Merge pull request #37 from nextflow-io/fix-json-vulnerability

Fix org.json vulnerability
nextflow-io · Jul 4, 2024 · 9038603 · 9038603
2 parents 52da183 + b66ba99
commit 9038603
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # nextflow-io/nf-schema: Changelog
 
+# Version 2.0.1 - Tsukemen
+
+## Vulnerability fix
+
+1. Updated the org.json package to version `20240303`.
+
 # Version 2.0.0 - Kagoshima
 
 To migrate from nf-validation please follow the [migration guide](https://nextflow-io.github.io/nf-schema/latest/migration_guide/)

diff --git a/plugins/nf-schema/build.gradle b/plugins/nf-schema/build.gradle
@@ -54,7 +54,7 @@ dependencies {
     compileOnly "io.nextflow:nextflow:$nextflowVersion"
     compileOnly 'org.slf4j:slf4j-api:1.7.10'
     compileOnly 'org.pf4j:pf4j:3.4.1'
-    implementation 'org.json:json:20230227'
+    implementation 'org.json:json:20240303'
     implementation 'dev.harrel:json-schema:1.5.0'
 
     // test configuration

diff --git a/plugins/nf-schema/src/resources/META-INF/MANIFEST.MF b/plugins/nf-schema/src/resources/META-INF/MANIFEST.MF
@@ -1,6 +1,6 @@
 Manifest-Version: 1.0
 Plugin-Id: nf-schema
-Plugin-Version: 2.0.0
+Plugin-Version: 2.0.1
 Plugin-Class: nextflow.validation.ValidationPlugin
 Plugin-Provider: nextflow
 Plugin-Requires: >=22.10.0