Dependencies with sec vulnerabilities:

[diegodocs]

Dependencies with sec vulnerabilities:

Issues found: github.com/dapr/dapr@v1.14.4 and github.com/dapr/go-sdk@v1.11.0 via Snyk

github.com/hamba/avro - Denial of Service (DoS)
github.com/valyala/fasthttp - Open Redirect
github.com/open-policy-agent/opa - Incorrect Permission Assignment for Critical Resource
github.com/golang-jwt/jwt - Insufficient Documentation of Error Handling Techniques

[diegodocs]

• 
• 
• 
• 

[deepmehrotra]

hi @diegodocs is there a release planned for this ? We are waiting for this change to pass security scans.

[diegodocs]

Hi @deepmehrotra ... sorry but dont have visiblity about the ETA for next release .... The PR was already merged but let's wait the owner team response....

Hi @yaron2 .. can you share any info here ?

[diegodocs]

Hi @yaron2 ... I believe this can be closed once my PR was merged ... can you share visibibility when is planned the next release containing this fix ?

[yaron2]

Hi @yaron2 ... I believe this can be closed once my PR was merged ... can you share visibibility when is planned the next release containing this fix ?

Hopefully next week