Closed venu-prasanna-tw closed 2 years ago
Merging #220 (8ba2eb4) into master (0806351) will not change coverage. The diff coverage is
n/a
.
@@ Coverage Diff @@
## master #220 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 1 1
Lines 98 98
=========================================
Hits 98 98
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update 0806351...8ba2eb4. Read the comment docs.
@venu-prasanna-tw Thanks for your contribution.
@ubogdan any idea when this change would be released?
released.
Thank you @ubogdan !
You're welcome. 👍
We are using the latest version of [github.com/swaggo/gin-swagger@v1.5.0] which internally uses the gin-contrib/gzip library and the version is [github.com/gin-contrib/gzip@v0.0.5] in go.mod
This has introduced snyk vulnerability HTTP Response Splitting with the following path: github.com/swaggo/gin-swagger@v1.5.0 › github.com/gin-contrib/gzip@v0.0.5 › github.com/gin-gonic/gin@v1.7.4
Snyk issue link: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGINGONICGIN-1041736
In order to solve this issue I have upgraded gin-contrib/gzip to latest version.