Skip to content

Comments

Snyk vuln remediation 11 09 2025#192

Merged
codoherty-r7 merged 3 commits intomasterfrom
snyk-vuln-remediation-11-09-2025
Sep 11, 2025
Merged

Snyk vuln remediation 11 09 2025#192
codoherty-r7 merged 3 commits intomasterfrom
snyk-vuln-remediation-11-09-2025

Conversation

@codoherty-r7
Copy link
Contributor

@codoherty-r7 codoherty-r7 commented Sep 11, 2025
edited by atlassian bot
Loading

…emediate snyk vuln

Description

A detailed description of your changes.
Related Snyk ticket: SCAN-2328

CVE-2025-48924 brought in through commons-lang3@3.4
CVE-2024-47554 brought in through commons-io@2.7
CVE-2025-8916 brought in through bcprov-jdk18@1.79 and hierynomus:smbj@0.12.2

Motivation and Context

Explanation of why these changes are being proposed, including any links to other relevant issues or pull requests.

How Has This Been Tested?

A clear and concise description of your changes were tested.
Maven tests:
Screenshot 2025-09-11 at 13 27 13
Screenshot 2025-09-11 at 13 27 30

Snyk Test:
Screenshot 2025-09-11 at 13 28 10

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • I have updated the documentation accordingly (or changes are not required).
  • I have added tests to cover my changes (or new tests are not required).
  • All new and existing tests passed.

@simonirwin-r7
Copy link
Contributor

simonirwin-r7 commented Sep 11, 2025
edited
Loading

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

license/snyk check is complete. No issues have been found. (View Details)

codoherty-r7
codoherty-r7 commented Sep 11, 2025
View reviewed changes
.github/workflows/CI.yml
distribution: ${{ matrix.distribution }}
- name: Cache Maven packages
uses: actions/cache@v2
uses: actions/cache@v4
Copy link
Contributor Author

@codoherty-r7 codoherty-r7 Sep 11, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Github CI jobs are failing because we use a deprecated 'actions/cache' version. Blog post about this here. Upgrading to newer version because of this

@codoherty-r7 codoherty-r7 merged commit 05d858f into master Sep 11, 2025
8 checks passed
@codoherty-r7 codoherty-r7 deleted the snyk-vuln-remediation-11-09-2025 branch September 11, 2025 13:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gmcallister-r7 gmcallister-r7 gmcallister-r7 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@codoherty-r7 @simonirwin-r7 @gmcallister-r7