Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade UUID dependency #83

Closed
regonesifrancesco opened this issue Mar 2, 2022 · 1 comment
Closed

Upgrade UUID dependency #83

regonesifrancesco opened this issue Mar 2, 2022 · 1 comment
Assignees
@jinzhu

Comments

@regonesifrancesco
Copy link

regonesifrancesco commented Mar 2, 2022
edited

It would be nice and safer to use a different dependency for UUID generation, such as this https://github.com/gofrs/uuid or this https://github.com/google/uuid .

Motivation

At the moment, this driver uses a dependency that no longer seems to be maintained ( https://github.com/satori/go.uuid ), and which has some security pitfalls, as reported here .

Related Issues
@jinzhu
Copy link
Member

jinzhu commented Oct 8, 2022

Hi @regonesifrancesco

GORM doesn't rely on https://github.com/satori/go.uuid directly, and it should works with any UUID implementations that implements the Valuer, Scanner interface.

Maybe you can open an issue on pgx to ask them to upgrade the dependency.

Thank you.

@jinzhu jinzhu closed this as completed Oct 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jinzhu jinzhu

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jinzhu @regonesifrancesco