search

qasaur / gremgo

A fast, efficient, and easy-to-use Go client for the Apache TinkerPop graph database stack
MIT License
98 stars 49 forks source link

Replace satori/go.uuid #53

Open hazcod opened 5 years ago

hazcod commented 5 years ago

Replace with https://github.com/gofrs/uuid since it's no longer maintained and has security vulnerability WS-2018-0594 + create a new release.

https://github.com/satori/go.uuid/issues/84

A vulnerability was found in github.com/satori/go.uuid through version v1.2.0. The UUID random generator uses Read() function which has fewer bytes than asked and might cause potential non-random UUIDs.

Publish Date: 2019-06-25

URL: WS-2018-0594

hazcod commented 5 years ago

@qasaur can this be looked at please?