Releasing Next version with JSONPath-Plus vulnerability fix #410
Closed
prateekopengov
started this conversation in
General
Replies: 1 comment 2 replies
-
|
You'll need to upgrade to the latest major version of json-rules-engine (7.3.0) and you'll see the latest fixed version of jsonpath-plus |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
Thanks you for the reply but it is not yet categorised as released version and is not available in release tag. Is it safe to adopt to this version? |
Beta Was this translation helpful? Give feedback.
-
|
Ignore what's in GitHub - NPM is the release system of record - https://www.npmjs.com/package/json-rules-engine |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
There is a critical VULNERABILITY reported in JSONPath-Plus in current released version. When are we planning to release the upgraded dependency?
I can see currently it is been upgraded in master and v8.
Beta Was this translation helpful? Give feedback.
All reactions