search

TBD54566975 / web5-kt

Apache License 2.0
7 stars 9 forks source link

Issue #257 - Address sec vuln #258

Closed ALRubinger closed 4 months ago

ALRubinger commented 4 months ago

Upgrades locally:

$> ./gradlew :dependencies | grep com.nimbusds:nimbus-jose-jwt
|    +--- com.nimbusds:nimbus-jose-jwt:9.37.2
|    +--- com.nimbusds:nimbus-jose-jwt:9.37.2
|    +--- com.nimbusds:nimbus-jose-jwt:9.37.2
|    |    |    +--- com.nimbusds:nimbus-jose-jwt:9.37.2
|    |    +--- com.nimbusds:nimbus-jose-jwt:9.37.2 (*)
|    +--- com.nimbusds:nimbus-jose-jwt:9.37.2 (*)
|    +--- com.nimbusds:nimbus-jose-jwt:9.37.2
|    +--- com.nimbusds:nimbus-jose-jwt:9.37.2
|    |    |    +--- com.nimbusds:nimbus-jose-jwt:9.37.2
|    |    +--- com.nimbusds:nimbus-jose-jwt:9.37.2 (*)
|    +--- com.nimbusds:nimbus-jose-jwt:9.37.2 (*)
codecov[bot] commented 4 months ago

Codecov Report

Merging #258 (1fae629) into main (bcd8d14) will not change coverage. The diff coverage is n/a.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #258 +/- ## ======================================= Coverage 79.62% 79.62% ======================================= Files 38 38 Lines 2189 2189 Branches 316 316 ======================================= Hits 1743 1743 Misses 311 311 Partials 135 135 ``` | [Components](https://app.codecov.io/gh/TBD54566975/web5-kt/pull/258/components?src=pr&el=components&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=TBD54566975) | Coverage Δ | | |---|---|---| | [credentials](https://app.codecov.io/gh/TBD54566975/web5-kt/pull/258/components?src=pr&el=component&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=TBD54566975) | `82.14% <ø> (ø)` | | | [crypto](https://app.codecov.io/gh/TBD54566975/web5-kt/pull/258/components?src=pr&el=component&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=TBD54566975) | `44.11% <ø> (ø)` | | | [dids](https://app.codecov.io/gh/TBD54566975/web5-kt/pull/258/components?src=pr&el=component&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=TBD54566975) | `90.01% <ø> (ø)` | | | [common](https://app.codecov.io/gh/TBD54566975/web5-kt/pull/258/components?src=pr&el=component&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=TBD54566975) | `68.96% <ø> (ø)` | |
ALRubinger commented 4 months ago

Confirmed this vuln is removed in https://github.com/TBD54566975/web5-kt/actions/runs/8153599576/job/22285316826?pr=258