Closed mvforster closed 4 months ago
Hi thank you for reporting this! I'll have a look how much work this would be
(Sorry for the long wait, it seems like the notification for your issue got lost in between all other notifications :grin:)
Thanks for the prompt action, @nvnieuwk :) I get that notifications can get lost. I can see that the patch is well underway.
I hope it doesn't break anything.
It's looking fine at the moment. All tests seem to pass :). People can still revert back to v2.0.0 if it causes issues
The fix has been implemented in version 2.0.1 :partying_face:
Thanks for the prompt action :confetti_ball:
Following the inclusion of your plugin within a NextFlow (24.04.2) container that I am building, a scan of the container detected an issue with the org.json/json 20230227 package.
The associated CVES is lined here which is a duplicate of this issue and has been reported to be fixed by this Pull Request
The vulnerability was reported by Docker Scout v1.8.0.
Would it be possible to patch this vulnerability in nf-schema? I am keen to use nf-schema as part of my workflow but will not be able to do so until the vulnerability has been patched.
Many thanks for your assistance with this.