ua-parser
deps: upgraded dependency
There were vulernabilities in older dependencies so I have upgraded it
(GO-2020-0036) (GO-2021-0061) (GO-2022-0956)
have you run the tests? https://github.com/ua-parser/uap-go?tab=readme-ov-file#testing unfortunately these aren't automated yet.
Also should mention, I took a look at the mentioned vulnerabilities. Practically they aren't interesting for this package - they are all about DOS against the yaml parser, but we don't parse user-supplied yaml. I think we actually just parse the uap-core yaml at build time. That said upgrading is probably a good idea so happy to accept the upgrades, provided the tests pass.
have you run the tests? https://github.com/ua-parser/uap-go?tab=readme-ov-file#testing unfortunately these aren't automated yet.
Would you accept a PR to setup test in CI using Github Actions?
have you run the tests? https://github.com/ua-parser/uap-go?tab=readme-ov-file#testing unfortunately these aren't automated yet.
Would you accept a PR to setup test in CI using Github Actions?
sure, please send one!
have you run the tests? https://github.com/ua-parser/uap-go?tab=readme-ov-file#testing unfortunately these aren't automated yet.
Also should mention, I took a look at the mentioned vulnerabilities. Practically they aren't interesting for this package - they are all about DOS against the yaml parser, but we don't parse user-supplied yaml. I think we actually just parse the uap-core yaml at build time. That said upgrading is probably a good idea so happy to accept the upgrades, provided the tests pass.
Yes, all tests are passing, I have also replaced deprecated ioutil with os package It can be seen here reference
so we just added github actions to automate the tests. is there an easy way to see that in action here? if not I can just merge it and hope for the best but it'd be nice to see it passing on this first
The author of the PR needs to rebase their branch on master, the CI will kick in then