Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependencies to fix vulnerabilities #931

Merged
merged 1 commit into from
Mar 29, 2021

Conversation

tsoslow
Copy link
Contributor

@tsoslow tsoslow commented Mar 27, 2021

  • go.uber.org/atomic@1.6.0
  • go.uber.org/multierr@1.5.0.

Removes a lot of no longer needed dependencies and fixes vulnerabilities including the following:

- go.uber.org/atomic@1.6.0
- go.uber.org/multierr@1.5.0.

Removes a lot of no longer needed dependencies and fixes vulnerabilities including the following:
- golang.org/x/crypto (CVE-2020-9283)
- golang.org/x/text (CVE-2020-14040)
@codecov
Copy link

codecov bot commented Mar 27, 2021

Codecov Report

Merging #931 (7717e62) into master (bfa147a) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #931   +/-   ##
=======================================
  Coverage   98.27%   98.27%           
=======================================
  Files          44       44           
  Lines        1974     1974           
=======================================
  Hits         1940     1940           
  Misses         27       27           
  Partials        7        7           

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bfa147a...7717e62. Read the comment docs.

Copy link
Collaborator

@abhinav abhinav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@abhinav abhinav merged commit c23abee into uber-go:master Mar 29, 2021
abhinav pushed a commit that referenced this pull request May 25, 2021
- go.uber.org/atomic@1.6.0
- go.uber.org/multierr@1.5.0.

Removes a lot of no longer needed dependencies and fixes vulnerabilities including the following:

- golang.org/x/crypto (CVE-2020-9283)
- golang.org/x/text (CVE-2020-14040)
cgxxv pushed a commit to cgxxv/zap that referenced this pull request Mar 25, 2022
- go.uber.org/atomic@1.6.0
- go.uber.org/multierr@1.5.0.

Removes a lot of no longer needed dependencies and fixes vulnerabilities including the following:

- golang.org/x/crypto (CVE-2020-9283)
- golang.org/x/text (CVE-2020-14040)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

2 participants