Looks like viritin-v7-compatibility depends on the unsafe version of jsoup (the one with org.jsoup.safety.Whitelist)
It means I can't get rid of the jsoup vulnerability in our Vaadin8 + v7-compatibility app.
Any chance of a fix?
Hi Guttorm!
Most likely it will slightly affect the API of RichText component, but it ought to be rather straightforward to to make the patch. Do you have time to look into it? I can cut a release today afternoon if you can prepare the patch. I have a queue of community issue I plan to work on today, can't promise I can deal it today.
Haven't done that before, but have given it a shot. Have forked, fixed an created a pull request.