Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: BED-4097 - BED-4098 bump library versions for reported CVEs #394

Merged
merged 1 commit into from
Feb 7, 2024
Merged

fix: BED-4097 - BED-4098 bump library versions for reported CVEs #394

merged 1 commit into from
Feb 7, 2024

Conversation

zinic
Copy link
Collaborator

@zinic zinic commented Feb 7, 2024

Description

Updates:

  • golang.org/x/crypto
  • golang.org/x/net
  • github.com/crewjam/saml

Covers:

Motivation and Context

We should not use vulnerable libraries.

Types of changes

  • Chore (a change that does not modify the application functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • Documentation updates are needed, and have been made accordingly.
  • I have added and/or updated tests to cover my changes.
  • All new and existing tests passed.
  • My changes include a database migration.

superlinkx
superlinkx requested changes Feb 7, 2024
View reviewed changes
Copy link
Contributor

@superlinkx superlinkx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Want to test building before we merge just to validate

@zinic zinic merged commit 6682daa into stage/v5.6.0 Feb 7, 2024
3 checks passed
@zinic zinic deleted the BED-4097_BED-4098 branch February 7, 2024 20:28
@github-actions github-actions bot locked and limited conversation to collaborators Feb 7, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@computator computator computator approved these changes

@superlinkx superlinkx superlinkx approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@zinic @superlinkx @computator