conductor-csharp icon indicating copy to clipboard operation
conductor-csharp copied to clipboard
verified publisher icon conductor-sdk

Resolve Vulnerable Package Issues in the Conductor-csharp SDK

Open CodeWolf86 opened this issue 1 year ago • 0 comments

Hi There,

I've added a PR to hopefully resolve the following vulnerabilities in the current edition of the SDK: https://github.com/conductor-sdk/conductor-csharp/pull/125

I was able to get the majority of unit tests passing however some required endpoints that were not available on my open source conductor oss repo: https://github.com/conductor-oss/conductor

So would appreciate any advice on how to resolve, or if they require a test against an Orkes specific instance of conductor.

Vulnerabilities highlighted here: https://github.com/advisories/GHSA-qj66-m88j-hmgj https://github.com/advisories/GHSA-4rr6-2v9v-wcpc https://github.com/advisories/GHSA-7jgj-8wvc-jh57 https://github.com/advisories/GHSA-hh2w-p6rv-4g7w https://github.com/advisories/GHSA-cmhx-cq75-c4mj

Image

CodeWolf86 avatar Feb 20 '25 17:02 CodeWolf86