Joe, Thanks for starting this discussion. Moving forward with a 1.15.1 patch release sounds like the best path forward.
Regards, David Handermann On Mon, Dec 13, 2021 at 7:49 AM Joe Witt <joe.w...@gmail.com> wrote: > Team > > We still dont think we are vulnerable but this now highly risky library is > present. We have PRs to eliminate it/main is fixed. I think we should do > a 24 hour 1.15.1 release/vote for it. It will eliminate concerns for > users. We are frankly pretty close to a 1.16 release at this point as > well it seems but can circle back. > > > Any different views on 1.15.1? > > Thanks >
