Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump gopkg.in/yaml.v3 to 3.0.0 #1190

Closed
wants to merge 1 commit into from
Closed

Bump gopkg.in/yaml.v3 to 3.0.0 #1190

wants to merge 1 commit into from

Conversation

edigaryev
Copy link

@edigaryev edigaryev commented May 26, 2022

To fix CVE-2022-28948.

@mkumatag
Copy link

Looking forward to see this patch merged and a new release.

@ingwarsw
Copy link
Contributor

I created the same because I didnt saw this one..
But I upgraded to 3.0.1 to fix one more issue..

See #1192

@baywet
Copy link

baywet commented May 27, 2022

Hello everyone! 👋
Can we get somebody from @stretchr to review this one or the 3.0.1 one, merge, and release please?
CC @matryer @muhqu @ernesto-jimenez @boyan-soubachov

Thanks a lot!

@boyan-soubachov
Copy link
Collaborator

This was just fixed in another PR, thank you for your contribution :)

@edigaryev edigaryev deleted the update-yaml-v3 branch June 6, 2022 12:28
@dolmen dolmen added YAML About YAML and dependency dependencies Pull requests that update a dependency file labels Mar 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file YAML About YAML and dependency
Projects
None yet
Development

Successfully merging this pull request may close these issues.

v3: panic "attempted to parse unknown event (please report): none"
9 participants