Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: remove unused deps to fix CVE-2020-15366 #904

Merged
merged 1 commit into from
Nov 19, 2023
Merged

fix: remove unused deps to fix CVE-2020-15366 #904

merged 1 commit into from
Nov 19, 2023

Conversation

hainenber
Copy link
Contributor

@hainenber hainenber commented Nov 19, 2023
edited
Loading

Description

Remove dependencies rendered as obsolete by PR #756 and in turns, fix CVE-2020-15366.

@hainenber
chore(dep): remove unused deps to fix CVE-2020-15366
1c2dd5d 
Signed-off-by: hainenber <dotronghai96@gmail.com>
github-actions[bot]
github-actions bot reviewed Nov 19, 2023
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Welcome to AsyncAPI. Thanks a lot for creating your first pull request. Please check out our contributors guide useful for opening a pull request.
Keep in mind there are also other channels you can use to interact with AsyncAPI community. For more details check out this issue.

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Nov 19, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@hainenber hainenber mentioned this pull request Nov 19, 2023
Closed
5 tasks
@jonaslagoni jonaslagoni changed the title chore(dep): remove unused deps to fix CVE-2020-15366 fix: remove unused deps to fix CVE-2020-15366 Nov 19, 2023
jonaslagoni
jonaslagoni approved these changes Nov 19, 2023
View reviewed changes
Copy link
Member

@jonaslagoni jonaslagoni left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @hainenber 👌

@jonaslagoni
Copy link
Member

/rtm

@asyncapi-bot asyncapi-bot merged commit dd24773 into asyncapi:master Nov 19, 2023
29 checks passed
@jonaslagoni
Copy link
Member

@all-contributors please add @hainenber for security

@allcontributors allcontributors bot mentioned this pull request Nov 19, 2023
Merged
@allcontributors AllContributors
Copy link
Contributor

@jonaslagoni

I've put up a pull request to add @hainenber! 🎉

@asyncapi-bot
Copy link
Contributor

🎉 This PR is included in version 2.1.2 🎉

The release is available on:

Your semantic-release bot 📦🚀

@hainenber
Copy link
Contributor Author

hi @jonaslagoni, sorry for digging up this thread but can you cherry-pick this PR into next-major-spec branch? This can help broadcasting the security patch to wider downstreams. Thanks!

@asyncapi-bot
Copy link
Contributor

🎉 This PR is included in version 3.0.0-next-major-spec.16 🎉

The release is available on:

Your semantic-release bot 📦🚀

This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions GitHub Actions github-actions left review comments

@jonaslagoni jonaslagoni jonaslagoni approved these changes

@magicmatatjahu magicmatatjahu Awaiting requested review from magicmatatjahu magicmatatjahu is a code owner

@smoya smoya Awaiting requested review from smoya smoya is a code owner

@asyncapi-bot-eve asyncapi-bot-eve Awaiting requested review from asyncapi-bot-eve asyncapi-bot-eve is a code owner

Assignees
No one assigned
Labels
ready-to-merge released on @next-major-spec released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hainenber @jonaslagoni @asyncapi-bot