Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(sec): upgrade github.com/buger/jsonparser to 1.1.1 #2985

Merged
merged 4 commits into from
Dec 13, 2023
Merged

fix(sec): upgrade github.com/buger/jsonparser to 1.1.1 #2985

merged 4 commits into from
Dec 13, 2023

Conversation

ChengDaqi2023
Copy link
Contributor

What happened?

There are 1 security vulnerabilities found in github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23

What did I do?

Upgrade github.com/buger/jsonparser from v0.0.0-20181115193947-bf1c66bbce23 to 1.1.1 for vulnerability fix

What did you expect to happen?

Ideally, no insecure libs should be used.

How can we automate the detection of these types of issues?

By using the GitHub Actions configurations provided by murphysec, we can conduct automatic code security checks in our CI pipeline.

The specification of the pull request

PR Specification from OSCS

@dosubot dosubot bot added the size:XS This PR changes 0-9 lines, ignoring generated files. label Dec 1, 2023
@codecov-commenter
Copy link

codecov-commenter commented Dec 8, 2023
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (7e2edec) 84.40% compared to head (2b3070f) 84.45%.

❗ Current head 2b3070f differs from pull request most recent head c2b59d7. Consider uploading reports for the commit c2b59d7 to get more accurate results

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2985      +/-   ##
==========================================
+ Coverage   84.40%   84.45%   +0.05%     
==========================================
  Files          88       88              
  Lines        3983     3983              
==========================================
+ Hits         3362     3364       +2     
+ Misses        446      444       -2     
  Partials      175      175

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@dosubot dosubot bot added the LGTM label Dec 9, 2023
@hawkingrei hawkingrei enabled auto-merge (squash) December 12, 2023 10:45
@hawkingrei hawkingrei merged commit 4f614be into go-kratos:main Dec 13, 2023
34 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Windfarer Windfarer Windfarer approved these changes

@hawkingrei hawkingrei hawkingrei approved these changes

@shenqidebaozi shenqidebaozi Awaiting requested review from shenqidebaozi

Assignees
No one assigned
Labels
LGTM size:XS This PR changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ChengDaqi2023 @codecov-commenter @hawkingrei @Windfarer