Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade stretchr/testify #59

Merged
merged 1 commit into from Aug 9, 2021
Merged

Upgrade stretchr/testify #59

merged 1 commit into from Aug 9, 2021

Conversation

ymohl-cl
Copy link
Contributor

@ymohl-cl ymohl-cl commented Aug 6, 2021

Hello,

I am working at Manomano and we use gemnasium analyser to report securities issues.

We use zap logger and goleak is a dependency of zap.logger.
This little pr purpose you to update your yaml dependency to a fixed version.
Detail report:
| Severity | Unknown |
| Identifier | |
| URL | docker/cli#2117 |
| Scanner | Gemnasium |
| Message | XML Entity Expansion in gopkg.in/yaml.v2 |
| Package | gopkg.in/yaml.v2 v2.2.1 |
| Solution | Upgrade to version 2.2.3 or above. |
| File | go.sum |

@CLAassistant
Copy link

CLAassistant commented Aug 6, 2021
edited

CLA assistant check
All committers have signed the CLA.

@ymohl-cl ymohl-cl mentioned this pull request Aug 6, 2021
Closed
@codecov
Copy link

codecov bot commented Aug 6, 2021
edited

Codecov Report

Merging #59 (c728079) into master (d36f3ae) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master      #59   +/-   ##
=======================================
  Coverage   93.27%   93.27%           
=======================================
  Files           4        4           
  Lines         119      119           
=======================================
  Hits          111      111           
  Misses          5        5           
  Partials        3        3

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d36f3ae...c728079. Read the comment docs.

abhinav
abhinav approved these changes Aug 6, 2021
View reviewed changes
Copy link
Collaborator

@abhinav abhinav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey there! Thanks for the PR. Please sign the CLA and we'll be able to merge this change.

@abhinav abhinav changed the title fix: dependencies gopkg.in/yaml Upgrade stretchr/testify Aug 6, 2021
@ymohl-cl
Copy link
Contributor Author

ymohl-cl commented Aug 9, 2021

done thanks !

@abhinav abhinav merged commit f3702fc into uber-go:master Aug 9, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@abhinav abhinav abhinav approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ymohl-cl @CLAassistant @abhinav