search

guardian / typerighter

Even if you’re the right typer, couldn’t hurt to use Typerighter!
Apache License 2.0
276 stars 12 forks source link

Bump Scala dependencies to solve vulnerabilities #472

Closed rhystmills closed 4 months ago

rhystmills commented 4 months ago

What does this change?

This bumps some Scala package versions in Typerighter to resolve some high priority vulnerabilities. According to Snyk, this drops the number of high priority backend vulnerabilities from 7 to 1.

Snyk runs for commits in this PR, from newest to oldest:

image

The remaining vulnerability seems to be unsolved in the latest version of Play.

How to test

  1. Does the app compile, and do the tests pass?
  2. Deploy to CODE. Does the app work as expected? (Does the rule manager work, can you get matches in CODE Composer?
rhystmills commented 4 months ago

(Tested Rule Manager and Checker on CODE, also logs - all working well)

prout-bot commented 4 months ago

Seen on Rule Manager (merged by @rhystmills 12 minutes and 38 seconds ago) Please check your changes!

prout-bot commented 4 months ago

Overdue on Checker (merged by @rhystmills 15 minutes and 3 seconds ago) What's gone wrong?