EliyaC / SecurityShepherd

Web and mobile application security training platform
https://owasp.org/www-project-security-shepherd/
GNU General Public License v3.0
0 stars 0 forks source link

Update dependency org.json:json to v20230227 - autoclosed #68

Closed mend-for-github-com[bot] closed 11 months ago

mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.json:json 20180130 -> 20230227 age adoption passing confidence

By merging this PR, the issue #67 will be automatically resolved and closed:

Severity CVSS Score CVE
High High 7.5 CVE-2022-45688

Release Notes

douglascrockford/JSON-java ### [`v20230227`](https://togithub.com/stleary/JSON-java/releases/tag/20230227) [Compare Source](https://togithub.com/douglascrockford/JSON-java/compare/20220924...20230227) | Pull Request | Description | |---------------|--------------| | [#​723](https://togithub.com/douglascrockford/JSON-java/issues/723) | Protect JSONML from stack overflow exceptions caused by recursion | | [#​720](https://togithub.com/douglascrockford/JSON-java/issues/720) | Limit the XML nesting depth for CVE-2022-45688 | | [#​711](https://togithub.com/douglascrockford/JSON-java/issues/711) | Revert pull 707 - interviewbit spam | | [#​704](https://togithub.com/douglascrockford/JSON-java/issues/704) | Move javadoc comments above the interface definition to make it visible | | [#​703](https://togithub.com/douglascrockford/JSON-java/issues/703) | Update Releases.md for JSONObject(Map): Throws NPE if key is null | | [#​696](https://togithub.com/douglascrockford/JSON-java/issues/696) | Update JSONPointerTest for NonDex compatibility | | [#​694](https://togithub.com/douglascrockford/JSON-java/issues/694) | Pretty print XML | | [#​692](https://togithub.com/douglascrockford/JSON-java/issues/692) | Example.md syntax highlight and indentation | | [#​691](https://togithub.com/douglascrockford/JSON-java/issues/691) | Create unit tests for various number formats | ### [`v20220924`](https://togithub.com/stleary/JSON-java/releases/tag/20220924) [Compare Source](https://togithub.com/douglascrockford/JSON-java/compare/20220320...20220924) | Pull Request | Description | |---------------|--------------| | [#​688](https://togithub.com/douglascrockford/JSON-java/issues/688) | Update copyright to Public Domain | | [#​687](https://togithub.com/douglascrockford/JSON-java/issues/687) | Fix a typo | | [#​685](https://togithub.com/douglascrockford/JSON-java/issues/685) | JSONObject map type unit tests | | [#​684](https://togithub.com/douglascrockford/JSON-java/issues/684) | Remove v7 build from pipeline | | [#​682](https://togithub.com/douglascrockford/JSON-java/issues/682) | JSONString similarity | | [#​675](https://togithub.com/douglascrockford/JSON-java/issues/675) | [https://github.com/stleary/JSON-java/pull/675](https://togithub.com/stleary/JSON-java/pull/675) | ### [`v20220320`](https://togithub.com/stleary/JSON-java/releases/tag/20220320) [Compare Source](https://togithub.com/douglascrockford/JSON-java/compare/20211205...20220320) | Pull Request | Description | |---------------|--------------| | [#​660](https://togithub.com/douglascrockford/JSON-java/issues/660) | Wrap StackOverflow with JSONException | ### [`v20211205`](https://togithub.com/stleary/JSON-java/releases/tag/20211205) [Compare Source](https://togithub.com/douglascrockford/JSON-java/compare/20210307...20211205) | Pull Request | Description | |---------------|--------------| | [#​651](https://togithub.com/douglascrockford/JSON-java/issues/651) | IdentityHashSet for JSONObject cycle detection | | [#​646](https://togithub.com/douglascrockford/JSON-java/issues/646) | XMLParserConfiguration defined json arrays option | | [#​645](https://togithub.com/douglascrockford/JSON-java/issues/645) | Handle circular references in Java beans | | [#​640](https://togithub.com/douglascrockford/JSON-java/issues/640) | Unit tests for multiple backslashes in JSONPointer | | [#​637](https://togithub.com/douglascrockford/JSON-java/issues/637) | Reorganized README.md | | [#​634](https://togithub.com/douglascrockford/JSON-java/issues/634) | Update README with Unix examples | | [#​631](https://togithub.com/douglascrockford/JSON-java/issues/631) | Refactor JSONPointerTest | | [#​626](https://togithub.com/douglascrockford/JSON-java/issues/626) | Add CODE_OF_CONDUCT.md | | [#​622](https://togithub.com/douglascrockford/JSON-java/issues/622) | Clean up readme.md | | [#​621](https://togithub.com/douglascrockford/JSON-java/issues/621) | Clean up comments | | [#​617](https://togithub.com/douglascrockford/JSON-java/issues/617) | JSONObject.similar() numeric compare bug fix | | [#​613](https://togithub.com/douglascrockford/JSON-java/issues/613) | JsonObject.similar() number entry check bug fix | | [#​610](https://togithub.com/douglascrockford/JSON-java/issues/610) | optJSONObject() add default value | | [#​607](https://togithub.com/douglascrockford/JSON-java/issues/607) | Add Security.md policy page | | [#​606](https://togithub.com/douglascrockford/JSON-java/issues/606) | Clean up comments, add suppressWarning annotation | | [#​604](https://togithub.com/douglascrockford/JSON-java/issues/604) | Fixed incorrect cast getting float from array | | [#​601](https://togithub.com/douglascrockford/JSON-java/issues/601) | Added Examples.md for new users | | [#​594](https://togithub.com/douglascrockford/JSON-java/issues/594) | JSONStringer.java: fix max nesting level in javadoc | ### [`v20210307`](https://togithub.com/stleary/JSON-java/releases/tag/20210307) [Compare Source](https://togithub.com/douglascrockford/JSON-java/compare/20201115...20210307) | Pull Request | Description | |---------------|--------------| | [#​575](https://togithub.com/douglascrockford/JSON-java/issues/575) | Fix similar compare numbers | | [#​577](https://togithub.com/douglascrockford/JSON-java/issues/577) | Added clear() methods to JSONObject and JSONArray | | [#​581](https://togithub.com/douglascrockford/JSON-java/issues/581) | Use built-in Gradle shorthand notation for Maven Central repository | | [#​583](https://togithub.com/douglascrockford/JSON-java/issues/583) | Checked the length of key for checker framework | | [#​588](https://togithub.com/douglascrockford/JSON-java/issues/588) | JSONPointer should not process reverse solidus or double-quote chars in tokens | **NOTE:** [#​588](https://togithub.com/douglascrockford/JSON-java/issues/588) is a potentially breaking change to JSONPointer. Embedded double quote and backslash chars are now handled differently (they are basically ignored by the JSONPointer parser). If this causes problems to your project, post an issue on the JSON-Java GitHub page. ### [`v20201115`](https://togithub.com/stleary/JSON-java/releases/tag/20201115) [Compare Source](https://togithub.com/douglascrockford/JSON-java/compare/20200518...20201115) | Pull Request | Description | |---------------|--------------| | [#​515](https://togithub.com/douglascrockford/JSON-java/issues/515) | Merge tests and pom and code | | [#​519](https://togithub.com/douglascrockford/JSON-java/issues/519) | Gradle support | | [#​521](https://togithub.com/douglascrockford/JSON-java/issues/521) | Updates Cookie class to be more generic in attribute parsing and emit | | [#​524](https://togithub.com/douglascrockford/JSON-java/issues/524) | JSONArray does not have constructor to allocate the specified initial capacity | | [#​525](https://togithub.com/douglascrockford/JSON-java/issues/525) | Unit test fixes | | [#​526](https://togithub.com/douglascrockford/JSON-java/issues/526)| Comment out some broken unit tests | | [#​527](https://togithub.com/douglascrockford/JSON-java/issues/527) | Fixes for Unit tests and supports GitHub Actions | | [#​529](https://togithub.com/douglascrockford/JSON-java/issues/529) | Added putAll(Collection) and putAll(Array) methods | | [#​532](https://togithub.com/douglascrockford/JSON-java/issues/532) | Verifies BigDecimal support does not have a regression| | [#​538](https://togithub.com/douglascrockford/JSON-java/issues/538) | Explain local builds in the readme, fix a couple of typos | | [#​539](https://togithub.com/douglascrockford/JSON-java/issues/539) | Bring Junit tests to Java 1.6 compatibility | | [#​540](https://togithub.com/douglascrockford/JSON-java/issues/540) | Added type conversion support | | [#​542](https://togithub.com/douglascrockford/JSON-java/issues/542) | Fix xml hex entity parse | | [#​543](https://togithub.com/douglascrockford/JSON-java/issues/543) | Refactor XMLConfiguration to use Builder Pattern | | [#​549](https://togithub.com/douglascrockford/JSON-java/issues/549) | Update readme.md | | [#​552](https://togithub.com/douglascrockford/JSON-java/issues/552) | Updates for JSONArray.putAll methods | | [#​570](https://togithub.com/douglascrockford/JSON-java/issues/570) | Readme - fix spelling and usage, per Grammarly | ### [`v20200518`](https://togithub.com/stleary/JSON-java/releases/tag/20200518) [Compare Source](https://togithub.com/douglascrockford/JSON-java/compare/20190722...20200518) | Pull Request | Description | |---------------|--------------| | [#​502](https://togithub.com/douglascrockford/JSON-java/issues/502) | Update JSONTokener text in README | | [#​499](https://togithub.com/douglascrockford/JSON-java/issues/499) | Add copyright to some files | | [#​495](https://togithub.com/douglascrockford/JSON-java/issues/495) | Refactor typos from code | | [#​494](https://togithub.com/douglascrockford/JSON-java/issues/494) | Replace JSONObject constructor string arrays with var args | | [#​492](https://togithub.com/douglascrockford/JSON-java/issues/492) | Clarify output of JSONArray toList() | | [#​486](https://togithub.com/douglascrockford/JSON-java/issues/486) | Standardize some exception messages | | [#​485](https://togithub.com/douglascrockford/JSON-java/issues/485) | Fix EOF error when Meta tag isn't closed at end of input. | | [#​483](https://togithub.com/douglascrockford/JSON-java/issues/483) | Update README.md to point to latest released jar | | [#​481](https://togithub.com/douglascrockford/JSON-java/issues/481) | Clarify exception when parser reads JSON | | [#​475](https://togithub.com/douglascrockford/JSON-java/issues/475) |Make private methods static where possible | | [#​474](https://togithub.com/douglascrockford/JSON-java/issues/474) | Replaces an internally used inefficient StringBuffer class | ### [`v20190722`](https://togithub.com/stleary/JSON-java/releases/tag/20190722) [Compare Source](https://togithub.com/douglascrockford/JSON-java/compare/20180813...20190722) | Pull Request | Description | |---------------|--------------| | [#​467](https://togithub.com/douglascrockford/JSON-java/issues/467) | add configuration for xsi:nil="true" conversion to null | | [#​452](https://togithub.com/douglascrockford/JSON-java/issues/452) | Adds check for EOF | | [#​440](https://togithub.com/douglascrockford/JSON-java/issues/440) | Corrections to BigDecimal consistency | | [#​432](https://togithub.com/douglascrockford/JSON-java/issues/432)|Update README.md | |[#​421](https://togithub.com/douglascrockford/JSON-java/issues/421) |add isEmpty and isNotEmpty methods | |[#​417](https://togithub.com/douglascrockford/JSON-java/issues/417) |fix double ctor in JSONWriter | |[#​412](https://togithub.com/douglascrockford/JSON-java/issues/412) |Initial implementation of XMLParserConfig object for flexible XML Parsing | | [#​407](https://togithub.com/douglascrockford/JSON-java/issues/407) | Fix for invalid processing of trailing / for JSON Pointer | | [#​406](https://togithub.com/douglascrockford/JSON-java/issues/406) | Adds annotations to customize field names during Bean serialization | ### [`v20180813`](https://togithub.com/stleary/JSON-java/releases/tag/20180813) [Compare Source](https://togithub.com/douglascrockford/JSON-java/compare/20180130...20180813) Pull Request | Description \---- | ---- [#​405](https://togithub.com/douglascrockford/JSON-java/issues/405) | Update javadoc to match actual exceptions thrown. **BREAKING CHANGE:** JSONObject(Map) now throws an exception if any of a map keys are null. | [#​403](https://togithub.com/douglascrockford/JSON-java/issues/403) | Ignore Intellij Idea project files [#​400](https://togithub.com/douglascrockford/JSON-java/issues/400) | XML toJSONObject(Reader reader)