Bump jmespath from 1.5.0 to 1.6.1

Description

CVE-2022-32511
jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable.

Testing

Make sure you can upload/delete a pseud icon.

Activity

Show:

Sarken
June 22, 2022 at 1:36 AM

Uploaded and deleted a pseud icon successfully.

redsummernight
June 22, 2022 at 12:50 AM

I can upload and delete pseud icons just fine. Looks good.

redsummernight
June 14, 2022 at 11:15 PM

Updated testing instructions to just check pseud icons for now.

ticking instant
June 9, 2022 at 12:44 AM

Make sure you can upload/delete a pseud or collection icon.

It might be good to avoid changing collection icons on staging until https://otwarchive.atlassian.net/browse/AO3-6324 is fixed.

Sarken
June 7, 2022 at 10:50 PM

https://github.com/otwcode/otwarchive/pull/4257

Resize issue view side panel

DeployedToBeta

Details

Assignee

Unassigned

Reporter

Sarken

Roadmap

Misc

Priority

Medium

Affects versions

0.9.320

Fix versions

0.9.322

Components

Gems

Difficulty

Medium

Milestone

Internal 0.9

Sentry

Created June 7, 2022 at 10:50 PM

Updated July 9, 2022 at 8:05 AM

Resolved July 9, 2022 at 8:05 AM