JSON-PATH 2.4.0 has vulnerabilities, any eta for a new release with 2.9.0?

stleary / JSON-java

A reference implementation of a JSON package in Java.

http://stleary.github.io/JSON-java/index.html

Other

4.54k stars 2.56k forks source link

JSON-PATH 2.4.0 has vulnerabilities, any eta for a new release with 2.9.0? #909

Closed gabesalvador closed 2 weeks ago

gabesalvador commented 1 month ago

Today i got a fail security check in Fortify due to the vulnerabilities in JSON-PATH 2.4.0, any ETA on when the new release is coming with JSON-PATH bumped to 2.9.0?

stleary commented 1 month ago

@gabesalvador I will take care of this before the end of the week (Sunday, not Friday)

stleary commented 2 weeks ago

Closing due to issue fixed in #894. The next release will hopefully be completed this month.