Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade nokogiri package (low severity vulnerability) #3829

Merged
merged 2 commits into from
Dec 5, 2024

Conversation

Ponnia-M
Copy link
Contributor

@Ponnia-M Ponnia-M commented Dec 5, 2024

What was the problem?

Secrel failed this morning due to this low severity vulnerability (nokogiri package).

How does this fix it?[^1]

An upgrade to nokogiri version 1.16.8 should prevent Secrel from failing related to this low severity vulnerability. For additional context, running bundle update nokogiri upgrades Nokogiri and its dependencies as well as other gems due to shared dependencies.

@Ponnia-M Ponnia-M requested a review from a team as a code owner December 5, 2024 17:51
Copy link
Contributor

github-actions bot commented Dec 5, 2024

Test Results

103 tests  ±0   103 ✅ ±0   15s ⏱️ -2s
 31 suites ±0     0 💤 ±0 
 31 files   ±0     0 ❌ ±0 

Results for commit a45c75f. ± Comparison against base commit 697deb3.

♻️ This comment has been updated with latest results.

Copy link
Collaborator

@gabezurita gabezurita left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@gabezurita
Copy link
Collaborator

Note: seems we have a flaky test in lint-and-test! We may want to comment it out since we're shutting down the service.

Copy link
Contributor

github-actions bot commented Dec 5, 2024

JaCoCo Test Coverage

Overall Project 68%

There is no coverage information present for the Files changed

@Ponnia-M Ponnia-M merged commit 188cf66 into develop Dec 5, 2024
16 checks passed
@Ponnia-M Ponnia-M deleted the ponnia/upgrade-nokogiri branch December 5, 2024 20:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants