You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After reviewing how that library is actually used in pgconn it does not appear that the issue can be triggered through pgconn. I've still upgraded the dependency anyway to make vulnerability scanners happy. But since it isn't actually a security issue I don't plan on doing a tagged release just for this.
Hello,
Our vulnerability scanner (Snyk) points that PGX and co. are vulnerable due to
golang.org/x/text
not being on the latest version0.3.7
What is the procedure going forward? Will there be a v1.11.1? Is this issue already voiced in one of the sister projects?
Cheers.
The text was updated successfully, but these errors were encountered: