Plans to tag latest branch to include github.com/nats-io/nats-server/v2 v2.8.4? #1258
-
FOSSA has identified nats-server v2.5.0 to have a high severity vulnerability: Your master branch is already using: But your latest tag, v0.12.0, is using: ✋ Are there plans to release a new tag to include this version bump on nats-server? |
Beta Was this translation helpful? Give feedback.
Answered by
peterbourgon
Mar 27, 2023
Replies: 1 comment 7 replies
-
No. There's no reason for modules like Go kit to tag new releases for dependency updates, because the version of dependencies that are included in final binaries are controlled by the downstream consumers. |
Beta Was this translation helpful? Give feedback.
7 replies
Answer selected by
peterbourgon
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
No. There's no reason for modules like Go kit to tag new releases for dependency updates, because the version of dependencies that are included in final binaries are controlled by the downstream consumers.