Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bug]: CVE in codebase #1845

Open
1 task done
shivamsouravjha opened this issue Apr 22, 2024 · 2 comments
Open
1 task done

[bug]: CVE in codebase #1845

shivamsouravjha opened this issue Apr 22, 2024 · 2 comments
Labels
bug Something isn't working keploy

Comments

@shivamsouravjha
Copy link
Contributor

shivamsouravjha commented Apr 22, 2024
edited

Is there an existing issue for this?

  • I have searched the existing issues

Current behavior

  • There are some vulnerabilities because of dependencies which can be viewed through Red Hat Dependency Analytics

Steps to reproduce

  • Install Red Hat extension on VSCode.
  • Open go.mod file, the RHDA(Red Hat Dependency Analytics) would analyse and then show the report.
  • Click on the pop-up to view the analytics
image

Environment

None

Version

Cloud

Repository

keploy
@shivamsouravjha shivamsouravjha added the bug Something isn't working label Apr 22, 2024
@aerowisca
Copy link
Contributor

seems the CVE was due to an older dependency of docker .
go: upgraded github.com/docker/docker v24.0.4+incompatible => v26.1.1+incompatible
This solves the issue but i hope we are not dependent on particular version for any specific task ? @shivamsouravjha

@shivamsouravjha
Copy link
Contributor Author

nope we're not dependent on any particular docker version, but if we were to upgrade the docker version me must insure that any feature we use isn't downgraded.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working keploy
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@shivamsouravjha @aerowisca