You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I don't know what to do, because the xcpretty project is dead i think? There are no changes since 2018
and the active pull request with the update of rouge is open since end of 2022 xcpretty/xcpretty#383
Command executed
Not relevant.
Complete output when running fastlane, including the stack trace and command used
Not relevant
Environment
Not relevant
The text was updated successfully, but these errors were encountered:
It seems like you have not included the output of fastlane env
To make it easier for us help you resolve this issue, please update the issue to include the output of fastlane env 👍
FYI: xcpretty is now at 0.4.0 containing the needed update for rouge to fix the vulnerability.
I'm not sure what exactly I need to update within fastlane to just use the new xcpretty version, but maybe some of the existing contributors could help with this?
New Issue Checklist
Issue Description
The fastlane release 2.212.1 is conusming xcpretty 0.3.0
https://github.com/fastlane/fastlane/blob/master/Gemfile.lock
xcpretty 0.3.0 is conusming rouge 2.0.7 and this version has vulnerabilities
https://ossindex.sonatype.org/vulnerability/sonatype-2021-4771?component-type=gem&component-name=rouge&utm_source=dependency-track&utm_medium=integration&utm_content=v4.5.0
I don't know what to do, because the xcpretty project is dead i think? There are no changes since 2018
and the active pull request with the update of rouge is open since end of 2022
xcpretty/xcpretty#383
Command executed
Not relevant.
Complete output when running fastlane, including the stack trace and command used
Environment
The text was updated successfully, but these errors were encountered: