-
Notifications
You must be signed in to change notification settings - Fork 504
Releasing Next version with JSONPath-Plus vulnerability fix #410
-
There is a critical VULNERABILITY reported in JSONPath-Plus in current released version. When are we planning to release the upgraded dependency?
I can see currently it is been upgraded in master and v8.
Beta Was this translation helpful? Give feedback.
All reactions
Replies: 1 comment 2 replies
-
You'll need to upgrade to the latest major version of json-rules-engine (7.3.0) and you'll see the latest fixed version of jsonpath-plus
Beta Was this translation helpful? Give feedback.
All reactions
-
Thanks you for the reply but it is not yet categorised as released version and is not available in release tag. Is it safe to adopt to this version?
Beta Was this translation helpful? Give feedback.
All reactions
-
Ignore what's in GitHub - NPM is the release system of record - https://www.npmjs.com/package/json-rules-engine
Beta Was this translation helpful? Give feedback.
All reactions
-
👍 1