nvnieuwk
commented
2 months ago Hi thank you for reporting this! I'll have a look how much work this would be
Closed mvforster closed 2 months ago
nvnieuwk
commented
2 months ago Hi thank you for reporting this! I'll have a look how much work this would be
nvnieuwk
commented
2 months ago (Sorry for the long wait, it seems like the notification for your issue got lost in between all other notifications :grin:)
mvforster
commented
2 months ago Thanks for the prompt action, @nvnieuwk :) I get that notifications can get lost. I can see that the patch is well underway.
I hope it doesn't break anything.
nvnieuwk
commented
2 months ago It's looking fine at the moment. All tests seem to pass :). People can still revert back to v2.0.0 if it causes issues
nvnieuwk
commented
2 months ago The fix has been implemented in version 2.0.1 :partying_face:
mvforster
commented
2 months ago Thanks for the prompt action :confetti_ball:
Following the inclusion of your plugin within a NextFlow (24.04.2) container that I am building, a scan of the container detected an issue with the org.json/json 20230227 package.
The associated CVES is lined here which is a duplicate of this issue and has been reported to be fixed by this Pull Request
The vulnerability was reported by Docker Scout v1.8.0.
Would it be possible to patch this vulnerability in nf-schema? I am keen to use nf-schema as part of my workflow but will not be able to do so until the vulnerability has been patched.
Many thanks for your assistance with this.