upgrade dep golang.org/x/text to fix CVE vulnerability
ilmanzo opened this issue · comments
Andrea Manzini commented
last release v1.1.2 ships with a vulnerable dependency; see
https://www.cve.org/CVERecord?id=CVE-2021-38561
https://nvd.nist.gov/vuln/detail/CVE-2021-38561
it is possible to plan a new release with updated deps? Thanks!