mirror of https://github.com/pulumi/pulumi.git
9f6213dc4e
`go-git` has an argument injection vulnerability via the URL field for versions lower than 5.13.0 (https://github.com/pulumi/pulumi/security/dependabot/1537). This change bumps `go-git` to 5.13.1 everywhere to mitigate this risk. Closes #18174 Closes #18175 |
||
---|---|---|
.. | ||
correct_project | ||
import | ||
json | ||
nested_config | ||
testproj | ||
yaml | ||
yml |