We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Thank you for releasing dagger 2.49. Any plan for addressing CVE-2976?
The text was updated successfully, but these errors were encountered:
It looks like these vulnerabilities come from our Guava dependency (https://mvnrepository.com/artifact/com.google.guava/guava). Unfortunately due to some complexity in our implementation, our Guava version is actually tied to the version that Bazel uses when we build. Looking at their code, it seems they are not on a version high enough yet to not include those vulnerabilities https://github.com/bazelbuild/bazel/blob/1533cd123fa465480bbbcd4bdd2b438ebc5fb9eb/MODULE.bazel#L94. So I think this will take some time to resolve.
Sorry, something went wrong.
No branches or pull requests
Thank you for releasing dagger 2.49.
Any plan for addressing CVE-2976?
The text was updated successfully, but these errors were encountered: