Skip to content

Upgrade dependencies to fix SCA vulnerability issues #178

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
kerenr-jfrog merged 2 commits into from
Sep 1, 2025
Merged

Upgrade dependencies to fix SCA vulnerability issues #178

kerenr-jfrog merged 2 commits into from
Sep 1, 2025

Conversation

@kerenr-jfrog
Copy link
Contributor

@kerenr-jfrog kerenr-jfrog commented Aug 24, 2025
edited
Loading

  • All tests passed. If this feature is not already covered by the tests, I added new tests.
  • Upgrade project dependencies for resolving vulnerability issues:
    opencsv -> 5.11.1
    commons-io -> 2.20.0

@kerenr-jfrog kerenr-jfrog added the safe to test run tests label Aug 24, 2025
@github-actions github-actions bot removed the safe to test run tests label Aug 24, 2025
@kerenr-jfrog kerenr-jfrog marked this pull request as ready for review August 25, 2025 06:37
@kerenr-jfrog kerenr-jfrog added the dependencies Pull requests that update a dependency file label Aug 25, 2025
@kerenr-jfrog kerenr-jfrog changed the title fix sca vulnerability issues Upgrade dependencies to fix SCA vulnerability issues Aug 25, 2025
attiasas
attiasas reviewed Sep 1, 2025
View reviewed changes
Copy link
Contributor

@attiasas attiasas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe try latest versions?

@kerenr-jfrog kerenr-jfrog added the safe to test run tests label Sep 1, 2025
@github-actions github-actions bot removed safe to test run tests labels Sep 1, 2025
@github-actions
Copy link

github-actions bot commented Sep 1, 2025

👍 Frogbot scanned this pull request and did not find any new security issues.

attiasas
attiasas approved these changes Sep 1, 2025
View reviewed changes
Copy link
Contributor

@attiasas attiasas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kerenr-jfrog kerenr-jfrog merged commit 64ab4cc into jfrog:master Sep 1, 2025
20 checks passed
@kerenr-jfrog kerenr-jfrog deleted the fix-vulnerability-issues branch September 1, 2025 10:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@attiasas attiasas attiasas approved these changes

@hadarshjfrog hadarshjfrog Awaiting requested review from hadarshjfrog

@eyalk007 eyalk007 Awaiting requested review from eyalk007

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kerenr-jfrog @attiasas