codefromthecrypt
commented
6 months ago thanks for the issue. I think the best course is to do bumps all around vs just one, like this https://github.com/openzipkin/zipkin-go/pull/216
Closed mardu closed 6 months ago
codefromthecrypt
commented
6 months ago thanks for the issue. I think the best course is to do bumps all around vs just one, like this https://github.com/openzipkin/zipkin-go/pull/216
codefromthecrypt
commented
6 months ago trying to set expectations on go version prior to updates on go.mod https://github.com/openzipkin/zipkin-go/pull/220
Latest version 0.4.2 required package google.golang.org/grpc v1.57.0 has a high severity vulnerability. More information: https://github.com/advisories/GHSA-m425-mq94-257g
Proposed fix: upgrade required package google.golang.org/grpc to v1.57.1