nlohmann / json

JSON for Modern C++
https://json.nlohmann.me
MIT License
42.97k stars 6.72k forks source link

Security vulnerability in dependency: future 0.18.2 #3922

Closed faxu closed 1 year ago

faxu commented 1 year ago

Description

See: https://github.com/PythonCharmers/python-future/issues/612

Can this component dependency be removed? From conversation in the thread, it looks like that project is no longer actively maintained and won't have any future releases.

Reproduction steps

The issue was flagged by our security scanning tool due to the dependency chain. Here is the problematic dependency: https://github.com/nlohmann/json/blob/develop/docs/mkdocs/requirements.txt#L6

Expected vs. actual results

Need to resolve security vulnerability.

Minimal code example

No response

Error messages

No response

Compiler and operating system

n/a

Library version

v3.10.5

Validation