hunguyenaxon
commented
11 months ago Should be closed with the fix PR in https://github.com/open-telemetry/opentelemetry-swift/pull/466
Closed nahung89 closed 10 months ago
hunguyenaxon
commented
11 months ago Should be closed with the fix PR in https://github.com/open-telemetry/opentelemetry-swift/pull/466
Hi OpenTelemetry folks, I hope you are doing great.
I'm experimenting with the library and recognize the latest version 1.7.0 contains the package dependency
swift-nio-extrasver 1.10.2. This dependency has a security issue CVE-2022-3252 (link or link).I don't hesitate to make a PR to upgrade the version. Although I'm not quite sure how I can verify the impact. I'm seeing there are several test cases, perhaps it is the way? If so, how can I run those test cases to verify on my own?
Really appreciate for your effort for making this open sources and happy to contribute as well.