-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Address Snyk issues #68
Conversation
b8593f3
to
01e4990
Compare
replace golang.org/x/text v0.3.0 => golang.org/x/text v0.9.0 | ||
|
||
replace golang.org/x/text v0.3.3 => golang.org/x/text v0.9.0 | ||
|
||
replace golang.org/x/text v0.7.0 => golang.org/x/text v0.9.0 | ||
|
||
replace golang.org/x/text v0.3.7 => golang.org/x/text v0.9.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Currently only v0.3.7 of golang.org/x/text is listed in go.sum
. Why do we need all these replacements?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same goes for x/sys and x/net, I guess.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks like after adding these replace statements the go.sum was condensed – the old list showed these versions. Should I remove these replace statements after updating go.sum?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are you sure you weren't looking at an amended list? If you look at the go.sum
file on the main
branch, only v0.3.7 of golang.org/x/text is listed. I wonder if we could get away with only one of these replace statements.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good call - makes sense.
01e4990
to
8d9daa0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 👍
Desired Outcome
This pull request addresses the Snyk issues outlined in this repository.
Implemented Changes
Changelog
CHANGELOG update
Test coverage
changes, or
Documentation
README
s) were updated in this PRBehavior
Security