zmstone
commented
1 year ago or is it really necessary to commit a rebar3 binary in git repo at all?
Closed lafirest closed 1 year ago
zmstone
commented
1 year ago or is it really necessary to commit a rebar3 binary in git repo at all?
benoitc
commented
1 year ago Embedded rebar3 is normally only used for the CI normally. The issue is that new rebar3 bin doesn't support all versions of erlang. It's planned to update it for the newt release.
Can anyone point me to the commit that fixed this "issue" in rebar3 ?
benoitc
commented
1 year ago not needed anymore : bbe73c85012b8862786b0a9e28a10ea6a9a9003d
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification(CVE-2020-13802)