Skip to content

[Snyk] Upgrade thrift from 0.11.0 to 0.18.1#1

Open
snyk-bot wants to merge 1 commit intomasterfrom
snyk-upgrade-199c248a65cfc30b9e2927a593966c34
Open

[Snyk] Upgrade thrift from 0.11.0 to 0.18.1#1
snyk-bot wants to merge 1 commit intomasterfrom
snyk-upgrade-199c248a65cfc30b9e2927a593966c34

Conversation

@snyk-bot
Copy link
Copy Markdown

@snyk-bot snyk-bot commented May 15, 2023

Snyk has created this PR to upgrade thrift from 0.11.0 to 0.18.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 11 versions ahead of your current version.
  • The recommended version was released 2 months ago, on 2023-03-01.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Denial of Service (DoS)
SNYK-JS-THRIFT-474613		 635/1000
Why? Has a fix available, CVSS 8.2		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: thrift
  • 0.18.1 - 2023-03-01

    Please head over to the official release download source:
    http://thrift.apache.org/download

    The assets listed below are added by Github based on the release tag and they will therefore not match the checkums published on the Thrift project website.

  • 0.18.0 - 2023-02-14

    Please head over to the official release download source:
    http://thrift.apache.org/download

    The assets listed below are added by Github based on the release tag and they will therefore not match the checkums published on the Thrift project website.

  • 0.17.0 - 2022-09-18

    Please head over to the official release download source:
    http://thrift.apache.org/download

    The assets listed below are added by Github based on the release tag and they will therefore not match the checkums published on the Thrift project website.

  • 0.16.0 - 2022-02-17

    For release 0.16.0 head over to the official release download source:
    http://thrift.apache.org/download

    The assets below are added by Github based on the release tag and they may therefore not match the checkums.

  • 0.15.0 - 2021-09-11

    For release 0.15.0 head over to the official release download source:
    http://thrift.apache.org/download

    The assets below are added by Github based on the release tag and they may therefore not match the checkums.

  • 0.14.2 - 2021-06-17

    For release 0.14.0 head over to the official release download source:
    http://thrift.apache.org/download

    The assets below are added by Github based on the release tag and they may therefore not match the checkums.

  • 0.14.1 - 2021-03-08

    For release 0.14.1 head over to the official release download source:
    http://thrift.apache.org/download

    The assets below are added by Github based on the release tag and they may therefore not match the checkums.

  • 0.14.0 - 2021-02-12

    For release 0.14.0 head over to the official release download source:
    http://thrift.apache.org/download

    The assets below are added by Github based on the release tag and they may therefore not match the checkums.

  • 0.13.0 - 2019-11-18

    For release 0.13.0 head over to the official release download source:
    http://thrift.apache.org/download

    The assets below are added by Github based on the release tag and they may therefore not match the checkums.

  • 0.13.0-hotfix.1 - 2020-10-20
  • 0.12.0 - 2019-02-12
  • 0.11.0 - 2018-01-15
from thrift GitHub release notes
Commit messages
Package name: thrift
  • 1851da5 Release 0.18.1
  • 0972190 THRIFT-5679 libthrift-0.17.0 has wrong version numbers in MANIFEST.MF
  • 8fcdf7d THRIFT-5685: Revert "THRIFT-5601: Fix forward typedef in go compiler"
  • 423ab39 bump version
  • c30ee69 Added reference to existing netstd README.md file to satisfy nuget package upload
  • 2f2696b release branch 0.18.0
  • 4eee681 fix veralign.sh
  • 61d3e74 Bump http, fixnum, logging, dart_style, build_test, build_web_compilers, mockito and build_runner
  • 1448934 go: Use new atomic types introduced in go1.19
  • d21188a Bump json5 from 2.1.1 to 2.2.3
  • 27a3311 Bump minimatch from 3.0.4 to 3.0.8 in /lib/ts
  • b973d11 Bump minimatch from 3.0.4 to 3.0.8 in /lib/js
  • e59defd Bump minimatch from 3.0.4 to 3.1.2
  • d89e370 Bump qs from 6.5.2 to 6.5.3 in /lib/ts
  • 41621ee Bump qs from 6.5.2 to 6.5.3
  • b94eac7 Update supported go versions
  • f223bd3 Improve enum support for json generator
  • b39370e THRIFT-5601: Fix forward typedef in go compiler
  • 916ae8b py server: Listen also on IPv4
  • 277fece netstd Server: Add IPv6
  • 9c0de2d lib: c_glib: fix compile error due to missing unistd.h
  • 850c61f lib: cpp: transport: include thrift/config.h in TFDTransport
  • 779deab lib: cpp: automake: ship thrift/numeric_cast.h
  • 27ff942 THRIFT-5669 "required" keyword is illegal in a "throws" clause

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snyk-bot