[Snyk] Security upgrade rubocop from 1.65.1 to 1.66.0 #5
Conversation
![snyk-io[bot]](https://avatars.githubusercontent.com/in/372950?s=60&v=4){kind=small}
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-RUBY-REXML-7814166
|
Hello from @codemakerai. CodeMaker AI GitHub App integration. Usage: @codemakerai [command or prompt] AssistantAll Assistant features are supported in GitHub. Assistant can answer general questions as well as questions directly @codemakerai assistant prompt - the assistant prompt CommandsPull Request Commands - commands that can be posted as comments on the pull request: @codemakerai help - prints this help message Pull Request Code Review Commands - commands that can be posted as comments on the code review i.e. "Files changed" tab: @codemakerai assistant prompt - the assistant prompt TriggersTo automatically trigger certain actions on pull requests you can create and use the following GitHub labels. codemakerai-pull-request-generate-documentation - automatically generates comments/documentation on Pull Request creation. For in depth explanation of the features, please consult https://docs.codemaker.ai In case of any issues please report them to https://community.codemaker.ai |
Snyk has created this PR to fix 1 vulnerabilities in the rubygems dependencies of this project.
Snyk changed the following file(s):
GemfileVulnerabilities that will be fixed with an upgrade:
SNYK-RUBY-REXML-7814166
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"rubocop","from":"1.65.1","to":"1.66.0"}],"env":"prod","issuesToFix":[{"exploit_maturity":"No Known Exploit","id":"SNYK-RUBY-REXML-7814166","priority_score":111,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00043},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Aug 23 2024 06:45:27 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":98},{"name":"impact","value":5.99},{"name":"likelihood","value":1.84},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Improper Restriction of XML External Entity Reference ('XXE')"}],"prId":"ad1ec075-dd13-44e7-be49-a24cd5a5e8e3","prPublicId":"ad1ec075-dd13-44e7-be49-a24cd5a5e8e3","packageManager":"rubygems","priorityScoreList":[111],"projectPublicId":"a8bd3e02-1767-4de7-97cb-8122572121c1","projectUrl":"https://app.snyk.io/org/tulik/project/a8bd3e02-1767-4de7-97cb-8122572121c1?utm_source=github-cloud-app&utm_medium=referral&page=fix-pr","prType":"fix","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["updated-fix-title","pr-warning-shown","priorityScore"],"type":"auto","upgrade":["SNYK-RUBY-REXML-7814166"],"vulns":["SNYK-RUBY-REXML-7814166"],"patch":[],"isBreakingChange":false,"remediationStrategy":"vuln"}'