Merge pull request #172 from adamrtalbot/37_fix_org_json_vulnerability

Fix vulnerability to org.json package by upgrading to v20240303
nextflow-io · Jul 5, 2024 · 0edaedf · 0edaedf
2 parents 35fa8d6 + 3af43e4
commit 0edaedf
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # nextflow-io/nf-validation: Changelog
 
+# Version 1.1.4
+
+## Vulnerability fix
+
+- Updated the org.json package to version `20240303` ([#172](https://github.com/nextflow-io/nf-validation/pull/172))
+
 # Version 1.1.3 - Asahikawa
 
 ## Improvements

diff --git a/plugins/nf-validation/build.gradle b/plugins/nf-validation/build.gradle
@@ -55,7 +55,8 @@ dependencies {
     compileOnly 'org.slf4j:slf4j-api:1.7.10'
     compileOnly 'org.pf4j:pf4j:3.4.1'
     api 'com.github.everit-org.json-schema:org.everit.json.schema:1.14.1'
-
+    implementation 'org.json:json:20240303'
+
     // test configuration
     testImplementation "io.nextflow:nextflow:$nextflowVersion"
     testImplementation "org.codehaus.groovy:groovy:$groovyVersion"