Releasing Next version with JSONPath-Plus vulnerability fix #410
Closed
prateekopengov
started this conversation in
General
Replies: 1 comment 2 replies
-
|
You'll need to upgrade to the latest major version of json-rules-engine (7.3.0) and you'll see the latest fixed version of jsonpath-plus |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
Thanks you for the reply but it is not yet categorised as released version and is not available in release tag. Is it safe to adopt to this version? |
Beta Was this translation helpful? Give feedback.
-
|
Ignore what's in GitHub - NPM is the release system of record - https://www.npmjs.com/package/json-rules-engine |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
There is a critical VULNERABILITY reported in JSONPath-Plus in current released version. When are we planning to release the upgraded dependency?
I can see currently it is been upgraded in master and v8.
Beta Was this translation helpful? Give feedback.
All reactions