Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Vulnerabilities #704

Merged
merged 7 commits into from
Nov 27, 2023
Merged

Security Vulnerabilities #704

merged 7 commits into from
Nov 27, 2023

Conversation

ajkiessl
Copy link
Contributor

@ajkiessl ajkiessl commented Nov 14, 2023
edited
Loading

Updates packages to resolve vulnerabilities. Removes unneeded packages with vulnerabilities

closes #699

@ajkiessl
Copy link
Contributor Author

FYI @Smullz622 , since we decided to move ScholarSphere development back a bit, I decided to take a stab at this and potentially figure out what is going on with selenium. There does seem to be some java issue with v4.15 ( SeleniumHQ/selenium#13091 ) that the SeleniumHQ team is looking into. I was getting similar errors in CI that you were getting locally with the v4.15 selenium/standalone-chrome image. I pinned this at v4.14 and pinned the selenium-webdriver gem at v4.14. It works at this version. It might be a good idea to just keep these pinned at a working version indefinitely. That way we aren't constantly wrestling with latest release bugs, or incompatibilities with webdriver gems, the webdrivers themselves, and the browsers.

Smullz622
Smullz622 approved these changes Nov 21, 2023
View reviewed changes
Copy link
Contributor

@Smullz622 Smullz622 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks!

@ajkiessl ajkiessl merged commit c50ac70 into main Nov 27, 2023
1 check passed
@ajkiessl ajkiessl deleted the 699-sec-vulns branch November 27, 2023 16:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Smullz622 Smullz622 Smullz622 approved these changes

@whereismyjetpack whereismyjetpack Awaiting requested review from whereismyjetpack

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

etda security vulnerabilities
2 participants
@ajkiessl @Smullz622