missing-translation-status This PR does not have translation status info. and removed needs-cherry-pick-release-1.5 Should cherry pick this PR to release-1.5 branch. missing-translation-status This PR does not have translation status info. labels Jan 23, 2025
@ti-chi-bot ti-chi-bot
Copy link

ti-chi-bot bot commented Jan 23, 2025

[LGTM Timeline notifier]

Timeline:

  • 2025-01-23 08:41:03.600198131 +0000 UTC m=+342990.931117534: ☑️ agreed by Oreoxmt.

@ti-chi-bot ti-chi-bot bot added the needs-1-more-lgtm Indicates a PR needs 1 more LGTM. label Jan 23, 2025
@Oreoxmt
Copy link
Collaborator

Oreoxmt commented Jan 23, 2025

/approve

@ti-chi-bot ti-chi-bot
Copy link

ti-chi-bot bot commented Jan 23, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Oreoxmt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ti-chi-bot ti-chi-bot bot added the approved label Jan 23, 2025
@Oreoxmt Oreoxmt added the lgtm label Jan 23, 2025
@ti-chi-bot ti-chi-bot bot merged commit 91435d3 into release-1.5 Jan 23, 2025
13 checks passed
@ti-chi-bot
Copy link
Member

In response to a cherrypick label: new pull request created to branch release-1.4: #2695.

@ti-chi-bot ti-chi-bot mentioned this pull request Jan 23, 2025
Open
6 tasks
@csuzhangxc csuzhangxc deleted the csuzhangxc/sec branch January 23, 2025 08:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Oreoxmt Oreoxmt Oreoxmt approved these changes

Assignees
No one assigned
Labels
approved lgtm needs-1-more-lgtm Indicates a PR needs 1 more LGTM. needs-cherry-pick-release-1.4 Should cherry pick this PR to release-1.4 branch. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. translation/doing This PR’s assignee is translating this PR.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@csuzhangxc @Oreoxmt @ti-chi-bot