search

adobe / aem-core-wcm-components

Standardized components to build websites with AEM.
https://docs.adobe.com/content/help/en/experience-manager-core-components/using/introduction.html
Apache License 2.0
730 stars 736 forks source link

fix(sec): upgrade com.google.guava:guava to 32.0.0-jre #2594

Closed chncaption closed 8 months ago

chncaption commented 10 months ago

What happened?

There are 1 security vulnerabilities found in com.google.guava:guava 31.1-jre

What did I do?

Upgrade com.google.guava:guava from 31.1-jre to 32.0.0-jre for vulnerability fix

What did you expect to happen?

Ideally, no insecure libs should be used.

How can we automate the detection of these types of issues?

By using the GitHub Actions configurations provided by murphysec, we can conduct automatic code security checks in our CI pipeline.

The specification of the pull request

PR Specification from OSCS

sonarcloud[bot] commented 10 months ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication