You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The only code which uses this is the protondrive backend.
So my question to you @henrybear327 is - is it easy to move away from this library if we find out that this isn't going to be fixed in a reasonable time? There is some discussion about alternatives on the PR as we are not the only project affected.
How to use GitHub
Please use the 👍 reaction to show that you are affected by the same issue.
Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
Subscribe to receive notifications on status change and new comments.
The text was updated successfully, but these errors were encountered:
This seems to be fixed in the actual upstream library by using their own fork: ProtonMail/go-proton-api@0ee691e but since we are using a fork of that, it doesn't have that fix.
ncw
added a commit
that referenced
this issue
Jan 3, 2024
A fix for this has been issued by upstream and I've made a commit to use it, but the govuln database hasn't been updated yet so the tests are still failing :-(
The lint tests are failing because of a CVE in github.com/go-resty/resty/v2
This is as described in: https://pkg.go.dev/vuln/GO-2023-2328
This is fine, these things happen, but what doesn't seem to be happening is a fix being generated.
There is a PR open with a fix but it has been open for over a month.
The only code which uses this is the protondrive backend.
So my question to you @henrybear327 is - is it easy to move away from this library if we find out that this isn't going to be fixed in a reasonable time? There is some discussion about alternatives on the PR as we are not the only project affected.
How to use GitHub
The text was updated successfully, but these errors were encountered: