Skip to content

Commit faaabe8

Browse files
sattvikcsattvikc
authored
fix: logback vulnerability (#1151)
1 parent d2c2bd4 commit faaabe8

File tree

4 files changed

+6
-4
lines changed

4 files changed

+6
-4
lines changed

.github/workflows/dev-tag.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,9 @@ jobs:
5656
with:
5757
path: ./supertokens-plugin
5858
repository: supertokens/supertokens-${{ matrix.plugin }}-plugin
59-
ref: ${{ fromJson(needs.dependency-versions.outputs.branches)[matrix.plugin] }}
59+
ref: ${{ fromJson(needs.dependency-versions.outputs.branches)[matrix.plugin] }}
60+
fetch-depth: 0
61+
fetch-tags: true
6062
- name: Run script
6163
env:
6264
SUPERTOKENS_API_KEY: ${{ secrets.SUPERTOKENS_API_KEY }}

CHANGELOG.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
99

1010
## [11.0.1]
1111

12-
- Upgrades the embedded tomcat from 11.0.5 to 11.0.6 because of security vulnerabilities
12+
- Upgrades the embedded tomcat 11.0.6 and logback classic to 1.5.13 because of security vulnerabilities
1313

1414
## [11.0.0]
1515

build.gradle

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ dependencies {
4242
implementation group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.18.2'
4343

4444
// https://mvnrepository.com/artifact/ch.qos.logback/logback-classic
45-
implementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.4.14'
45+
implementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.5.13'
4646

4747
// https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core
4848
implementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '11.0.6'

ee/build.gradle

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ dependencies {
3838
testImplementation group: 'org.apache.tomcat.embed', name: 'tomcat-embed-core', version: '11.0.5'
3939

4040
// https://mvnrepository.com/artifact/ch.qos.logback/logback-classic
41-
testImplementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.4.14'
41+
testImplementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.5.13'
4242

4343
// https://mvnrepository.com/artifact/com.google.code.gson/gson
4444
testImplementation group: 'com.google.code.gson', name: 'gson', version: '2.13.1'

0 commit comments

Comments
 (0)