New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependecies for CVE #13834
Update dependecies for CVE #13834
Conversation
43989fa
to
f6604e3
Compare
@@ -72,7 +72,10 @@ paths: | |||
- 'write:pets' | |||
- 'read:pets' | |||
requestBody: | |||
$ref: '#/components/schemas/Pet' | |||
content: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FYI. @tjquinno there are changes to helidon test spec and files
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes because the spec was no valid. I've fixed another one in samples.
@@ -1517,7 +1518,7 @@ | |||
<maven-surefire-plugin.version>3.0.0-M6</maven-surefire-plugin.version> | |||
<openrewrite.version>7.22.0</openrewrite.version> | |||
<swagger-parser-groupid.version>io.swagger.parser.v3</swagger-parser-groupid.version> | |||
<swagger-parser.version>2.1.1</swagger-parser.version> | |||
<swagger-parser.version>2.1.6</swagger-parser.version> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@OpenAPITools/generator-core-team FYI. swagger parser and other dependencies version update.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It solve multiple cve. It's this part that make the contract validation more accurate.
I'll merge it over the weekend if no question/feedback from anyone. |
@wing328 William, thanks for the heads-up on these changes. I checked out this branch and built it locally. I can build the generated Helidon samples successfully, but when I try to start them I'm getting runtime errors. For example:
and also
I get different runtime errors, but both of these fail. I will look into this right away, but if possible please do not merge until we understand what's happening. Thanks. |
The problems with running the generated Helidon servers do not seem to come from this PR. I rebuilt openapi-generator on master and got the same errors. I see no reason to wait to merge this PR. I will open a separate issue for resolving the Helidon server problems. I would very much like to fix that before the 6.2.1 release. |
fix #13772
Update of multiple lib for CVE (found with Snyk)
PR checklist
This is important, as CI jobs will verify all generator outputs of your HEAD commit as it would merge with master.
These must match the expectations made by your contribution.
You may regenerate an individual generator by passing the relevant config(s) as an argument to the script, for example
./bin/generate-samples.sh bin/configs/java*
.For Windows users, please run the script in Git BASH.
master
(6.1.0) (minor release - breaking changes with fallbacks),7.0.x
(breaking changes without fallbacks)