New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Snyk reports vulnerability #167
Comments
As a workaround, I am using the https://github.com/anthonynsimon/bild library. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Please address the security bug identified by Snyk:
https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDISINTEGRATIONIMAGING-5880692
On a related note, GitHub dependabot claims that updating the transient dependency golang.org/x/image to v0.10.0 or higher is sufficient. However, Snyk continues to report this disintegration/imaging module as vulnerable.
I don't have enough information to determine whether GitHub or Snyk is more accurate. Someone should clarify the situation.
If necessary, fork this repository.
The text was updated successfully, but these errors were encountered: