websocketd icon indicating copy to clipboard operation
websocketd copied to clipboard
verified publisher icon joewalnes

fix(sec): upgrade github.com/gorilla/websocket to 1.4.1

Open 645775992 opened this issue 3 years ago • 1 comments

What happened?

There are 1 security vulnerabilities found in github.com/gorilla/websocket v1.4.0

What did I do?

Upgrade github.com/gorilla/websocket from v1.4.0 to 1.4.1 for vulnerability fix

What did you expect to happen?

Ideally, no insecure libs should be used.

The specification of the pull request

PR Specification from OSCS

645775992 avatar Nov 04 '22 08:11 645775992

The Gorilla Toolkit is now in archive-mode, and is no longer actively maintained. so swapping out that library might be better.

EDIT on 10-Jun-2024: gorilla/websocket is now being updated again https://github.com/gorilla/websocket/releases/tag/v1.5.1 so bumping to a more recent version would be great

barakplasma avatar Dec 19 '22 09:12 barakplasma