Closed h1alexbel closed 5 months ago
All modified and coverable lines are covered by tests :white_check_mark:
Comparison is base (
15ff8e9
) 67.18% compared to head (ccf4e15
) 67.18%.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
@rultor merge
Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.
:sparkles: Snyk has automatically assigned this pull request, set who gets assigned.
As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Has a fix available, CVSS 7.1
SNYK-JAVA-CHQOSLOGBACK-6094942
ch.qos.logback:logback-classic:
1.4.8 -> 1.4.14
Why? Has a fix available, CVSS 7.1
SNYK-JAVA-CHQOSLOGBACK-6094943
ch.qos.logback:logback-classic:
1.4.8 -> 1.4.14
Why? Has a fix available, CVSS 7.1
SNYK-JAVA-CHQOSLOGBACK-6097492
ch.qos.logback:logback-classic:
1.4.8 -> 1.4.14
Why? Has a fix available, CVSS 7.1
SNYK-JAVA-CHQOSLOGBACK-6097493
ch.qos.logback:logback-classic:
1.4.8 -> 1.4.14
Why? Has a fix available, CVSS 3.3
SNYK-JAVA-COMGOOGLEGUAVA-5710356
(*) Note that the real score may have changed since the PR was raised.
Vulnerabilities that could not be fixed
com.jcabi:jcabi-github@1.3.2
tocom.jcabi:jcabi-github@1.7.0
; Reasoncould not apply upgrade, dependency is managed externally
; Location:https://maven-central.storage-download.googleapis.com/maven2/com/jcabi/parent/0.65.0/parent-0.65.0.pom
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: đ§ View latest project report
đŠâđť Set who automatically gets assigned
đ Adjust project settings
đ Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
đŚ Denial of Service (DoS) đŚ Creation of Temporary File in Directory with Insecure Permissions
PR-Codex overview
This PR focuses on updating the versions of various dependencies in the
pom.xml
file.Detailed summary
logback-classic
version from1.4.8
to1.4.14
jackson-dataformat-yaml
version from2.16.1
to2.16.1
Saxon-HE
version from12.4
to12.4