Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⬆️ 🔒️ Upgrades vulnerable libraries #4742

Merged
merged 4 commits into from
Sep 13, 2023
Merged

⬆️ 🔒️ Upgrades vulnerable libraries #4742

merged 4 commits into from
Sep 13, 2023

Conversation

pcrespov
Copy link
Member

What do these changes do?

Highlights on updated libraries (only updated libraries are included)

  • #packages before: 3
  • #packages after : 5
# name before after upgrade count packages
1 certifi 2022.12.7, 2023.5.7 2023.7.22 minor 14 api-server⬆️🧪
autoscaling⬆️🧪
catalog⬆️🧪
datcore-adapter⬆️🧪
invitations⬆️🧪
resource-usage-tracker⬆️🧪
web⬆️🧪
2 cryptography 41.0.2, 41.0.1, 39.0.2, 39.0.1 41.0.3 6 api-server⬆️🧪
invitations⬆️
osparc-gateway-server⬆️
payments⬆️
web⬆️
3 websocket-client 0.59.0 1.6.1 MAJOR 1 swarm-deploy🧪

Legend:

  • ⬆️ base dependency (only services because packages are floating)
  • 🧪 test dependency
  • 🔧 tool dependency

Related issue/s

Maintenance security

@pcrespov pcrespov added this to the the nameless milestone Sep 12, 2023
@pcrespov pcrespov self-assigned this Sep 12, 2023
@codeclimate
Copy link

codeclimate bot commented Sep 12, 2023

Code Climate has analyzed commit f8f4540 and detected 0 issues on this pull request.

View more on Code Climate.

@pcrespov pcrespov enabled auto-merge (squash) September 12, 2023 22:03
@codecov
Copy link

codecov bot commented Sep 12, 2023
edited
Loading

Codecov Report

Merging #4742 (f8f4540) into master (e888d90) will increase coverage by 1.1%.
Report is 1 commits behind head on master.
The diff coverage is n/a.

❗ Current head f8f4540 differs from pull request most recent head 343f1f8. Consider uploading reports for the commit 343f1f8 to get more accurate results

Impacted file tree graph

@@           Coverage Diff            @@
##           master   #4742     +/-   ##
========================================
+ Coverage    86.1%   87.2%   +1.1%     
========================================
  Files        1081    1101     +20     
  Lines       44521   46364   +1843     
  Branches     1013     967     -46     
========================================
+ Hits        38334   40470   +2136     
+ Misses       5960    5678    -282     
+ Partials      227     216     -11
Flag Coverage Δ
integrationtests 65.2% <ø> (+5.1%) ⬆️
unittests 84.9% <ø> (+0.3%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 94 files with indirect coverage changes

@pcrespov pcrespov disabled auto-merge September 13, 2023 07:24
@pcrespov pcrespov merged commit ab5fa9a into ITISFoundation:master Sep 13, 2023
@pcrespov pcrespov deleted the maintenance/vulnerabilities branch September 13, 2023 07:25
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.8% 0.8% Duplication

@matusdrobuliak66 matusdrobuliak66 mentioned this pull request Sep 14, 2023
Closed
17 tasks
@matusdrobuliak66 matusdrobuliak66 mentioned this pull request Sep 22, 2023
Closed
50 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matusdrobuliak66 matusdrobuliak66 matusdrobuliak66 approved these changes

@sanderegg sanderegg sanderegg approved these changes

@GitHK GitHK GitHK approved these changes

@bisgaard-itis bisgaard-itis Awaiting requested review from bisgaard-itis

Assignees

@pcrespov pcrespov

Labels
None yet
Projects
None yet
Milestone
the nameless
Development

Successfully merging this pull request may close these issues.
4 participants
@pcrespov @GitHK @sanderegg @matusdrobuliak66