Force using snakeyaml version 1.32 to fix CVE issue #535
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Angie Zhang <[email protected]>
added 3 commits
October 3, 2022 13:34
Signed-off-by: Angie Zhang <[email protected]>
Signed-off-by: Angie Zhang <[email protected]>
Signed-off-by: Angie Zhang <[email protected]>
praveensameneni
previously approved these changes
Oct 3, 2022
khushbr
previously approved these changes
Oct 3, 2022
Signed-off-by: Angie Zhang <[email protected]>
Angie-Zhang
dismissed stale reviews from khushbr and praveensameneni
via
851f832
added 4 commits
October 3, 2022 17:44
Signed-off-by: Angie Zhang <[email protected]>
Signed-off-by: Angie Zhang <[email protected]>
Signed-off-by: Angie Zhang <[email protected]>
Signed-off-by: Angie Zhang <[email protected]>
deshsidd
previously approved these changes
Oct 4, 2022
praveensameneni
previously approved these changes
Oct 4, 2022
Signed-off-by: Angie Zhang <[email protected]>
Angie-Zhang
dismissed stale reviews from praveensameneni and deshsidd
via
f93ee3c
Signed-off-by: Angie Zhang <[email protected]>
bowenlan-amzn
previously approved these changes
Oct 4, 2022
praveensameneni
previously approved these changes
Oct 4, 2022
deshsidd
previously approved these changes
Oct 4, 2022
Signed-off-by: Angie Zhang <[email protected]>
Angie-Zhang
dismissed stale reviews from deshsidd, praveensameneni, and bowenlan-amzn
via
34f2bab
added 4 commits
October 4, 2022 10:31
Signed-off-by: Angie Zhang <[email protected]>
Signed-off-by: Angie Zhang <[email protected]>
Signed-off-by: Angie Zhang <[email protected]>
deshsidd
approved these changes
Oct 4, 2022
bowenlan-amzn
approved these changes
Oct 4, 2022
|
The backport to To backport manually, run these commands in your terminal: # Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-1.x 1.x
# Navigate to the new working tree
cd .worktrees/backport-1.x
# Create a new branch
git switch --create backport/backport-535-to-1.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 b72eeaa7c54c1a55d167a8a29d3f4bef18df9ca8
# Push it to GitHub
git push --set-upstream origin backport/backport-535-to-1.x
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-1.xThen, create a pull request where the |
deshsidd
pushed a commit
to deshsidd/index-management
that referenced
this pull request
Oct 4, 2022
…ct#535) * Force using snakeyaml version 1.32 to fix CVE issue Signed-off-by: Angie Zhang <[email protected]> * Force using snakeyaml version 1.32 to fix CVE issue Signed-off-by: Angie Zhang <[email protected]> * Force using snakeyaml version 1.32 to fix CVE issue Signed-off-by: Angie Zhang <[email protected]> * Force using snakeyaml version 1.32 to fix CVE issue Signed-off-by: Angie Zhang <[email protected]> * Kotlin version upgrade compatibility and jackson version upgrade Signed-off-by: Angie Zhang <[email protected]> * Kotlin version upgrade compatibility Signed-off-by: Angie Zhang <[email protected]> * detekt error fixing Signed-off-by: Angie Zhang <[email protected]> * Update detekt setting Signed-off-by: Angie Zhang <[email protected]> * Update detekt setting Signed-off-by: Angie Zhang <[email protected]> * Update gradle typo Signed-off-by: Angie Zhang <[email protected]> * Fix ktlint Signed-off-by: Angie Zhang <[email protected]> * Update gradle Signed-off-by: Angie Zhang <[email protected]> * Update gradle Signed-off-by: Angie Zhang <[email protected]> * Fix build.gradle Signed-off-by: Angie Zhang <[email protected]> * Fix jacoco tool version Signed-off-by: Angie Zhang <[email protected]> Signed-off-by: Angie Zhang <[email protected]> (cherry picked from commit b72eeaa) Signed-off-by: Siddhant Deshmukh [email protected]
Angie-Zhang
pushed a commit
that referenced
this pull request
Oct 4, 2022
) * Force using snakeyaml version 1.32 to fix CVE issue (#535) * Force using snakeyaml version 1.32 to fix CVE issue Signed-off-by: Angie Zhang <[email protected]> * Force using snakeyaml version 1.32 to fix CVE issue Signed-off-by: Angie Zhang <[email protected]> * Force using snakeyaml version 1.32 to fix CVE issue Signed-off-by: Angie Zhang <[email protected]> * Force using snakeyaml version 1.32 to fix CVE issue Signed-off-by: Angie Zhang <[email protected]> * Kotlin version upgrade compatibility and jackson version upgrade Signed-off-by: Angie Zhang <[email protected]> * Kotlin version upgrade compatibility Signed-off-by: Angie Zhang <[email protected]> * detekt error fixing Signed-off-by: Angie Zhang <[email protected]> * Update detekt setting Signed-off-by: Angie Zhang <[email protected]> * Update detekt setting Signed-off-by: Angie Zhang <[email protected]> * Update gradle typo Signed-off-by: Angie Zhang <[email protected]> * Fix ktlint Signed-off-by: Angie Zhang <[email protected]> * Update gradle Signed-off-by: Angie Zhang <[email protected]> * Update gradle Signed-off-by: Angie Zhang <[email protected]> * Fix build.gradle Signed-off-by: Angie Zhang <[email protected]> * Fix jacoco tool version Signed-off-by: Angie Zhang <[email protected]> Signed-off-by: Angie Zhang <[email protected]> (cherry picked from commit b72eeaa) Signed-off-by: Siddhant Deshmukh [email protected] * Force snakeyml 1.32 in spi/build Signed-off-by: Siddhant Deshmukh <[email protected]> * Fix typo Signed-off-by: Siddhant Deshmukh <[email protected]> Signed-off-by: Siddhant Deshmukh [email protected] Signed-off-by: Siddhant Deshmukh <[email protected]> Co-authored-by: Angie Zhang <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Angie Zhang [email protected]
Issue #, if available:
#493
#525
Description of changes:
CheckList:
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.