chore: Security upgrade io.grpc:grpc-protobuf from 1.48.1 to 1.48.2 #114
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@justinabrahms FYI, Synk opened this PR on your behalf. Are you okay with this? If so, can we configure Synk to open PRs with |
|
No setting for that. I've reached out to their support. |
toddbaert
force-pushed
the
snyk-fix-5695864516d1fc7965d14e92d8e67243
branch
from
0ff75ff to
2799e52
Compare
toddbaert
changed the title
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 Signed-off-by: Todd Baert <toddbaert@gmail.com>
toddbaert
force-pushed
the
snyk-fix-5695864516d1fc7965d14e92d8e67243
branch
from
2799e52 to
7e44b9a
Compare
toddbaert
approved these changes
Oct 13, 2022
toddbaert
added a commit
to toddbaert/java-sdk-contrib
that referenced
this pull request
Nov 1, 2022
* feat!: migrate to sdk 0.5.0
DBlanchard88
pushed a commit
to DBlanchard88/java-sdk-contrib
that referenced
this pull request
Apr 29, 2024
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Justin Abrahms <jabrahms@ebay.com>
DBlanchard88
pushed a commit
to DBlanchard88/java-sdk-contrib
that referenced
this pull request
Apr 29, 2024
* chore: add integration tests (open-feature#77) * chore: add integration tests Signed-off-by: Todd Baert <toddbaert@gmail.com> * improve POM spacing Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(main): release dev.openfeature.javasdk 0.2.2 (open-feature#76) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * feat!: errorCode as enum, reason as string (open-feature#80) * feat!: errorCode as enum, reason as string - makes errorCode an enum - makes reason a string - adds errorMessage to resolution/evaluation details Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: add CODEOWNERS (open-feature#85) Create CODEOWNERS refs open-feature/java-sdk#83 Signed-off-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: Configure Renovate (open-feature#86) chore(deps): add renovate.json Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency com.github.spotbugs:spotbugs to v4.7.2 (open-feature#87) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency com.github.spotbugs:spotbugs-maven-plugin to v4.7.2.0 (open-feature#88) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.4.1 (open-feature#90) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency org.sonatype.plugins:nexus-staging-maven-plugin to v1.6.13 (open-feature#91) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * fix(deps): update junit5 monorepo (open-feature#92) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency org.apache.maven.plugins:maven-pmd-plugin to v3.19.0 (open-feature#97) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * fix(deps): update dependency io.cucumber:cucumber-bom to v7.8.0 (open-feature#100) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency org.mockito:mockito-core to v4.8.0 (open-feature#99) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update codecov/codecov-action action to v3 (open-feature#102) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency org.apache.maven.plugins:maven-gpg-plugin to v1.6 (open-feature#96) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency org.apache.maven.plugins:maven-source-plugin to v3 (open-feature#105) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.10.1 (open-feature#95) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency org.apache.maven.plugins:maven-gpg-plugin to v3 (open-feature#104) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency org.apache.maven.plugins:maven-checkstyle-plugin to v3.2.0 (open-feature#94) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update actions/cache action to v3 (open-feature#101) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency com.puppycrawl.tools:checkstyle to v8.45.1 (open-feature#93) * chore(deps): update dependency com.puppycrawl.tools:checkstyle to v8.45.1 * scope property went away in the latest version jshiell/checkstyle-idea#525 (comment) Signed-off-by: Justin Abrahms <jabrahms@ebay.com> * scope wasn't deleted on the other one Signed-off-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Justin Abrahms <jabrahms@ebay.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * refactor!: Change the package name. Everyone knows it's java (or it doesn't matter) (open-feature#111) * Change the package name. Everyone knows it's java (or it doesn't matter) Fixes open-feature#82 Signed-off-by: Justin Abrahms <justin@abrah.ms> * Missed 2 strings Signed-off-by: Justin Abrahms <justin@abrah.ms> * remove broken flagd import until changes absorbed Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Justin Abrahms <justin@abrah.ms> Signed-off-by: Todd Baert <toddbaert@gmail.com> Co-authored-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: Write perms should be as tightly scoped as possible. (open-feature#107) * Add a dependabot file to keep deps up to date Signed-off-by: Justin Abrahms <justin@abrah.ms> * Move write permissions to the specific job, rather than globally Signed-off-by: Justin Abrahms <justin@abrah.ms> * Run code scanning (slow auto-build) weekly Signed-off-by: Justin Abrahms <justin@abrah.ms> Signed-off-by: Justin Abrahms <justin@abrah.ms> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: fix dependabot pr titles (open-feature#118) Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: Bump cucumber-bom from 7.8.0 to 7.8.1 (open-feature#115) Bump cucumber-bom from 7.8.0 to 7.8.1 Bumps [cucumber-bom](https://github.com/cucumber/cucumber-jvm) from 7.8.0 to 7.8.1. - [Release notes](https://github.com/cucumber/cucumber-jvm/releases) - [Changelog](https://github.com/cucumber/cucumber-jvm/blob/main/CHANGELOG.md) - [Commits](cucumber/cucumber-jvm@v7.8.0...v7.8.1) --- updated-dependencies: - dependency-name: io.cucumber:cucumber-bom dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: add SAST scanning (open-feature#108) * add SAST scanning Refs open-feature#84 Signed-off-by: Justin Abrahms <justin@abrah.ms> * Java scanning only Signed-off-by: Justin Abrahms <justin@abrah.ms> * Try codeql on the normal build to see how much longer it is. Signed-off-by: Justin Abrahms <justin@abrah.ms> Signed-off-by: Justin Abrahms <justin@abrah.ms> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * feat!: use evaluation context interface (open-feature#112) * POC - use evaluation context interface Signed-off-by: Todd Baert <toddbaert@gmail.com> * make .merge non-static Signed-off-by: Todd Baert <toddbaert@gmail.com> * improve naming Signed-off-by: Todd Baert <toddbaert@gmail.com> * add @OverRide Signed-off-by: Todd Baert <toddbaert@gmail.com> * Update src/main/java/dev/openfeature/sdk/EvaluationContext.java Co-authored-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Todd Baert <toddbaert@gmail.com> * Update src/main/java/dev/openfeature/sdk/MutableContext.java Co-authored-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Todd Baert <toddbaert@gmail.com> * address PR feedback Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Todd Baert <toddbaert@gmail.com> Co-authored-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * feat: Support for generating CycloneDX sboms (open-feature#119) Signed-off-by: Justin Abrahms <justin@abrah.ms> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: [StepSecurity] ci: Harden GitHub Actions (open-feature#120) * [StepSecurity] ci: Harden GitHub Actions in release.yml * [StepSecurity] ci: Harden GitHub Actions in static-code-scanning.yaml * [StepSecurity] ci: Harden GitHub Actions in lint-pr.yml * [StepSecurity] ci: Harden GitHub Actions in merge.yml * [StepSecurity] ci: Harden GitHub Actions in pullrequest.yml Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: I don't think we use that permission? (open-feature#123) I don't think we use that permission? Signed-off-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: Document where to find our SBOMs (open-feature#124) Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update actions/cache digest to a3f5edc (open-feature#121) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update actions/setup-java digest to e150063 (open-feature#125) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: Remove more perms (open-feature#130) Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency org.cyclonedx:cyclonedx-maven-plugin to v2.7.1 (open-feature#128) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update github/codeql-action digest to 3d39294 (open-feature#127) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update codecov/codecov-action digest to e0fbd59 (open-feature#126) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: Bump actions/checkout from 3.0.2 to 3.1.0 (open-feature#139) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@2541b12...93ea575) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: Bump actions/setup-java from e150063ee446b60ce2e35b040e81846da9001576 to a82e6d00200608b0b4c131bc9a89f7349786bd33 (open-feature#140) chore: Bump actions/setup-java Bumps [actions/setup-java](https://github.com/actions/setup-java) from e150063ee446b60ce2e35b040e81846da9001576 to a82e6d00200608b0b4c131bc9a89f7349786bd33. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@e150063...a82e6d0) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: bump spotbugs-maven-plugin from 4.7.2.0 to 4.7.2.1 (open-feature#136) Bumps [spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.7.2.0 to 4.7.2.1. - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.7.2.0...spotbugs-maven-plugin-4.7.2.1) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: exclude component in git tag (open-feature#143) Signed-off-by: Michael Beemer <beeme1mr@users.noreply.github.com> Signed-off-by: Michael Beemer <beeme1mr@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update dependency org.cyclonedx:cyclonedx-maven-plugin to v2.7.2 (open-feature#141) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * feat!: add rw locks to client/api, hook accessor name (open-feature#131) * fix: add read/write locks to client/api Signed-off-by: Todd Baert <toddbaert@gmail.com> * dont lock entire evaluation Signed-off-by: Todd Baert <toddbaert@gmail.com> * add tests Signed-off-by: Todd Baert <toddbaert@gmail.com> * fixup comment Signed-off-by: Todd Baert <toddbaert@gmail.com> * fixup pom comment Signed-off-by: Todd Baert <toddbaert@gmail.com> * increase lock granularity, imporove tests Signed-off-by: Todd Baert <toddbaert@gmail.com> * fix spotbugs Signed-off-by: Todd Baert <toddbaert@gmail.com> * remove commented test Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update actions/setup-java digest to 3617c43 (open-feature#132) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update amannn/action-semantic-pull-request digest to b314c1b (open-feature#135) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: Remove dependabot. I like renovate better (open-feature#142) Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update amannn/action-semantic-pull-request digest to 7c194c2 (open-feature#144) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update github/codeql-action digest to 44edb7c (open-feature#133) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update actions/checkout digest to 8230315 (open-feature#122) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(main): release 0.3.0 (open-feature#114) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: re-enable integration tests (open-feature#146) Update test harness and re-enable integration test profile Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update actions/cache digest to 9b0c1fc (open-feature#145) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * fix: merge eval context (open-feature#149) fix merge eval context Signed-off-by: Robert Grassian <robert.grassian@split.io> Signed-off-by: Robert Grassian <robert.grassian@split.io> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(main): release 0.3.1 (open-feature#150) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update github/codeql-action digest to 297ec80 (open-feature#147) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: update test/spec association numbers, badge (open-feature#156) * chore: update test/spec association numbers Signed-off-by: Todd Baert <toddbaert@gmail.com> * chore: update spec tag Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update actions/cache digest to 2b04a41 (open-feature#158) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(security): [Snyk] Security upgrade com.github.spotbugs:spotbugs from 4.7.2 to 4.7.3 (open-feature#157) fix: pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-3043138 Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: Add docs link (open-feature#165) Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore: Mark project as active. (open-feature#167) Mark project as active. Signed-off-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(main): release 1.0.0 (open-feature#168) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * chore(deps): update actions/cache digest to 8bec1e4 (open-feature#159) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> * changes spotbug scope to provided. Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> Signed-off-by: Todd Baert <toddbaert@gmail.com> Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com> Signed-off-by: Justin Abrahms <jabrahms@ebay.com> Signed-off-by: Justin Abrahms <justin@abrah.ms> Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Michael Beemer <beeme1mr@users.noreply.github.com> Signed-off-by: Robert Grassian <robert.grassian@split.io> Signed-off-by: Pramesh <p_bhandari@hotmail.com> Co-authored-by: Todd Baert <toddbaert@gmail.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Justin Abrahms <jabrahms@ebay.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Step Security Bot <bot@stepsecurity.io> Co-authored-by: Michael Beemer <beeme1mr@users.noreply.github.com> Co-authored-by: Robert Grassian <89157164+rgrassian-split@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Recently disclosed, Has a fix available, CVSS 5.7
SNYK-JAVA-COMGOOGLEPROTOBUF-3040284
io.grpc:grpc-protobuf:1.48.1 -> 1.48.2(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Denial of Service (DoS)