Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update deps to fix vulnerabilities #161

Merged
merged 2 commits into from
Nov 7, 2023
Merged

Update deps to fix vulnerabilities #161

merged 2 commits into from
Nov 7, 2023

Conversation

joseph-sentry
Copy link
Contributor

Vulnerabilities were detected in these dependencies so we should update them to versions where they are fixed

Fixes: https://github.com/codecov/internal-issues/issues/101
Fixes: https://github.com/codecov/internal-issues/issues/102

@codecov-staging
Copy link

codecov-staging bot commented Oct 25, 2023
edited
Loading

Codecov Report

Merging #161 (ce96c16) into main (a004d48) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #161   +/-   ##
=======================================
  Coverage   98.38%   98.38%           
=======================================
  Files         350      350           
  Lines       27685    27685           
=======================================
  Hits        27238    27238           
  Misses        447      447
Flag Coverage Δ
integration 98.38% <ø> (ø)
latest-uploader-overall 98.38% <ø> (ø)
unit 98.38% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
NonTestCode 96.88% <ø> (ø)
OutsideTasks 98.17% <ø> (ø)

@codecov-qa
Copy link

codecov-qa bot commented Oct 25, 2023
edited
Loading

Codecov Report

Merging #161 (ce96c16) into main (a004d48) will not change coverage.
The diff coverage is n/a.

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #161   +/-   ##
=======================================
  Coverage   98.38%   98.38%           
=======================================
  Files         350      350           
  Lines       27685    27685           
=======================================
  Hits        27238    27238           
  Misses        447      447
Flag Coverage Δ
integration 98.38% <ø> (ø)
latest-uploader-overall 98.38% <ø> (ø)
unit 98.38% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
NonTestCode 96.88% <ø> (ø)
OutsideTasks 98.17% <ø> (ø)

@codecov-public-qa
Copy link

codecov-public-qa bot commented Oct 25, 2023
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (main@a004d48). Click here to learn what that means.
The diff coverage is n/a.

❗ Current head 745e218 differs from pull request most recent head ce96c16. Consider uploading reports for the commit ce96c16 to get more accurate results

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #161   +/-   ##
=======================================
  Coverage        ?   98.39%           
=======================================
  Files           ?      348           
  Lines           ?    27500           
  Branches        ?        0           
=======================================
  Hits            ?    27058           
  Misses          ?      442           
  Partials        ?        0
Flag Coverage Δ
integration 98.39% <ø> (?)
latest-uploader-overall 98.39% <ø> (?)
unit 98.39% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
NonTestCode 96.89% <ø> (?)
OutsideTasks 98.18% <ø> (?)

@codecov
Copy link

codecov bot commented Oct 25, 2023
edited
Loading

Codecov Report

Merging #161 (ce96c16) into main (a004d48) will decrease coverage by 2.62%.
The diff coverage is n/a.

Changes have been made to critical files, which contain lines commonly executed in production. Learn more

Impacted file tree graph

@@            Coverage Diff             @@
##             main     #161      +/-   ##
==========================================
- Coverage   98.34%   95.73%   -2.62%     
==========================================
  Files         376      375       -1     
  Lines       28181    28050     -131     
==========================================
- Hits        27715    26854     -861     
- Misses        466     1196     +730
Flag Coverage Δ
integration ?
latest-uploader-overall ?
onlysomelabels 95.73% <ø> (-1.91%) ⬇️
unit ?

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
NonTestCode 93.60% <ø> (-3.17%) ⬇️
OutsideTasks 96.94% <ø> (-1.17%) ⬇️

see 71 files with indirect coverage changes

This change has been scanned for critical changes. Learn more

matt-codecov
matt-codecov approved these changes Oct 30, 2023
View reviewed changes
requirements.in
@@ -33,6 +33,7 @@ SQLAlchemy
statsd
stripe
timestring
urllib3>=1.26.18
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think this is fine, but because you updated this in shared in codecov/shared#70 you could avoid adding urllib3 to requirements.in by updating shared if you wanted to

@joseph-sentry joseph-sentry merged commit efa624b into main Nov 7, 2023
24 of 26 checks passed
@joseph-sentry joseph-sentry deleted the joseph/update-deps-fix-vuln branch November 7, 2023 18:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matt-codecov matt-codecov matt-codecov approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@joseph-sentry @matt-codecov