3. Updated jsreport.Client

Updated jsreport.Client

  • N

    Hi,

    Are there any plans to publish an updated jsreport.Client package? Our vulnerability scanning is reporting that version 3.8.1 has a dependency on System.Text.RegularExpressions 4.3.0 which has a known vulnerability. It's not a critical vulnerability but it would be nice to have it not show up, so if there is any thought to publishing a new jsreport.Client, can it include the dependency update?

    Cheers,
    Neil.

    0

  • I apologize if I missed something. It’s been a long time since I last worked with .NET...
    I don't see the jsreport.Client would be dependent on the System.Text.RegularExpressions

    Could you check the following?

    dotnet list package --include-transitive
dotnet list package --vulnerable --include-transitive
    0
Log in to reply
 

Looks like your connection to jsreport forum was lost, please wait while we try to reconnect.