Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

#24: Excluded vulnerable transitive dependency #25

Merged
merged 5 commits into from
Aug 5, 2021

Conversation

morazow
Copy link
Contributor

@morazow morazow commented Aug 5, 2021

Fixes #24.

@morazow morazow requested a review from jakobbraun August 5, 2021 09:04
jakobbraun
jakobbraun previously approved these changes Aug 5, 2021

## Summary

This releases excludes a vulnerable transitive dependency and adds updated version of it.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe you could mention the CVE numbers here

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added

@morazow
Copy link
Contributor Author

morazow commented Aug 5, 2021

Okay, seems to there is another dependency with vulnerability. I was getting a minute ago.

@morazow
Copy link
Contributor Author

morazow commented Aug 5, 2021

Okay, fixed, somehow removed changes to pom file with last commit.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Aug 5, 2021

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@morazow morazow merged commit e879893 into main Aug 5, 2021
@morazow morazow deleted the refactoring/#24-exclude-vulnerable-dependency branch August 5, 2021 09:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Fix vulnerabilities in transitive dependencies
2 participants