Just a heads-up that there has not been a commit to buger/jsonparser in more than 4 years. There are several open PRs with bug fixes, including one to address GHSA-6g7g-w4f8-9c9x
go-ordered-map is indirectly imported by a very popular MCP library:
github.com/mark3labs/mcp-go → github.com/invopop/jsonschema → github.com/wk8/go-ordered-map/v2 → github.com/buger/jsonparser
If you'd like a patched version, I've forked it and applied bugfixes from the outstanding PRs:
https://github.com/securityguy/jsonparser
Just a heads-up that there has not been a commit to buger/jsonparser in more than 4 years. There are several open PRs with bug fixes, including one to address GHSA-6g7g-w4f8-9c9x
go-ordered-map is indirectly imported by a very popular MCP library:
github.com/mark3labs/mcp-go → github.com/invopop/jsonschema → github.com/wk8/go-ordered-map/v2 → github.com/buger/jsonparser
If you'd like a patched version, I've forked it and applied bugfixes from the outstanding PRs:
https://github.com/securityguy/jsonparser