This is not the same case and needs more attention before deciding to dismiss
the alert or not.
Le 27/09/2024 à 17:02, Jacques Le Roux a écrit :
Hi Nicolas,
I'll have a look. I crossed something similar that I resolved (just by trying
again) last evening.
Jacques
Le 27/09/2024 à 15:43, Nicolas Malin a écrit :
Hello,
I wish to have your return on strange case for me :D .
After review the PR 833 like to the jira OFBIZ-13133 Allow to use GroovyDsl in
FlexibleStringExpander [2], I'm faced with a github security alert.
The alert is on code already present in OFBiz where the PR just extend it.
If some kind other people can have a look and confirm or not that I can push it
on trunk !
Thanks,
Nicolas
[1] https://github.com/apache/ofbiz-framework/pull/833
[2] https://issues.apache.org/jira/browse/OFBIZ-13133
