#669
93%

Ran 29 Dec 2021 06:01PM UTC

Jobs 1

Files 55

Run time 4s

Badge

Embed ▾

pending completion

Build # #669

Build Type

push

github-actions

Committed by

web-flow

Commit Message

Bump Guava dependency to 24.1.1 (#536)

This is needed, as previous versions of Guava are subject to
CVE-2018-10237.

Note that the vulnerability occurs when decerializing untrusted data.
As such, it is hard to imagine a case where NullAway would be directly
exploitable, but we still shouldn't be asking build systems to
resolve a known-vulnerable version of the library.

Also, I'd love to bump Guava to a more modern version, but internally
we still need to be able to work with Guava 24.1.1, so setting that
as the minimum version seems the safest course of action right now.

Run Details

4107 of 4580 relevant lines covered (89.67%)

0.9 hits per line

Jobs

ID	Job ID	Ran	Files	Coverage
1	#669.1	29 Dec 2021 06:01PM UTC	0	89.67

Source Files on build #669

Detailed source file information is not available for this build.

uber / NullAway / #669
93%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build #669

uber / NullAway / #669 93%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build #669

uber / NullAway / #669
93%

README BADGES
x