presto
presto copied to clipboard
prestodb
Update com.jayway.jsonpath:json-path from 2.6.0 to 2.9.0.
Description
There are several required fixes between 2.6.0 to 2.9.0.
There is a fix for for CVE-2023-51074.
Refer https://github.com/json-path/JsonPath/releases/tag/json-path-2.9.0
Motivation and Context
Keeping up to date with latest packages important from security perspective as well as the functional changes mentioned above
Impact
None
Test Plan
All UTs are running fine
Contributor checklist
- [x] Please make sure your submission complies with our development, formatting, commit message, and attribution guidelines.
- [x] PR description addresses the issue accurately and concisely. If the change is non-trivial, a GitHub Issue is referenced.
- [x] Documented new properties (with its default value), SQL syntax, functions, or other functionality.
- [x] If release notes are required, they follow the release notes guidelines.
- [x] Adequate tests were added if applicable.
- [x] CI passed.
Release Notes
Please follow release notes guidelines and fill in the release notes below.
== RELEASE NOTES ==
Security Changes
* Upgrade json-path from 2.6.0 to 2.9.0.
Nit: suggest changing the current release note entry as follows, based on the release notes guidelines:
== RELEASE NOTES ==
Security Changes
* Upgrade json-path from 2.6.0 to 2.9.0.
Nit: suggest changing the current release note entry as follows, based on the release notes guidelines:
== RELEASE NOTES == Security Changes * Upgrade json-path from 2.6.0 to 2.9.0.
Done
@skairali can you comb the release notes to inspect anything relevant for Presto? It's not clear if there's a breaking change between releases. Thanks!
