fix(deps): update dependency Moq to earlier version that is not flagged

tomkerkhove / promitor

Bringing Azure Monitor metrics where you need them.

https://promitor.io

MIT License

248 stars 91 forks source link

fix(deps): update dependency Moq to earlier version that is not flagged #2489

Closed madmax1540 closed 2 months ago

madmax1540 commented 2 months ago

Fixes #

Nexus IQ scan has detected a critical vulnerability on the latest version of Moq i.e. v4.20.70. Hence reverting it until the vulnerability has been fixed.

Hence reverting it to v4.18.4.

CLAassistant commented 2 months ago

All committers have signed the CLA.

github-actions[bot] commented 2 months ago

Thank you for your contribution! 🙏 We will review it as soon as possible.

tomkerkhove commented 2 months ago

@madmax1540 can you merge master branch please?

madmax1540 commented 2 months ago

Hi @tomkerkhove ,

I have merged it now. Also, apologies for the confusion the version v4.18.4 is not flagged in Nexus IQ scan as per the scan reports on the scrapper version v2.10.1.

@madmax1540 can you merge master branch please?

tomkerkhove commented 2 months ago

/azp run Promitor CI - Scraper Agent

azure-pipelines[bot] commented 2 months ago

Azure Pipelines successfully started running 1 pipeline(s).