Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PLAT-10389: Upgrade dependencies #100

Merged
merged 1 commit into from
Jan 18, 2021
Merged

PLAT-10389: Upgrade dependencies #100

merged 1 commit into from
Jan 18, 2021

Conversation

symphony-youri
Copy link
Contributor

Ticket

PLAT-10389

Description

Snyk reported a vulnerability introduce by 'cryptography'
(https://app.snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-1022152), upgrade the
dependency.

Also update rsa, reported by Snyk CLI.

snyk test --command=python3 does not report any high vulnerability
anymore.

Difficult to test automatically (cert auth) so I just checked manually.

Dependencies

List the other pull requests that should be merged before/along this one.

Checklist

  • Referenced a ticket in the PR title and in the corresponding section
  • Filled properly the description and dependencies, if any
  • [-] Unit tests updated or added
  • [-] Docstrings added or updated
  • [-] Updated the documentation in docs folder

@symphony-youri
PLAT-10389: Upgrade dependencies
81a0da3 
Snyk reported a vulnerability introduce by 'cryptography'
(https://app.snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-1022152), upgrade the
dependency.

Also update rsa, reported by Snyk CLI.

snyk test --command=python3 does not report any high vulnerability
anymore.

Difficult to test automatically (cert auth) so I just checked manually.
@symphony-youri symphony-youri requested a review from a team January 18, 2021 09:19
symphony-elias
symphony-elias approved these changes Jan 18, 2021
View reviewed changes
Copy link
Contributor

@symphony-elias symphony-elias left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

symphony-hong
symphony-hong approved these changes Jan 18, 2021
View reviewed changes
Copy link
Contributor

@symphony-hong symphony-hong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@symphony-youri symphony-youri merged commit 8b03d1e into finos:master Jan 18, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@symphony-hong symphony-hong symphony-hong approved these changes

@symphony-elias symphony-elias symphony-elias approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@symphony-youri @symphony-hong @symphony-elias