Update logback to 1.3.11 and log4jOverSlf4j to 2.0.7

skrapeit / skrape.it

A Kotlin-based testing/scraping/parsing library providing the ability to analyze and extract data from HTML (server & client-side rendered). It places particular emphasis on ease of use and a high level of readability by providing an intuitive DSL. It aims to be a testing lib, but can also be used to scrape websites in a convenient fashion.

https://docs.skrape.it

MIT License

790 stars 57 forks source link

Update logback to 1.3.11 and log4jOverSlf4j to 2.0.7 #229

Closed BarbieCue closed 11 months ago

BarbieCue commented 11 months ago

My IDE powered code scan reports a vulnerable transitive dependency when using skrapeit.

For skrapeit:1.3.0-alpha.1 but also for older versions. A look behind the scenes shows that logback can be easily updated, which should prevent this circumstance.

Logback News: https://logback.qos.ch/news.html

codecov[bot] commented 11 months ago

Codecov Report

Merging #229 (fc3d226) into master (408f8e2) will not change coverage. The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #229   +/-   ##
=======================================
  Coverage   81.05%   81.05%           
=======================================
  Files          39       39           
  Lines        1171     1171           
  Branches      180      180           
=======================================
  Hits          949      949           
  Misses        161      161           
  Partials       61       61