Skip to content

chore(deps): fix CVE-2025-48924 (commons-lang:commons-lang) #14480

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Aug 23, 2025
Merged

chore(deps): fix CVE-2025-48924 (commons-lang:commons-lang) #14480

merged 7 commits into from
Aug 23, 2025

Conversation

relaxedboi
Copy link
Contributor

@relaxedboi relaxedboi commented Aug 16, 2025
edited
Loading

  1. Upgrading to the latest version of pegasus packages.
  2. Removing the vulnerable package: (commons-lang:commons-lang) CVE-2025-48924, Moving to the (org.apache.commons:commons-lang3) package.

@github-actions github-actions bot added ingestion PR or Issue related to the ingestion of metadata product PR or Issue related to the DataHub UI/UX devops PR or Issue related to DataHub backend & deployment community-contribution PR or Issue raised by member(s) of DataHub Community labels Aug 16, 2025
@datahub-cyborg datahub-cyborg bot added the needs-review Label for PRs that need review from a maintainer. label Aug 16, 2025
@relaxedboi relaxedboi changed the title chore(deps): fix (commons-lang:commons-lang) chore(deps): fix CVE-2025-48924 (commons-lang:commons-lang) Aug 16, 2025
@relaxedboi relaxedboi force-pushed the fix/commons-lang branch 2 times, most recently from 416c65c to f370d7b Compare August 16, 2025 05:23
@relaxedboi relaxedboi marked this pull request as draft August 16, 2025 17:20
@relaxedboi relaxedboi marked this pull request as ready for review August 23, 2025 04:18
@david-leifker david-leifker merged commit 88064ba into datahub-project:master Aug 23, 2025
36 checks passed
@relaxedboi relaxedboi deleted the fix/commons-lang branch August 23, 2025 14:50
@relaxedboi relaxedboi mentioned this pull request Aug 27, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@david-leifker david-leifker david-leifker approved these changes

Assignees
No one assigned
Labels
community-contribution PR or Issue raised by member(s) of DataHub Community devops PR or Issue related to DataHub backend & deployment ingestion PR or Issue related to the ingestion of metadata needs-review Label for PRs that need review from a maintainer. product PR or Issue related to the DataHub UI/UX
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@relaxedboi @david-leifker