fix(deps): update module github.com/gin-contrib/cors to v1.6.0 [security] #265
+48
−16
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.4.0
->v1.6.0
Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
GitHub Vulnerability Alerts
CVE-2019-25211
parseWildcardRules in Gin-Gonic CORS middleware before 1.6.0 mishandles a wildcard at the end of an origin string, e.g., https://example.community/* is allowed when the intention is that only https://example.com/* should be allowed, and http://localhost.example.com/* is allowed when the intention is that only http://localhost/* should be allowed.
Release Notes
gin-contrib/cors (github.com/gin-contrib/cors)
v1.6.0
Compare Source
Changelog
Features
eac6c48
feat(schema): allow usage of custom schemas (#139)Bug fixes
27b723a
fixe(domain): wildcard parse bug (#106 and #57) @maxshine and @HvitgarEnhancements
f41df75
chore: update GitHub actions to latest versions2451987
chore: update dependencies to latest versions7d356c2
chore: update dependencies to latest versions5da0aee
chore: update third-party dependencies8263fce
chore: update version of actions/setup-go in GitHub workflowsOthers
fcbd06f
ci: enhance testing matrix and tolerance limitsf08c1bc
ci: refactor CI workflows and improve tests30792dc
ci: refactor GitHub Actions workflows0e993b7
ci: update GitHub Actions to Version 390a7c66
test(cors): enhance CORS wildcard handling tests (#145)85bf9fb
test: improve CORS wildcard handling and testing (#144)d5002f2
test: refactor tests and update CI configurationsv1.5.0
Compare Source
Changelog
Features
0eaf9a0
feat: adds support for private network header (#128)Enhancements
c1983b2
chore(CI): add go1.20 version1d5e083
chore(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (#112)f8b2357
chore(options): Added availability to set 200/204 for OPTIONS request status (#129)f92a222
chore: Add go 1.19 and upgrade lint version to v1.4995df7c6
chore: removedepguard
linter and rename example file7ac4445
chore: update GitHub Actions configuration filesbbf67cd
chore: update Go version and setup-go actionb216599
chore: updategoreleaser/goreleaser-action
to version v4765e44e
chore: update dependencies to latest versionsbf2c9df
chore: update linter configuration and changelog titlesbbb26b0
chore: update supported versions of GoOthers
5914b2f
build: update Go version and dependenciesConfiguration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.