You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@airavata.apache.org by PJ Fanning <fa...@apache.org> on 2022/04/05 11:09:55 UTC
github PRs for lib upgrades
Hi,
I have a couple of PRs in github [1] to upgrade some lib dependencies
that have CVEs open against them.
Would any Airavata committer be in a position to review them?
Regards,
PJ
[1] https://github.com/apache/airavata/pulls
Re: [External] github PRs for lib upgrades
Posted by "Pierce, Marlon" <ma...@iu.edu>.
Hi PJ, thanks for the nudge, we will review.
Marlon
From: PJ Fanning <fa...@apache.org>
Date: Tuesday, April 5, 2022 at 7:11 AM
To: dev@airavata.apache.org <de...@airavata.apache.org>
Subject: [External] github PRs for lib upgrades
[You don't often get email from fanningpj@apache.org. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification.]<http://aka.ms/LearnAboutSenderIdentification.%5d>
This message was sent from a non-IU address. Please exercise caution when clicking links or opening attachments from external sources.
-------
Hi,
I have a couple of PRs in github [1] to upgrade some lib dependencies
that have CVEs open against them.
Would any Airavata committer be in a position to review them?
Regards,
PJ
[1] https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapache%2Fairavata%2Fpulls&data=04%7C01%7Cmarpierc%40iu.edu%7C8f168528bf114a7fb50208da16f4dcf2%7C1113be34aed14d00ab4bcdd02510be91%7C0%7C0%7C637847538624516035%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000&sdata=KLTZQLQBDvzdZMNeBrd8J1nmVOGx4JpDCvcoIdlfWQg%3D&reserved=0
Re: github PRs for lib upgrades
Posted by PJ Fanning <fa...@apache.org>.
Hi everyone,
These 4 PRs plus a new one for xerces (raised by dependabot) are still open for review. Would someone be able to have a look? https://github.com/apache/airavata/pulls
Regards,
PJ
On 2022/04/17 22:26:07 PJ Fanning wrote:
> Hi everyone,
> I added another batch of jar upgrades for libs that have security issues. There are 4 PRs at top of list on https://github.com/apache/airavata/pulls - would anyone be in a position to review them?
>
> Regards,
> PJ
>
> On 2022/04/05 11:09:55 PJ Fanning wrote:
> > Hi,
> > I have a couple of PRs in github [1] to upgrade some lib dependencies
> > that have CVEs open against them.
> >
> > Would any Airavata committer be in a position to review them?
> >
> > Regards,
> > PJ
> >
> > [1] https://github.com/apache/airavata/pulls
> >
>
Re: github PRs for lib upgrades
Posted by PJ Fanning <fa...@apache.org>.
Hi everyone,
I added another batch of jar upgrades for libs that have security issues. There are 4 PRs at top of list on https://github.com/apache/airavata/pulls - would anyone be in a position to review them?
Regards,
PJ
On 2022/04/05 11:09:55 PJ Fanning wrote:
> Hi,
> I have a couple of PRs in github [1] to upgrade some lib dependencies
> that have CVEs open against them.
>
> Would any Airavata committer be in a position to review them?
>
> Regards,
> PJ
>
> [1] https://github.com/apache/airavata/pulls
>