Is it ok to use it with matrix-js-sdk > 12.4.0?

Question

Is it ok to use it with matrix-js-sdk > 12.4.0?

Closed this issue 3 years ago · 1 comments

Hello, great software.

A vulnerability was disclosed on several matrix-related software, including matrix-js-sdk < 12.4.1.
As the title say, would it be ok to update the dependency or would something break?

Answer 1 · 2021-09-15T06:32:36.000Z

Hi @otrapersona, thank you very much for opening this issue. You were faster than dependabot by over 2 days, win! I am going to merge dependabot's patch, right now, I don't think there will be any issues, but, if there are, the intention will be to have them fixed promptly this week. Better broken than unsecure. Thanks again!