-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RDNET-996: bump versions #13
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please see https://app.snyk.io/org/product-general/project/ac3e5b07-8f13-40ae-bcc8-f47783d54a0c
The first two high severity vulnerabilities are "Mature" and "Proof of Concept", which means how to exploit the vulnerabilities is known to the public. The Snyk report is for chisel 1.8.1, not 1.8.2. Let me dig it further.
I opened a ticket with Snyk (https://support.snyk.io/hc/en-us/requests/50058) for the chisel repo, but the questions I have with chisel are also applicable to this project. I suspect that the high severity vulnerabilities reported by Snyk are false positives. We will wait for Snyk's response.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No description provided.