Bug #21933: Upgrade dependencies with security reports in GitHub - Arvados

Actions

Bug #21933

closed

Upgrade dependencies with security reports in GitHub

Added by Lucas Di Pentima 7 days ago. Updated about 9 hours ago.

Status:

Resolved

Priority:

Normal

Assigned To:

Lucas Di Pentima

Category:

API

Target version:

Development 2024-07-03 sprint

Story points:

-

Release:

Release relationship:

Auto

Actions

#1

Updated by Lucas Di Pentima 7 days ago

Updates at 1f1cbc1 - branch 21933-deps-upgrade
Test run: developer-run-tests: #4315

Upgrades github.com/hashicorp/go-retryablehttp to address CVE-2024-6104
Upgrades rails to 7.0.8.4 to address CVE-2024-28103
Replaces gopkg.in/square/go-jose.v2 with gopkg.in/go-jose/go-jose.v2 v2.6.3 to address CVE-2024-28180

Actions

#2

Updated by Lucas Di Pentima 7 days ago

Status changed from In Progress to Resolved

Applied in changeset arvados|6d78d0d1784001c1b9d18229dce47aa6e15f9ab5.

Actions

#3

Updated by Peter Amstutz about 9 hours ago

Release changed from 73 to 70

Actions

Also available in: Atom PDF