Get a Demo

Patch

com.mikesamuel:json-sanitizer 1.2.1

Package Version

com.mikesamuel:json-sanitizer 1.2.1

Github Repository

Package Version Scores

Overall

0

/10

Security

8

Activity

4

Popularity

7

Quality

6

Quality

Pull Requests from Bots

Pull requests from bot accounts indicate that the project is using automation for development tasks.

Quality

Pull Requests from Bots

Pull requests from bot accounts indicate that the project is using automation for development tasks.

Endor Patches

66d76b81498de0ed427eddfe

CVEs Fixed

C

1

H

1

+336

-41

Vulnerabilities Fixed

Arbitrary code injection in json-sanitizer

Uncaught Exception leading to Denial of Service in json-sanitizer

Get the Patch Instantly Without Upgrading

Fix Without Upgrading

Detect compatible fix

Apply safe remediation

Fix with a single pull request

References

Basic Information

Ecosystem

Release Date

LINES OF CODE CHANGED

+336

-41

-

on latest patch

License

Patch Available

Get the Patch Instantly

Secure your app without upgrading.

Fix Without Upgrading

{
"items": [
{
"title": "No Recent Commit Activity",
"description": "Lack of recent commit activity indicates that the project is not very active",
"category": "activity",
"type": "downscore"
},
{
"title": "No Recent Issue Activity",
"description": "Lack of recent issue activity may indicate that the project is not actively used",
"category": "activity",
"type": "downscore"
},
{
"title": "No Recent Pull Request Activity",
"description": "Lack of recent pull request activity may indicate that the project is no longer active",
"category": "activity",
"type": "downscore"
},
{
"title": "First Major Release Milestone Achieved",
"description": "The repository has reached 1.0 release status, this is a sign of maturity",
"category": "code quality",
"type": "upscore"
},
{
"title": "No Release Activity",
"description": "The repository does not have any recent releases and this could mean that it is not actively maintained",
"category": "activity",
"type": "downscore"
},
{
"title": "Organization Repository",
"description": "When a repository belongs to an organization there is a lower risk of it getting abandoned in the future",
"category": "activity",
"type": "upscore"
},
{
"title": "No Known Vulnerabilities for this Version",
"description": "No vulnerabilities discovered in this version of the repository indicates that this is a version that is safe to use. Analysis only considers vulnerabilities associated with this repository and not its dependencies. Vulnerability information is based on OSV.dev data and Endor's vulnerability database",
"category": "security",
"type": "upscore"
},
{
"title": "Has Stars",
"description": "Having some stars indicates interest in the project. ",
"category": "popularity",
"type": "upscore"
},
{
"title": "Has Forks",
"description": "Having some forks shows an interest in the project",
"category": "popularity",
"type": "neutral"
},
{
"title": "Has Subscribers",
"description": "Having subscribers indicates interest in the project",
"category": "popularity",
"type": "upscore"
},
{
"title": "Repository has Documentation",
"description": "Documentation makes a package easier to understand and use",
"category": "code quality",
"type": "upscore"
},
{
"title": "No Automated Build System",
"description": "Reproducible builds using makefiles or CI systems allow verification that no modifications, such as vulnerabilities or backdoors, have been introduced during a package's build process",
"category": "code quality",
"type": "downscore"
},
{
"title": "High Ratio of Test Code",
"description": "High quality projects should use tests",
"category": "code quality",
"type": "upscore"
},
{
"title": "Repository has Some Best Practice Files",
"description": "The repository has files that cover basic operational aspects of the project and this shows an emphasis on best practices",
"category": "code quality",
"type": "upscore"
}
]
}