-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update json to 2.3.0 #52
Conversation
A much needed PR 👍 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good!
@xiaowei-routific Any plan on merging this and releasing a new version of the gem this week? Thanks! |
@rakibulislam |
Thank you @xiaowei-routific Looking forward to it 🥇 |
sorry to be so negative but the way you guys communicate is quite negative for open source.
In the meantime we as paying customers keep exposed for this vulnerability so our only option is to have to maintain an internal version of the gem. I hope you re-evaluate how you work on this repository and with the community, specially with clients |
@xiaowei-routific Thanks for merging this PR. Any plan on releasing a new version of the gem anytime soon? Otherwise, we have to use directly from the github master branch! Please let us know. Thanks! |
@rakibulislam Sorry to get back to you a little late. |
@mauromorales just wanted to say thanks for your feedback here. Your feedback helped trigger an internal discussion and we agreed we've been pretty lousy with maintaining some of these open source projects in the past. We're taking steps to more actively manage these projects in our day to day activities. We value what the open source community embodies and are committed to being better players in it. |
@kvvok I'm really glad this is the case :) Also, for security updates I'd recommend setting up GitHub's dependabot |
Description
This is the PR to addresses security vulnerability CVE-2020-10663 as suggested in
#51 by @mauromorales
All tests passed.