Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade dependencies, add Go 1.19 as target #82

Merged
merged 2 commits into from
Jan 18, 2023

Conversation

Slijkhuis
Copy link
Contributor

The gopkg.in/yaml.v2 dependency triggers some security warnings (CVE-2022-28948). As far as I can see there's no feasible attack surface unless the config files are user generated input. However, you never know how this library is being used in the wild.

@Slijkhuis Slijkhuis force-pushed the upgrade-dependencies branch from 7c1aa88 to a3251f1 Compare November 11, 2022 12:44
@MichaBub
Copy link

@jinzhu please merge

@jinzhu jinzhu merged commit 934e467 into jinzhu:master Jan 18, 2023
@MichaBub MichaBub mentioned this pull request Jan 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants