plural-cli fix(deps): update module github.com/hashicorp/go-retryablehttp to v0.7.7 [security]

fix(deps): update module github.com/hashicorp/go-retryablehttp to v0.7.7 [security]

Open plural-renovate[bot] opened this issue 8 months ago • 0 comments

This PR contains the following updates:

Package	Type	Update	Change
github.com/hashicorp/go-retryablehttp	require	patch	`v0.7.4` -> `v0.7.7`

GitHub Vulnerability Alerts

CVE-2024-6104

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.

Release Notes

hashicorp/go-retryablehttp (github.com/hashicorp/go-retryablehttp)

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

Jun 24 '24 22:06 plural-renovate[bot]

plural-cli plural-cli copied to clipboard

fix(deps): update module github.com/hashicorp/go-retryablehttp to v0.7.7 [security]

GitHub Vulnerability Alerts

CVE-2024-6104

Release Notes

v0.7.7

v0.7.6

v0.7.5

Configuration

plural-cli
plural-cli copied to clipboard

`v0.7.7`

`v0.7.6`

`v0.7.5`