Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace capirca dependency with aerleon #237

Open
wants to merge 3 commits into
base: develop
Choose a base branch
from
Open

Replace capirca dependency with aerleon #237

wants to merge 3 commits into from

Conversation

sdoiron0330
Copy link

Closes #236

What's Changed

Removed capirca from dependencies
Added aerleon as a dependency
Replaced all references of capirca with aerleon

@jdrew82
Copy link
Contributor

jdrew82 commented Apr 12, 2024

@sdoiron0330 I'm pretty sure this would be a breaking change. What's the impetus behind switching to Aerleon?

@sdoiron0330
Copy link
Author

capirca has had an open vulnerability for not using yaml.safe_load as they parse those files. honestly, it's unclear to me if they've actually fixed that vulnerability or if they just haven't properly documented that it's been fixed. either way, the code scanners that my customer is using says that capirca is not allowed due to said vulnerability. aerleon was discussed as a potential swap as it is a fork of capirca that looks to have been created because of the difficulty to move things forward in capirca

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@itdependsnetworks itdependsnetworks Awaiting requested review from itdependsnetworks itdependsnetworks is a code owner

@jdrew82 jdrew82 Awaiting requested review from jdrew82 jdrew82 is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Replace Capirca dependency with Aerleon
2 participants
@sdoiron0330 @jdrew82