Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump to viper 1.8.1 #1433

merged 1 commit into from Jun 30, 2021

Bump to viper 1.8.1 #1433

merged 1 commit into from Jun 30, 2021


Copy link

@jpmcb jpmcb commented Jun 30, 2021

This PR fixes a number of CVE and security fixes people have asked for. Viper has been bumped to 1.8.1


go list -json -m all | docker run --rm -i sonatypecommunity/nancy:v1.0.22 sleuth --skip-update-check --no-color  > vulnerabilities.txt


┃ Summary                       ┃
┃ Audited Dependencies    ┃ 150 ┃
┃ Vulnerable Dependencies ┃ 0   ┃

Closes #1386
Closes #1421

Copy link

@marckhouzam marckhouzam left a comment

This seems safe and useful

Copy link
Collaborator Author

@jpmcb jpmcb commented Jun 30, 2021

Thanks much! Merging!! 🚀

@jpmcb jpmcb merged commit 2dea4f2 into master Jun 30, 2021
12 checks passed
@jpmcb jpmcb deleted the update-deps branch Jun 30, 2021
@renovate renovate bot mentioned this pull request Jul 1, 2021
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet
Linked issues

Successfully merging this pull request may close these issues.

2 participants