Skip to content

[Snyk] Security upgrade cocoapods from 1.16.1 to 1.16.2#9631

Open
mm-prodsec-bot wants to merge 1 commit intomainfrom
snyk-fix-925a29efd1bf5bb71f731c323c245586
Open

[Snyk] Security upgrade cocoapods from 1.16.1 to 1.16.2#9631
mm-prodsec-bot wants to merge 1 commit intomainfrom
snyk-fix-925a29efd1bf5bb71f731c323c245586

Conversation

@mm-prodsec-bot
Copy link
Copy Markdown

@mm-prodsec-bot mm-prodsec-bot commented Mar 25, 2026

snyk-top-banner

Snyk has created this PR to fix 3 vulnerabilities in the rubygems dependencies of this project.

Snyk changed the following file(s):

  • Gemfile
  • Gemfile.lock

Vulnerabilities that will be fixed with an upgrade:

Issue Score
high severity Allocation of Resources Without Limits or Throttling
SNYK-RUBY-ACTIVESUPPORT-15762697		   721  
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-RUBY-ACTIVESUPPORT-15762331		   631  
medium severity Cross-site Scripting (XSS)
SNYK-RUBY-ACTIVESUPPORT-15762701		   551  

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Allocation of Resources Without Limits or Throttling
🦉 Cross-site Scripting (XSS)

@mm-cloud-bot
Copy link
Copy Markdown

mm-cloud-bot commented Mar 25, 2026

@mm-prodsec-bot: Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Details

I understand the commands that are listed here

@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 25, 2026

Coverage Comparison Report

Generated on March 25, 2026 at 12:44:49 UTC

+-----------------+------------+------------+-----------+
| Metric          | Main       | This PR    | Diff      |
+-----------------+------------+------------+-----------+
| Lines           |     85.15% |     85.15% |     0.00% |
| Statements      |     85.01% |     85.01% |     0.00% |
| Branches        |     72.05% |     72.05% |     0.00% |
| Functions       |     83.99% |     83.99% |     0.00% |
+-----------------+------------+------------+-----------+
| Total           |     81.55% |     81.55% |     0.00% |
+-----------------+------------+------------+-----------+

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

do-not-merge/release-note-label-needed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mm-prodsec-bot @mm-cloud-bot @snyk-bot