Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Instrumentation.Hangfire] NugetAudit - fix dependencies with known vulnerabilities #2057

Merged

Conversation

Kielek
Copy link
Contributor

@Kielek Kielek commented Sep 10, 2024

Follow up to #2034

Changes

    <!-- Newtonsoft.Json is indirect reference. It is needed to upgrade it directly to avoid https://github.com/advisories/GHSA-5crp-9r3c-p9vr -->
    <PackageReference Include="Newtonsoft.Json" Version="13.0.1" />

Changelog based on https://github.com/open-telemetry/opentelemetry-dotnet/blob/37535a5607ee7e4056c0e274ec01d1e0111a64be/src/OpenTelemetry.Exporter.Console/CHANGELOG.md#L112-L114

Merge requirement checklist

  • CONTRIBUTING guidelines followed (license requirements, nullable enabled, static analysis, etc.)
  • [ ] Unit tests added/updated
  • Appropriate CHANGELOG.md files updated for non-trivial changes
  • Changes in public API reviewed (if applicable)

@Kielek Kielek requested a review from a team September 10, 2024 06:35
@github-actions github-actions bot requested a review from fred2u September 10, 2024 06:36
@github-actions github-actions bot added the comp:instrumentation.hangfire Things related to OpenTelemetry.Instrumentation.Hangfire label Sep 10, 2024
Copy link

codecov bot commented Sep 10, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 93.58%. Comparing base (71655ce) to head (df118c9).
Report is 420 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff             @@
##             main    #2057       +/-   ##
===========================================
+ Coverage   73.91%   93.58%   +19.67%     
===========================================
  Files         267        4      -263     
  Lines        9615       78     -9537     
===========================================
- Hits         7107       73     -7034     
+ Misses       2508        5     -2503     
Flag Coverage Δ
unittests-Instrumentation.Hangfire 93.58% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

see 267 files with indirect coverage changes

@Kielek Kielek merged commit 1fb3c59 into open-telemetry:main Sep 11, 2024
58 checks passed
@Kielek Kielek deleted the nuget-audit-instrumentation-hangfire branch September 11, 2024 04:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
comp:instrumentation.hangfire Things related to OpenTelemetry.Instrumentation.Hangfire
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants