Upgrade to YAMLv3 #245

davidmateos · 2022-06-01T10:30:32Z

This relates to:

Line 20 in 3f9800f

gopkg.in/yaml.v2 v2.4.0

The current yaml library version is impacted by CVE-2022-28948. See

sagarmamdapure · 2022-08-23T09:45:07Z

@davidmateos I'm also facing the same issue. Looks like this package has been abandoned. Any suggestion on an alternate solution to fix this?

casualjim · 2022-08-24T17:08:21Z

It has not been abandoned but the upgrade to yaml.v3 is not straightforward for us.

* fixes go-openapi#245 Signed-off-by: Frederic BIDON <[email protected]>

* fixes #245 Signed-off-by: Frederic BIDON <[email protected]>

mtrmac mentioned this issue Jan 30, 2023

Migrate from ghodss/yaml to gopkg.in/yaml.v3 containers/image#1818

Merged

fredbi added the dependencies Pull requests that update a dependency file label Dec 7, 2023

fredbi self-assigned this Dec 7, 2023

fredbi added a commit to fredbi/runtime that referenced this issue Dec 7, 2023

upgraded to yaml.v3

8151048

* fixes go-openapi#245 Signed-off-by: Frederic BIDON <[email protected]>

fredbi mentioned this issue Dec 7, 2023

upgraded to yaml.v3 #270

Merged

fredbi added the pending PR label Dec 7, 2023

fredbi added a commit to fredbi/runtime that referenced this issue Dec 8, 2023

upgraded to yaml.v3

e6add7e

* fixes go-openapi#245 Signed-off-by: Frederic BIDON <[email protected]>

fredbi closed this as completed in #270 Dec 8, 2023

fredbi added a commit that referenced this issue Dec 8, 2023

upgraded to yaml.v3

337c930

* fixes #245 Signed-off-by: Frederic BIDON <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Upgrade to YAMLv3 #245

Upgrade to YAMLv3 #245

davidmateos commented Jun 1, 2022

sagarmamdapure commented Aug 23, 2022

casualjim commented Aug 24, 2022

Upgrade to YAMLv3 #245

Upgrade to YAMLv3 #245

Comments

davidmateos commented Jun 1, 2022

sagarmamdapure commented Aug 23, 2022

casualjim commented Aug 24, 2022