Since 5.0.2 has been comprimised for a short time it is now labelled by security scanners as potentially unsafe.
Rolling back to 5.0.1 causes all kind of issues since we do not have the bugfix for the pagination issue in 5.0.1 which was introduced in 5.0.2.
I would suggest to create a new version 5.0.3 such that:
- there is no confusion on what the safe version is
- we can use the latest version with all its bug fixes
- automated security scanners can correctly identify a non compromised version is being used.
For example, SNYK identifies 5.0.2 as insecure since it does not have a way to target specific commits it seems: https://security.snyk.io/vuln/SNYK-PHP-INTERCOMINTERCOMPHP-16329836
Since 5.0.2 has been comprimised for a short time it is now labelled by security scanners as potentially unsafe.
Rolling back to 5.0.1 causes all kind of issues since we do not have the bugfix for the pagination issue in 5.0.1 which was introduced in 5.0.2.
I would suggest to create a new version 5.0.3 such that:
For example, SNYK identifies 5.0.2 as insecure since it does not have a way to target specific commits it seems: https://security.snyk.io/vuln/SNYK-PHP-INTERCOMINTERCOMPHP-16329836