search

reficio / p2-maven-plugin

Maven3 plugin that automates the third-party dependency management for Eclipse RCP
http://reficio.org
230 stars 100 forks source link

fix(deps): update dependency commons-io:commons-io to v2.7 [security] #314

Open renovate[bot] opened 1 year ago

renovate[bot] commented 1 year ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
commons-io:commons-io (source) 2.6 -> 2.7 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2021-29425

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.

Configuration

πŸ“… Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

β™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

πŸ”• Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.

codecov-commenter commented 1 year ago

Codecov Report

Base: 15.89% // Head: 15.89% // No change to project coverage :thumbsup:

Coverage data is based on head (8b9f859) compared to base (49e5d3c). Patch has no changes to coverable lines.

:mega: This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #314 +/- ## ========================================= Coverage 15.89% 15.89% Complexity 76 76 ========================================= Files 33 33 Lines 1302 1302 Branches 125 125 ========================================= Hits 207 207 Misses 1082 1082 Partials 13 13 ``` Help us with your feedback. Take ten seconds to tell us [how you rate us](https://about.codecov.io/nps?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=reficio). Have a feature suggestion? [Share it here.](https://app.codecov.io/gh/feedback/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=reficio)

:umbrella: View full report at Codecov.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.