search

opensearch-project / opentelemetry-demo

This repository contains the OpenSearch adaptation for the OpenTelemetry Astronomy Shop, a microservice-based distributed system intended to illustrate the implementation of OpenTelemetry in a near real-world environment.
https://opentelemetry.io/docs/demo/
Apache License 2.0
15 stars 16 forks source link

chore(deps): update dependency idna to v3.7 #155

Closed mend-for-github-com[bot] closed 1 month ago

mend-for-github-com[bot] commented 1 month ago

This PR contains the following updates:

Package Update Change
idna (changelog) minor ==3.4 -> ==3.7

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score CVE
High High 7.5 CVE-2024-3651

Release Notes

kjd/idna (idna) ### [`v3.7`](https://togithub.com/kjd/idna/releases/tag/v3.7) [Compare Source](https://togithub.com/kjd/idna/compare/v3.6...v3.7) #### What's Changed - Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. \[CVE-2024-3651] Thanks to Guido Vranken for reporting the issue. **Full Changelog**: https://github.com/kjd/idna/compare/v3.6...v3.7 ### [`v3.6`](https://togithub.com/kjd/idna/compare/v3.5...v3.6) [Compare Source](https://togithub.com/kjd/idna/compare/v3.5...v3.6) ### [`v3.5`](https://togithub.com/kjd/idna/compare/v3.4...v3.5) [Compare Source](https://togithub.com/kjd/idna/compare/v3.4...v3.5)
github-actions[bot] commented 1 month ago

This PR was marked stale due to lack of activity. It will be closed in 7 days.

github-actions[bot] commented 1 month ago

Closed as inactive. Feel free to reopen if this PR is still being worked on.