Plans to tag latest branch to include github.com/nats-io/nats-server/v2 v2.8.4? #1258
-
FOSSA has identified nats-server v2.5.0 to have a high severity vulnerability: Your master branch is already using: But your latest tag, v0.12.0, is using: ✋ Are there plans to release a new tag to include this version bump on nats-server? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 7 replies
-
No. There's no reason for modules like Go kit to tag new releases for dependency updates, because the version of dependencies that are included in final binaries are controlled by the downstream consumers. |
Beta Was this translation helpful? Give feedback.
No. There's no reason for modules like Go kit to tag new releases for dependency updates, because the version of dependencies that are included in final binaries are controlled by the downstream consumers.