search

yetanalytics / lrs

Protocols, specifications, and logic for building an xAPI Learning Record Store (LRS) in Clojure(Script).
https://www.yetanalytics.com/lrs
Apache License 2.0
4 stars 1 forks source link

Address CVEs in lrs lib #72

Closed kelvinqian00 closed 2 years ago

kelvinqian00 commented 2 years ago

Update cheshire and ring libraries to their latest versions in order to address CVE-2020-28491 and CVE-2021-29425, respectively.

(NOTE: There are still CVEs from ClojureScript, but they cannot be eliminated via updating and they don't affect Clojure downstream apps.)

milt commented 2 years ago

BTW, feel free to cut a new release when you merge this, I might be elsewhere