Security Patch updates for this wrapper package too?

[pstevovski]

Recently the TinyMCE package for versions 5.x.x and 6.x.x has received a security patch update to fix some vulnerability with the undo/redo actions.

Will this package, as it is the official one that acts as React wrapper around the base TinyMCE package, get those updates as well? And if so, is there any timeline where we can expect them?

The latest version update for this package was around 9 months ago. Is this being held up-to-date?

================

Edit: I just noticed that even though the tinymce-react package that I'm using hasn't been updated in 9 months, when the text editor initialises the version that it uses is 6.7.1 - does the editor picks up the latest version available on the fly after being initialised and connected to your servers?

[exalate-issue-sync[bot]]

Internal Ref: INT-3245

[Afraithe]

Yes, the wrapper loads from the cloud so you should have the latest.