go.uuid icon indicating copy to clipboard operation
go.uuid copied to clipboard

Published 20 hours ago verified publisher icon satori

Need new release/tag for vulnerability fix

Open mollylogue opened this issue 3 years ago • 1 comments

There is a vulnerability in version 1.2.0: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSATORIGOUUID-72488

Apparently this has been fixed in the most recent version of master. Would you be willing to cut a new tag/release for projects to use w/ this dependency? Thanks.

mollylogue avatar Mar 31 '21 20:03 mollylogue

The maintainer has let an issue claiming his repo is dead sit on the backlog for two years. I wouldnt hold my breath that he'll come back to put out a release. https://github.com/satori/go.uuid/issues/103

DamareYoh avatar Apr 29 '21 01:04 DamareYoh