flutterrexmldependabotaddressable-gem
rexml and addressable security vulnerabilities in Flutter
I have a Flutter project currently in production, and I have seen a while ago two security vulnerabilities pop up in dependabot, see below:
I am not really acquainted with native code, so am unsure on how to fix these dependencies.
Apart from waiting for packages owners to update their libraries, is there a way for me to force a minimum version for the Gemfile?
Solution
Found the issue, it was not related to native code, nor to Flutter code. All was tied to Fastlane and its subdependecies (I use firebase_app_distribution and upload_to_browserstack_app_live packages)
In order to fix, for anyone stumbling upon this question, do these steps:
- Makes sure to have the latest fast lane version (
fast lane update_fastlane) - Update the locally installed gems (
bundle update) - Go to each directory that you have Fastlane installed in (android and iOS in my case), and run
fastlane update_plugins.
This should upgrade the packages to the latest versions, hopefully that have fixed the security vulnerabilities.
- Flutter flavor build from Xcode different main.dart
- flutter fatal: early EOF invalid index-pack output
- Flutter get image from firebase storage and show it in app
- Flutter does not show any results
- Hide keyboard on scroll in Flutter
- Is there a way to add a background image to a flutter app widescale?
- flutter how to get rid of a icon padding?
- Flutter - Datatable - How to set a background color for heading / first row?
- Why does adding this Flutter widget make the app not responsive to mouse clicks?
- "flutterfire configure" command won't let me type in a package name
- Video Player plugin for Flutter not working correctly when deploy to Firebase hosting
- How to convert asset image to File?
- How to give a "Dashed Border" in flutter?
- As demanded by Google, since I moved to `targetSdkVersion` 34 (from 33) , my app crashes
- Why those two switch blocks are not equivalent?
- Getting Error while Dexing. after upgrading flutter to 3.19.0
- packages have newer versions incompatible with dependency constraints
- White space get converted to + in url_launcher mailto scheme | Flutter
- Does the photoURL property of FIrebase Auth user object update in realtime over multiple devices?
- why flutter_fortune_wheel always run instantly after page open?
- Where do I find the Flutter web environment declarations in Chrome?
- Missing Run And Debug Launch Configuration button in VS Code
- Unable to use a Callable Cloud Function in Flutter
- TextInputAction.next not going to next field when has a suffixIcon in Flutter
- flutter doctor --android-licenses does not work
- Flutter: How to use Stack Widget in Listview
- Flutter Firebase and Android issue - unable to initialise. Cannot find google-services.json with latest (sept 2020) migration instructions executed
- FirebaseCommandException: An error occured on the Firebase CLI when attempting to run a command
- Target debug_ios_bundle_flutter_assets failed:
- Flutter - Handle status code 302 in POST request