Martin Sucha

It seems this is something that should be fixed in upstream gocql/gocql as it seems that upstream is affected too. I'll be happy to merge the fix upstream.

I've checked the code, but it seems gocql does not spawn goroutines using the policy before calling `Init`, so there shouldn't be any race. Do you by any chance reuse...

> The issue is the assignment of the logger on line 401 during Init() can race with a use of the logger in the updateReplicas where it passes to getStrategy....

Reusing host selection policies between multiple sessions (even after closing the old session) is not supported as the old session might still be using the policy. Adding a lock to...

> Sounds like it’s a more along the lines of a defective design pattern - and the strategies should be passed as a factory so that each session the driver...

Any updates?

I think it's similar to the function that allows you to add your public key to authorized_keys - that also assumes you are running OpenSSH and that you haven't changed...

It seems to me that a lot of those security issues emerged because we don't provide an easy, secure way to extract an archive out of the box, at least...

I've created a reproducer repo: https://github.com/kiwicom/renovate-11595

Gitlab just parses yaml. Splitting a string to multiple lines is a [standard feature of yaml](https://yaml.org/spec/1.2/#id2787109): > In a multi-line double-quoted scalar, line breaks are are subject to flow line...