search

xmidt-org / argus

simple json database abstraction layer
Apache License 2.0
3 stars 9 forks source link

Argus package deletion #765

Open maurafortino opened 1 month ago

maurafortino commented 1 month ago

What's Included:

  1. Deleted model and chrysom packages from argus and added them to ancla
  2. Updated code to reflect the package change
  3. updated bascule dependency to latest version

https://github.com/xmidt-org/ancla/pull/230 must be merged first

guardrails[bot] commented 1 month ago

:warning: We detected 2 security issues in this pull request:

Vulnerable Libraries (2)
Severity | Details :-: | :-- High | [pkg:golang/github.com/xmidt-org/bascule@v0.11.6](https://github.com/xmidt-org/argus/blob/1e5d7b85e956dd3720e5b49551f91c2fd316c411/go.mod#L23) upgrade to: *> v0.11.6* High | [pkg:golang/github.com/xmidt-org/candlelight@v0.0.19](https://github.com/xmidt-org/argus/blob/1e5d7b85e956dd3720e5b49551f91c2fd316c411/go.mod#L24) upgrade to: *> v0.0.19* More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

guardrails[bot] commented 1 month ago

:warning: We detected 1 security issue in this pull request:

Vulnerable Libraries (1)
Severity | Details :-: | :-- Medium | [pkg:golang/github.com/aws/aws-sdk-go@v1.54.19](https://github.com/xmidt-org/argus/blob/ccf4136ee5609e49b770611eb2a1fed058e96e3f/go.sum#L78) - **no patch available** More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

guardrails[bot] commented 1 month ago

:warning: We detected 6 security issues in this pull request:

Vulnerable Libraries (6)
Severity | Details :-: | :-- High | [pkg:golang/github.com/xmidt-org/ancla@v0.3.13-0.20240718193746-a3cd5a39560c](https://github.com/xmidt-org/argus/blob/2c70ec80c75645cd9928bdfd52027bd88c35a48e/go.mod#L36) upgrade to: *> v0.3.13-0.20240718193746-a3cd5a39560c* Medium | [pkg:golang/github.com/aws/aws-sdk-go@v1.54.19](https://github.com/xmidt-org/argus/blob/2c70ec80c75645cd9928bdfd52027bd88c35a48e/go.mod#L8) - **no patch available** High | [pkg:golang/github.com/xmidt-org/bascule@v0.11.7](https://github.com/xmidt-org/argus/blob/2c70ec80c75645cd9928bdfd52027bd88c35a48e/go.mod#L23) upgrade to: *> v0.11.7* High | [pkg:golang/go.uber.org/fx@v1.22.0](https://github.com/xmidt-org/argus/blob/2c70ec80c75645cd9928bdfd52027bd88c35a48e/go.mod#L30) upgrade to: *> v1.22.0* High | [pkg:golang/github.com/prometheus/client_golang@v1.19.1](https://github.com/xmidt-org/argus/blob/2c70ec80c75645cd9928bdfd52027bd88c35a48e/go.mod#L17) upgrade to: *> v1.19.1* High | [pkg:golang/github.com/xmidt-org/candlelight@v0.0.19](https://github.com/xmidt-org/argus/blob/2c70ec80c75645cd9928bdfd52027bd88c35a48e/go.mod#L24) upgrade to: *> v0.0.19* More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

maurafortino commented 1 month ago

do we want to merge into main or into a test branch?