MX-17167 - Bump dependencies - dependabot fixes#7262
Conversation
|
❌ Integration Tests completed with failures or errors. 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## rc/supernova #7262 +/- ##
=============================================
Coverage 77.52% 77.53%
=============================================
Files 882 882
Lines 123558 123558
=============================================
+ Hits 95790 95801 +11
+ Misses 21425 21417 -8
+ Partials 6343 6340 -3 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
❌ Integration Tests completed with failures or errors. 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
|
❌ Integration Tests completed with failures or errors. 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
There was a problem hiding this comment.
Pull Request Overview
This PR addresses security vulnerabilities by bumping various Go dependencies to their latest secure versions. The changes target specific security alerts related to DoS vulnerabilities, XSS issues, and improper handling in various libraries.
- Updates multiple dependencies to address security vulnerabilities including Pion Interceptor, golang.org/x/net, golang.org/x/crypto, and gin-contrib/cors
- Bumps Go version specification from 1.23 to 1.23.0 for more precise version handling
- Updates numerous transitive dependencies as a result of the primary dependency upgrades
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
|
❌ Integration Tests completed with failures or errors. 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
|
Run Tests: |
|
❌ Integration Tests completed with failures or errors. 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
|
❌ Integration Tests completed with failures or errors. 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
|
Run Tests: |
|
❌ Integration Tests completed with failures or errors. 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
|
Run Tests: |
|
✅ Integration Tests passed successfully! 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
|
✅ Integration Tests passed successfully! 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
|
should this PR be retargeted to rc/teegarden? |
|
❌ Integration Tests completed with failures or errors. 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
sstanculeanu
left a comment
There was a problem hiding this comment.
to be decided where we merge it
|
❌ Integration Tests completed with failures or errors. 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
|
❌ Integration Tests completed with failures or errors. 📊 MultiversX Automated Test Report: View Report 🔄 Build Details:
🚀 Environment Variables:
|
The base branch was changed.
…dependabot-fixes-2025
…dependabot-fixes-2025
# Conflicts: # go.mod # go.sum
|
covered in #7843 |
Reasoning behind the pull request
Security alerts:
Proposed changes
results:
results:
Testing procedure
Pre-requisites
Based on the Contributing Guidelines the PR author and the reviewers must check the following requirements are met:
featbranch created?featbranch merging, do all satellite projects have a proper tag insidego.mod?