Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor: update vulnerabilities #186

Merged
merged 2 commits into from
Jun 19, 2023
Merged

refactor: update vulnerabilities #186

merged 2 commits into from
Jun 19, 2023

Conversation

SrikarMannepalli
Copy link
Contributor

Update vulnerable dependencies

@github-actions
Copy link

github-actions bot commented Jun 19, 2023
edited
Loading

Test Results

25 tests  ±0   25 ✔️ ±0   16s ⏱️ -2s
11 suites ±0     0 💤 ±0 
11 files   ±0     0 ±0 

Results for commit a70b13a. ± Comparison against base commit d46425f.

♻️ This comment has been updated with latest results.

@codecov
Copy link

codecov bot commented Jun 19, 2023
edited
Loading

Codecov Report

Merging #186 (a70b13a) into main (d46425f) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##               main     #186   +/-   ##
=========================================
  Coverage     22.31%   22.31%           
  Complexity       75       75           
=========================================
  Files            68       68           
  Lines          1788     1788           
  Branches         54       54           
=========================================
  Hits            399      399           
  Misses         1380     1380           
  Partials          9        9
Flag Coverage Δ
unit 22.31% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

SrikarMannepalli
SrikarMannepalli commented Jun 19, 2023
View reviewed changes
owasp-suppressions.xml
@@ -16,4 +16,11 @@
<packageUrl regex="true">^pkg:maven/io\.github\.graphql\-java/graphql\-java\-annotations@.*$</packageUrl>
<cpe>cpe:/a:graphql-java:graphql-java</cpe>
</suppress>
<suppress until="2023-06-29Z">
Copy link
Contributor Author

@SrikarMannepalli SrikarMannepalli Jun 19, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adding a suppression with expiry for now as there is no update available yet and the authenticity of the vulnerability is being disputed - FasterXML/jackson-databind#3973.

@SrikarMannepalli SrikarMannepalli marked this pull request as ready for review June 19, 2023 06:03
@SrikarMannepalli SrikarMannepalli requested a review from a team as a code owner June 19, 2023 06:03
@SrikarMannepalli SrikarMannepalli merged commit a3c26d3 into main Jun 19, 2023
@SrikarMannepalli SrikarMannepalli deleted the update-deps branch June 19, 2023 06:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@suresh-prakash suresh-prakash suresh-prakash approved these changes

@aaron-steinfeld aaron-steinfeld Awaiting requested review from aaron-steinfeld

@skjindal93 skjindal93 Awaiting requested review from skjindal93

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@SrikarMannepalli @suresh-prakash