Upgrade jsonpointer to address security vulnerability

mafintosh / is-my-json-valid

A JSONSchema validator that uses code generation to be extremely fast

MIT License

965 stars 111 forks source link

Upgrade jsonpointer to address security vulnerability #188

Closed axelniklasson closed 3 years ago

axelniklasson commented 3 years ago

Addresses CVE-2021-23807 through upgrading jsonpointer to > v5.0.0

Fixes #189

axelniklasson commented 3 years ago

@mafintosh CI doesn't seem to be running here but tests are passing locally so I figured I'd raise the PR. Let me know if there are any other steps I should take before it could be merged -- thanks!

LinusU commented 3 years ago

It wasn't easy to find out what has changed, but it seems like it doesn't actually have any breaking changes:

https://github.com/janl/node-jsonpointer/compare/v4.1.0...v5.0.0 https://github.com/janl/node-jsonpointer/pull/56

LinusU commented 3 years ago

Released as 2.20.6 :shipit:

axelniklasson commented 3 years ago

Thanks for the quick turnaround @LinusU 💯