search

spotify / missinglink

Build time tool for detecting link problems in java projects
Apache License 2.0
146 stars 27 forks source link

[Snyk] Upgrade org.apache.maven:maven-plugin-api from 3.8.6 to 3.8.7 #294

Closed perploug closed 1 year ago

perploug commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade org.apache.maven:maven-plugin-api from 3.8.6 to 3.8.7.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **1 version** ahead of your current version. - The recommended version was released **2 months ago**, on 2022-12-24. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Directory Traversal
[SNYK-JAVA-COMMONSIO-1277109](https://snyk.io/vuln/SNYK-JAVA-COMMONSIO-1277109) | **436/1000**
**Why?** Mature exploit, CVSS 5.3 | Mature (*) Note that the real score may have changed since the PR was raised.
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: šŸ§ [View latest project report](https://app.snyk.io/org/spotify-foss/project/65961db5-08bc-464e-9b89-9f60d07ad594?utm_source=github&utm_medium=referral&page=upgrade-pr) šŸ›  [Adjust upgrade PR settings](https://app.snyk.io/org/spotify-foss/project/65961db5-08bc-464e-9b89-9f60d07ad594/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) šŸ”• [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/spotify-foss/project/65961db5-08bc-464e-9b89-9f60d07ad594/settings/integration?pkg=org.apache.maven:maven-plugin-api&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
codecov[bot] commented 1 year ago

Codecov Report

Merging #294 (63e0d88) into master (18790e4) will increase coverage by 4.49%. The diff coverage is n/a.

@@             Coverage Diff              @@
##             master     #294      +/-   ##
============================================
+ Coverage     80.71%   85.20%   +4.49%     
- Complexity      231      237       +6     
============================================
  Files            23       23              
  Lines           871      872       +1     
  Branches        104      104              
============================================
+ Hits            703      743      +40     
+ Misses          129       92      -37     
+ Partials         39       37       -2
Impacted Files Coverage Ī”
.../java/com/spotify/missinglink/ConflictChecker.java 87.17% <0.00%> (+0.64%) :arrow_up:
.../java/com/spotify/missinglink/maven/CheckMojo.java 90.07% <0.00%> (+0.83%) :arrow_up:
...n/java/com/spotify/missinglink/ArtifactLoader.java 81.08% <0.00%> (+1.35%) :arrow_up:
...otify/missinglink/datamodel/MethodDescriptors.java 86.20% <0.00%> (+6.89%) :arrow_up:
...ava/com/spotify/missinglink/Java9ModuleLoader.java 78.57% <0.00%> (+78.57%) :arrow_up:

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.