Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade snakeyaml to 2.0 #2903

Merged
merged 1 commit into from
May 3, 2023
Merged

Upgrade snakeyaml to 2.0 #2903

merged 1 commit into from
May 3, 2023

Conversation

labianchin
Copy link
Contributor

Includes CVE fix https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in for https://nvd.nist.gov/vuln/detail/CVE-2022-1471

Did you remember to?

  • Add test case(s)
  • Update CHANGES.txt
  • Auto applied styling via ./gradlew autostyleApply

We encourage pull requests that:

  • Add new features to TestNG (or)
  • Fix bugs in TestNG

If your pull request involves fixing SonarQube issues then we would suggest that you please discuss this with the
TestNG-dev before you spend time working on it.

Note: For more information on contribution guidelines please make sure you refer our Contributing section for detailed set of steps.

@caesar-ralf
Copy link

just adding my approval, although probably counts to nothing haha but we would love this change to go out with the security fix

@krmahadevan
Copy link
Member

@caesar-ralf this upgrade is causing compilation errors. All tests failed.

krmahadevan
krmahadevan requested changes Apr 28, 2023
View reviewed changes
Copy link
Member

@krmahadevan krmahadevan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you pls help fix the compilation errors?

@labianchin
Copy link
Contributor Author

labianchin commented May 1, 2023
edited
Loading

Can you pls help fix the compilation errors?

Yes, I think now it is fixed. PTAL @krmahadevan .

@labianchin
Copy link
Contributor Author

Most build actions are green, but some did fail. The problem is not obvious to me. I do wonder if something is flaky and if we can re-run those tests.

I appreciate any quick help here. I have never used testng (yet), neither I am familiar with the codebase or build setup here.

@juherr
Copy link
Member

juherr commented May 2, 2023

No worry, we have random failures in very specific environments.

@krmahadevan krmahadevan merged commit a766113 into testng-team:master May 3, 2023
@labianchin labianchin deleted the patch-1 branch May 4, 2023 08:41
@labianchin
Copy link
Contributor Author

Thanks for the help @krmahadevan and @juherr !

Any chance we can have a release with those changes?

@krmahadevan
Copy link
Member

Yes. There should be a release in a week or so. Waiting for one more in flight PR to be ready for merge.

@renovate renovate bot mentioned this pull request Jul 14, 2023
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@juherr juherr juherr approved these changes

@krmahadevan krmahadevan krmahadevan approved these changes

@caesar-ralf caesar-ralf caesar-ralf approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@labianchin @caesar-ralf @krmahadevan @juherr