Skip to content

Commit e18f865

Browse files
coreydaleyknowacki23
coreydaley
and
knowacki23
authored
chore(deps): bump jsonpath-plus to ^10.0.0 to mitigate CVE-2024-21534 (#1058)
* chore(deps): update dependency jsonpath-plus to 10.0.0 due to vulnerability Signed-off-by: Nowacki, Kacper <[email protected]> * adding changeset --------- Signed-off-by: Nowacki, Kacper <[email protected]> Co-authored-by: knowacki23 <[email protected]>
1 parent dd8c9e8 commit e18f865

File tree

3 files changed

+39
-3
lines changed

3 files changed

+39
-3
lines changed

.changeset/new-ears-clap.md

+6
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
---
2+
"@asyncapi/multi-parser": minor
3+
"@asyncapi/parser": minor
4+
---
5+
6+
Updating jsonpath-plus dependency to mitigate CVE-2024-21534

package-lock.json

+32-2
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

packages/parser/package.json

+1-1
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@
5959
"ajv-formats": "^2.1.1",
6060
"avsc": "^5.7.5",
6161
"js-yaml": "^4.1.0",
62-
"jsonpath-plus": "^7.2.0",
62+
"jsonpath-plus": "^10.0.0",
6363
"node-fetch": "2.6.7"
6464
},
6565
"devDependencies": {

0 commit comments

Comments
 (0)