Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency azure.identity to 1.11.4 [security] #2538

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): update dependency azure.identity to 1.11.4 [security] #2538

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Aug 6, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
Azure.Identity (source) 1.11.3 -> 1.11.4 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2024-35255

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability.

Release Notes

Azure/azure-sdk-for-net (Azure.Identity)

v1.11.4

Compare Source

1.11.4 (2024-06-10)

Bugs Fixed
  • Managed identity bug fixes

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies All issues related to dependencies & Renovate label Aug 6, 2024
@renovate renovate bot requested a review from tomkerkhove as a code owner August 6, 2024 07:50
@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 6, 2024

Thank you for your contribution! 🙏 We will review it as soon as possible.

@hkfgo
Copy link
Contributor

hkfgo commented Aug 7, 2024

Hey Tom, we are in need of a release to address some CVEs. A major release will be tough to get to, since I need some time to extensively test my batch scraping PR. Is there any chance you can cut a minor release?

@renovate renovate bot changed the title chore(deps): update dependency azure.identity to v1.11.4 [security] chore(deps): update dependency azure.identity to 1.11.4 [security] Aug 28, 2024
@renovate renovate bot force-pushed the renovate-nuget-azure.identity-vulnerability branch 2 times, most recently from d2af3a3 to d60727a Compare September 24, 2024 06:27
@hkfgo
Copy link
Contributor

hkfgo commented Sep 26, 2024
edited
Loading

I think this should be mergable once you get the resource discovery test fix from master. It'd be great if you can cut a minor release with this and the .NET version bump: #2517

My thought is to create two releases. A minor one with just the version bumps, and a major one with this batch scraping PR: #2459 afterwards. Just in case things go wrong on the later :)

@renovate renovate bot force-pushed the renovate-nuget-azure.identity-vulnerability branch 4 times, most recently from 8d9893c to 69cc1b5 Compare October 7, 2024 06:31
@renovate renovate bot force-pushed the renovate-nuget-azure.identity-vulnerability branch from 69cc1b5 to 9fc010b Compare October 7, 2024 06:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tomkerkhove tomkerkhove tomkerkhove approved these changes

Assignees

@tomkerkhove tomkerkhove

Labels
dependencies All issues related to dependencies & Renovate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hkfgo @tomkerkhove