jasmith-hs
commented
5 months ago We do not maintain full feature or security parity with jinja, but I did add a fix for that vulnerability: https://github.com/HubSpot/jinjava/pull/1179
Jinjava is open source and we welcome contributions to match functionality from jinja
filiagees
Hi team,
I would like to know how often jinjava receives any fixes developed by the upstream jinja project, please.
For example: Are the current version of jinjava affected by vulnerability https://github.com/advisories/GHSA-h75v-3vvj-5mfj ?
It was fixed 2d ago, in Jinja's release 3.1.4. But, it's not clear to me when the fix will arrive here, too.
Any information would be helpful. If I'm lacking some context, please, point me in the right direction :)
Best Regards