observIQ’s distribution of the OpenTelemetry collector providing a simple and unified solution to collect, refine, and ship telemetry data anywhere
103
stars
27
forks
source link
fix: Address mholt/archiver CVE #1804
Closed
dpaasman00 closed 2 months ago
Proposed Change
Replaced github.com/mholt/archiver/v3 with github.com/anchore/archiver/v3 v3.5.2 to address this CVE.
Replace can be removed if/when this PR is merged. Alternatively we can remove the dependency by handling the unpack logic ourselves.
Checklist