Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add benchmark comparison between cosid and leaf to workflows #23

Merged
merged 4 commits into from
Jan 15, 2022
Merged

Add benchmark comparison between cosid and leaf to workflows #23

merged 4 commits into from
Jan 15, 2022

Conversation

Ahoo-Wang
Copy link
Owner

@Ahoo-Wang Ahoo-Wang commented Jan 15, 2022
edited
Loading

#22

@Ahoo-Wang Ahoo-Wang merged commit 06af276 into main Jan 15, 2022
@Ahoo-Wang Ahoo-Wang linked an issue Jan 15, 2022 that may be closed by this pull request
Performance: CosId vs Leaf #22
Open
@Ahoo-Wang Ahoo-Wang removed a link to an issue Jan 15, 2022
Performance: CosId vs Leaf #22
Open
@Ahoo-Wang Ahoo-Wang linked an issue Jan 15, 2022 that may be closed by this pull request
Performance: CosId vs Leaf #22
Open
sonatype-lift[bot]
sonatype-lift bot reviewed Jan 15, 2022
View reviewed changes
cosid-benchmark/build.gradle.kts Outdated
@@ -39,7 +44,7 @@ dependencies {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Moderate OSS Vulnerability:

pkg:maven/me.ahoo.cosid/[email protected]

0 Critical, 0 Severe, 3 Moderate, 0 Unknown vulnerabilities have been found across 3 dependencies

Components
    pkg:maven/com.google.guava/[email protected]
      MODERATE Vulnerabilities (1)

        [CVE-2020-8908] A temp directory creation vulnerability exists in all versions of Guava, allowin...

        A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.

        CVSS Score: 3.3

        CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

    pkg:maven/com.google.guava/[email protected]
      MODERATE Vulnerabilities (1)

        [CVE-2020-8908] A temp directory creation vulnerability exists in all versions of Guava, allowin...

        A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.

        CVSS Score: 3.3

        CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

    pkg:maven/com.google.guava/[email protected]
      MODERATE Vulnerabilities (1)

        [CVE-2020-8908] A temp directory creation vulnerability exists in all versions of Guava, allowin...

        A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.

        CVSS Score: 3.3

        CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

(at-me [in a reply](https://help.sonatype.com/lift/talking-to-lift) with `help` or `ignore`)

@Ahoo-Wang Ahoo-Wang deleted the actions branch January 20, 2022 09:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sonatype-lift sonatype-lift[bot] sonatype-lift[bot] left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Performance: CosId vs Leaf
1 participant
@Ahoo-Wang