search

syndesisio / syndesis

This project is archived. A flexible, customizable, open source platform that provides core integration capabilities as a service.
https://syndesis.io/
Apache License 2.0
598 stars 202 forks source link

fix(sec): upgrade golang.org/x/net to 0.7.0 #10003

Closed ChengDaqi2023 closed 1 year ago

ChengDaqi2023 commented 1 year ago

What happened?

There are 1 security vulnerabilities found in golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297

What did I do?

Upgrade golang.org/x/net from v0.0.0-20190827160401-ba9fcec4b297 to 0.7.0 for vulnerability fix

What did you expect to happen?

Ideally, no insecure libs should be used.

How can we automate the detection of these types of issues?

By using the GitHub Actions configurations provided by murphysec, we can conduct automatic code security checks in our CI pipeline.

The specification of the pull request

PR Specification from OSCS