Skip to content

Bump exabgp from 4.2.25 to 5.0.8#4788

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/exabgp-5.0.8
Closed

Bump exabgp from 4.2.25 to 5.0.8#4788
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/exabgp-5.0.8

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 9, 2026
edited
Loading

Bumps exabgp from 4.2.25 to 5.0.8.

Release notes

Sourced from exabgp's releases.

ExaBGP 'Flying Bell' Release

Version 5.0.7

  • Fix: send zero-length capabilities in OPEN message (#1371) Route Refresh (RFC 2918), Enhanced Route Refresh (RFC 7313), and Extended Message (RFC 8654) capabilities were silently dropped from the wire OPEN message despite appearing in debug logs. These are valid zero-length capabilities that were incorrectly filtered out by a too-broad check added in PR #1221 (fcf6bb029).

  • Fix: do not send empty Hostname capability when hostname is not configured When hostname was None, HostName.extract() returned an invalid zero-length payload instead of suppressing the capability entirely. Also hardens the parser against truncated hostname data from peers.

  • Fix: wrap log message in lambda for lazy evaluation The named pipes error message in server.py triggered a non-callable log message warning at runtime.

ExaBGP 'Easter Rabbit' Release

Version 5.0.6:

  • Feature: add --env-file flag and EXABGP_ENVFILE env var for custom env file (#1367) The exabgp 5.x CLI had no way to specify a custom exabgp.env file path, unlike the 4.x --env flag. Two override mechanisms are now available: exabgp --env-file /path/to/exabgp.env server config.conf EXABGP_ENVFILE=/path/to/exabgp.env exabgp server config.conf
  • Fix: show error details when configuration validation fails (#1367) Validation errors were silently swallowed with exit code 1 and no output. Now writes errors to stderr with the actual parse error.
  • Fix: accept wildcard * in healthcheck --neighbor option (#1367) The --neighbor argument rejected * which is common in 4.x config files. Adds neighbor_address() validator that accepts * as a wildcard.
  • Fix: show error on stderr when server can't find config file (#1367) The server silently exited with code 1 when given a nonexistent config file. Now writes the error to stderr.
  • Fix: healthcheck uses per-state as-path instead of ignoring it The locally-resolved as_path variable (from --up-as-path, --down-as-path, --disabled-as-path) was computed but never used.

ExaBGP 'Saint Patrick' release

Version 5.0.5:

  • Fix: healthcheck --neighbor produced doubled neighbor prefix (#1366)
  • Fix: healthcheck crash when --ip-ifname not used (#1365)
  • Fix: Align column headers in show neighbor extensive
  • Fix: Route Refresh messages sent after new updates instead of before When flush adj-rib out and a new announce arrived in the same reactor cycle, the new route UPDATE was sent before the ROUTE_REFRESH start marker, violating the Enhanced Route Refresh sequence.
  • Fix: pytest collecting tests from wrong exabgp installation

... (truncated)

Changelog

Sourced from exabgp's changelog.

Version explained:

  • major : codebase increase on incompatible changes
  • minor : increase on risk of code breakage during a major release
  • bug : increase on bug or incremental changes

Version 5.0.8:

  • Fix: handle OPEN message with zero capabilities without crashing Capabilities.unpack() read the parameter type byte before checking whether the Optional Parameters Length was zero, raising IndexError when a peer sent an OPEN with no optional parameters at all (a valid single 0x00 byte payload per RFC 4271). The early-return guard sat below the offending read so it never helped. Alternative to PR #1375.

Version 5.0.7:

  • Fix: send zero-length capabilities in OPEN message (#1371) Route Refresh (RFC 2918), Enhanced Route Refresh (RFC 7313), and Extended Message (RFC 8654) capabilities were silently dropped from the wire OPEN message despite appearing in debug logs. These are valid zero-length capabilities that were incorrectly filtered out by a too-broad check added in PR #1221 (fcf6bb029).
  • Fix: do not send empty Hostname capability when hostname is not configured When hostname was None, HostName.extract() returned an invalid zero-length payload instead of suppressing the capability entirely. Also hardens the parser against truncated hostname data from peers.
  • Fix: wrap log message in lambda for lazy evaluation The named pipes error message in server.py triggered a non-callable log message warning at runtime.

Version 5.0.6:

  • Feature: add --env-file flag and EXABGP_ENVFILE env var for custom env file (#1367) The exabgp 5.x CLI had no way to specify a custom exabgp.env file path, unlike the 4.x --env flag. Two override mechanisms are now available: exabgp --env-file /path/to/exabgp.env server config.conf EXABGP_ENVFILE=/path/to/exabgp.env exabgp server config.conf
  • Fix: show error details when configuration validation fails (#1367) Validation errors were silently swallowed with exit code 1 and no output. Now writes errors to stderr with the actual parse error.
  • Fix: accept wildcard * in healthcheck --neighbor option (#1367) The --neighbor argument rejected * which is common in 4.x config files. Adds neighbor_address() validator that accepts * as a wildcard.
  • Fix: show error on stderr when server can't find config file (#1367) The server silently exited with code 1 when given a nonexistent config file. Now writes the error to stderr.
  • Fix: healthcheck uses per-state as-path instead of ignoring it The locally-resolved as_path variable (from --up-as-path, --down-as-path, --disabled-as-path) was computed but never used.

Version 5.0.5:

  • Fix: healthcheck --neighbor produced doubled neighbor prefix (#1366)
  • Fix: healthcheck crash when --ip-ifname not used (#1365)

... (truncated)

Commits
  • 7c2eebf updating version to 5.0.8
  • 2b575e5 chore: add Version 5.0.8 changelog
  • 60f0a90 fix: handle OPEN message with zero capabilities without crashing
  • f2462f0 chore: add GitHub release step to release process
  • e2be9f0 updating version to 5.0.7
  • ac82218 chore: add Version 5.0.7 changelog
  • 9b91525 fix: wrap log message in lambda for lazy evaluation
  • 6b477c0 fix: send zero-length capabilities (route-refresh, etc.) in OPEN message (#1371)
  • 4d26f0d updating version to 5.0.6
  • 6dcc51f chore: add Version 5.0.6 changelog and exclude .claude/worktrees from ruff
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Apr 9, 2026
@dependabot dependabot Bot mentioned this pull request Apr 9, 2026
Closed
@dependabot
Bump exabgp from 4.2.25 to 5.0.8
864c285 
Bumps [exabgp](https://github.com/Exa-Networks/exabgp) from 4.2.25 to 5.0.8.
- [Release notes](https://github.com/Exa-Networks/exabgp/releases)
- [Changelog](https://github.com/Exa-Networks/exabgp/blob/5.0.8/doc/CHANGELOG.rst)
- [Commits](Exa-Networks/exabgp@4.2.25...5.0.8)

---
updated-dependencies:
- dependency-name: exabgp
  dependency-version: 5.0.8
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pip/exabgp-5.0.8 branch from e9ddbe7 to 864c285 Compare April 9, 2026 23:06
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 16, 2026

Superseded by #4793.

@dependabot dependabot Bot closed this Apr 16, 2026
@dependabot dependabot Bot deleted the dependabot/pip/exabgp-5.0.8 branch April 16, 2026 06:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants