[GODRIVER-2860] Update Go driver version in compilecheck go.mod file Created: 26/May/23  Updated: 28/Oct/23  Resolved: 16/Jun/23

Status: Closed
Project: Go Driver
Component/s: None
Affects Version/s: None
Fix Version/s: 1.12.0

Type: Improvement Priority: Unknown
Reporter: Matt Dale Assignee: Matt Dale
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Documentation Changes: Not Needed
Documentation Changes Summary:

1. What would you like to communicate to the user about this feature?
2. Would you like the user to see examples of the syntax and/or executable code and its output?
3. Which versions of the driver/connector does this apply to?


 Description   

The Go driver version specified in the compilecheck go.mod file (internal/test/compilecheck/go.mod) is v0.0.0-00010101000000-000000000000, which Github's Dependabot determines is subject to CVE-2021-20329, which was fixed with Go Driver v1.5.1 (see alert here). While that version isn't actually used because the replace directive overrides it, Dependabot and some other customer dependency scanning tools may complain about that dependency. We should update the version declared in that file to prevent dependency scanning tools from complaining.

Definition of done:

  • Update the go.mongodb.org/mongo-driver dependency declared in internal/test/compilecheck/go.mod to a version not affected by CVE-2021-20329 (update to latest preferably)


 Comments   
Comment by Githook User [ 16/Jun/23 ]

Author:

{'name': 'Matt Dale', 'email': '9760375+matthewdale@users.noreply.github.com', 'username': 'matthewdale'}

Message: GODRIVER-2860 Update Go driver module version in all submodules. (#1299)
Branch: master
https://github.com/mongodb/mongo-go-driver/commit/d7091e0afe202043e020209a74c5b8d18d7e28c6

Comment by Matt Dale [ 16/Jun/23 ]

PR: https://github.com/mongodb/mongo-go-driver/pull/1299

Generated at Thu Feb 08 08:39:31 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.