Hello there! I wanted to open a new issue for visibility, following up on #10. Unfortunately, the version of TestNG which Dependabot created a PR for was 7.5.1, rather than the semantically newer 7.7.1 or 7.8.0. CVE-2022-4065 is fixed in versions > 7.7.0, so is there any chance you'd be able to update TestNG further to either 7.7.1 or 7.8.0? I can submit a PR if it would be helpful, but hopefully this should be a trivial change.
Hello there! I wanted to open a new issue for visibility, following up on #10. Unfortunately, the version of TestNG which Dependabot created a PR for was 7.5.1, rather than the semantically newer 7.7.1 or 7.8.0. CVE-2022-4065 is fixed in versions > 7.7.0, so is there any chance you'd be able to update TestNG further to either 7.7.1 or 7.8.0? I can submit a PR if it would be helpful, but hopefully this should be a trivial change.