Open lowecg opened 3 months ago
Thanks for reporting! We want to use latest Jackson version for security updates. Could you look the Release Notes of Jackson (https://github.com/FasterXML/jackson/wiki/Jackson-Releases) to see if there are options how to manage how this works now.
There's a change in behaviour between 0.3.8 and 0.3.9 with how errors are reported in the exception message. The source is now redacted from the error message.
That seems like a more secure default, but is there a way to control this in the options to get the same behaviour as before?
0.3.8
0.3.9
A likely cause is that the jackson deps have jumped and I'm not sure if that was intentional or not. I only say this because the 0.3.9 release notes say that you use 2.15.2 even though 2.17.1 is available, but jsonista's definitely using 2.17.1 now.
0.3.8
0.3.9