Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update swagger ui to version without css security issue #3226

Merged
merged 2 commits into from
Jan 6, 2020
Merged

Update swagger ui to version without css security issue #3226

merged 2 commits into from
Jan 6, 2020

Conversation

msbg
Copy link

@msbg msbg commented Jan 5, 2020

What's this PR do/fix?

Primarily updates the version of swagger-ui to the micro update that fixes the css vulnerability.
In addition fixes a failing test when the project is built on windows.

Are there unit tests? If not how should this be manually tested?

No new features - just a dependant version uptick. All existing tests pass.

Any background context you want to provide?

The reason for this update request is that I'm trying to use geode in a project, however that depends on the current release of springfox-swagger-ui. This is being flagged as a security issue due to the use of a vulnerable swagger-ui version. Once this update is included in a versioned build I'll hopefully be doing a similar update to the geode repo.

What are the relevant issues?

This issue was already raised in late November by gokumar:
#3193

@codecov
Copy link

codecov bot commented Jan 5, 2020

Codecov Report

Merging #3226 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##             master    #3226   +/-   ##
=========================================
  Coverage     92.91%   92.91%           
  Complexity     3512     3512           
=========================================
  Files           382      382           
  Lines          9330     9330           
  Branches        768      768           
=========================================
  Hits           8669     8669           
  Misses          472      472           
  Partials        189      189

@dilipkrish dilipkrish added the PR label Jan 6, 2020
@dilipkrish dilipkrish added this to the 3.0 milestone Jan 6, 2020
@dilipkrish dilipkrish merged commit f3e4f66 into springfox:master Jan 6, 2020
@dilipkrish
Copy link
Member

Closes #3193

@dilipkrish
Copy link
Member

Thank you @msbg!

@dilipkrish dilipkrish mentioned this pull request Jul 14, 2020
Closed
This was referenced Mar 18, 2021
Merged
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dilipkrish dilipkrish dilipkrish approved these changes

Assignees
No one assigned
Labels
PR
Projects
None yet
Milestone
3.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@msbg @dilipkrish @krishlakshmanan