Preparing security release 0.19.0

rojopolis · Dec 18, 2021 · 6bd73f6 · 6bd73f6
1 parent c0b232c
commit 6bd73f6
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Change Log for spellcheck-github-actions
 
+## 0.19.0, 2021-12-18, security release , update recommended
+
+- Requirement [lxml](https://pypi.org/project/lxml/) updated from 4.6.3 to 4.6.5 via PR [#71](https://github.com/rojopolis/spellcheck-github-actions/pull/71) from @snyk-bot. This addresses a security, cross-site scripting vulnerability (XSS) in the [lxml](https://pypi.org/project/lxml/) library, see [SNYK-PYTHON-LXML-2316995](https://security.snyk.io/vuln/SNYK-PYTHON-LXML-2316995)
+
+- Docker image updated to Python 3.10.1 slim via PR [#70](https://github.com/rojopolis/spellcheck-github-actions/pull/70) from @dependabot
+
 ## 0.18.0, 2021-10-31 feature release, update not required
 
 - This release introduces an enhancement or new feature if your will, implemented by @riccardoporreca via PR [#67](https://github.com/rojopolis/spellcheck-github-actions/pull/67). The enhancement takes advantage of the ability to [make annotations on actions](https://docs.github.com/en/actions/learn-github-actions/workflow-commands-for-github-actions#setting-an-error-message), so you can from the action overview see an annotation indicating the error by the emitted error message from the action

diff --git a/wordlist.txt b/wordlist.txt
@@ -70,3 +70,6 @@ Petrik
 riccardoporreca
 Porreca
 Riccardo
+SNYK
+XSS
+snyk
-Original file line number
+Diff line change
@@ Expand Up / @@ -70,3 +70,6 @@ Petrik @@
     riccardoporreca
     Porreca
     Riccardo
+    SNYK
+    XSS
+    snyk