Due to CWE-400 (DOS) and CWE-476 (Null Ptr Derefence) please update Testify

sirupsen / logrus

Structured, pluggable logging for Go.

MIT License

24.76k stars 2.27k forks source link

Due to CWE-400 (DOS) and CWE-476 (Null Ptr Derefence) please update Testify #1354

Closed rohanthewiz closed 1 year ago

rohanthewiz commented 2 years ago

The testify package 1.7.0 included in your 1.9.0 has a Denial of Service and a Null Pointer Deference (thanks to Snyk). Please update to at least Testify 1.7.5 to fix these. Thanks.

CWE-400 CWE-476

Introduced through: ... github.com/sirupsen/logrus@v1.9.0 › github.com/stretchr/testify@v1.7.0 › gopkg.in/yaml.v3@v3.0.0-20200313102051-9f266ea9e77c

github-actions[bot] commented 1 year ago

This issue is stale because it has been open for 30 days with no activity.

github-actions[bot] commented 1 year ago

This issue was closed because it has been inactive for 14 days since being marked as stale.