Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump webrick to resolve security vulnerability alert #358

Merged
merged 1 commit into from
Oct 9, 2024
Merged

Bump webrick to resolve security vulnerability alert #358

merged 1 commit into from
Oct 9, 2024

Conversation

JacobEvelyn
Copy link
Member

This commit bumps the webrick dependency to resolve CVE-2024-47220. This vulnerability is not a risk for memo_wise users because webrick is only used for development of this gem, but it's simple to update so we're doing so.

Before merging:

  • Copy the table printed at the end of the latest benchmark results into the README.md and update this PR
  • If this change merits an update to CHANGELOG.md, add an entry following Keep a Changelog guidelines with semantic versioning

@codecov Codecov
Copy link

codecov bot commented Oct 9, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (ef52a1a) to head (01077f5).
Report is 2 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff            @@
##              main      #358   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            2         2           
  Lines          190       190           
  Branches        90        90           
=========================================
  Hits           190       190

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@JacobEvelyn
Bump webrick to resolve security vulnerability alert
01077f5 
This commit bumps the `webrick` dependency to resolve CVE-2024-47220.
This vulnerability is not a risk for `memo_wise` users because `webrick`
is only used for development of this gem, but it's simple to update so
we're doing so.
@jpava001 jpava001 self-assigned this Oct 9, 2024
jpava001
jpava001 approved these changes Oct 9, 2024
View reviewed changes
Copy link

@jpava001 jpava001 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks simple enough to me for approval.

@JacobEvelyn JacobEvelyn merged commit af5bce4 into main Oct 9, 2024
14 checks passed
@JacobEvelyn JacobEvelyn deleted the bump-webrick branch October 9, 2024 15:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jpava001 jpava001 jpava001 approved these changes

Assignees

@jpava001 jpava001

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@JacobEvelyn @jpava001