Skip to content

Comments

[Snyk] Upgrade thrift from 0.11.0 to 0.20.0#3

Open
adamsousa wants to merge 1 commit intomasterfrom
snyk-upgrade-7f3e7fe5ca5c5177ff433515db8a9b84
Open

[Snyk] Upgrade thrift from 0.11.0 to 0.20.0#3
adamsousa wants to merge 1 commit intomasterfrom
snyk-upgrade-7f3e7fe5ca5c5177ff433515db8a9b84

Conversation

@adamsousa
Copy link

@adamsousa adamsousa commented May 11, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade thrift from 0.11.0 to 0.20.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 13 versions ahead of your current version.
  • The recommended version was released 2 months ago, on 2024-03-22.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Denial of Service (DoS)
SNYK-JS-THRIFT-474613		 635/1000
Why? Has a fix available, CVSS 8.2		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: thrift
  • 0.20.0 - 2024-03-22

    Please head over to the official release download source:
    http://thrift.apache.org/download

    The assets listed below are added by Github based on the release tag and they will therefore not match the checkums published on the Thrift project website.

  • 0.19.0 - 2023-09-02

    Please head over to the official release download source:
    http://thrift.apache.org/download

    The assets listed below are added by Github based on the release tag and they will therefore not match the checkums published on the Thrift project website.

  • 0.18.1 - 2023-03-01

    Please head over to the official release download source:
    http://thrift.apache.org/download

    The assets listed below are added by Github based on the release tag and they will therefore not match the checkums published on the Thrift project website.

  • 0.18.0 - 2023-02-14

    Please head over to the official release download source:
    http://thrift.apache.org/download

    The assets listed below are added by Github based on the release tag and they will therefore not match the checkums published on the Thrift project website.

  • 0.17.0 - 2022-09-18

    Please head over to the official release download source:
    http://thrift.apache.org/download

    The assets listed below are added by Github based on the release tag and they will therefore not match the checkums published on the Thrift project website.

  • 0.16.0 - 2022-02-17

    For release 0.16.0 head over to the official release download source:
    http://thrift.apache.org/download

    The assets below are added by Github based on the release tag and they may therefore not match the checkums.

  • 0.15.0 - 2021-09-11

    For release 0.15.0 head over to the official release download source:
    http://thrift.apache.org/download

    The assets below are added by Github based on the release tag and they may therefore not match the checkums.

  • 0.14.2 - 2021-06-17

    For release 0.14.0 head over to the official release download source:
    http://thrift.apache.org/download

    The assets below are added by Github based on the release tag and they may therefore not match the checkums.

  • 0.14.1 - 2021-03-08

    For release 0.14.1 head over to the official release download source:
    http://thrift.apache.org/download

    The assets below are added by Github based on the release tag and they may therefore not match the checkums.

  • 0.14.0 - 2021-02-12
  • 0.13.0 - 2019-11-18
  • 0.13.0-hotfix.1 - 2020-10-20
  • 0.12.0 - 2019-02-12
  • 0.11.0 - 2018-01-15
from thrift GitHub release notes
Commit messages
Package name: thrift
  • 0d0ac75 Preparing 0.20.0
  • 417eafd Add license header to pypi workflow file
  • 9a253e7 THRIFT-5688: Add PyPI publishing github actions
  • dd1217f THRIFT-5745: Implement slog.LogValuer on go TStructs
  • ab6f3ef THRIFT-5744: Switch to slog for go library
  • 318731b Updated manual version info and CHANGES
  • 0c637d7 Bump com.diffplug.spotless from 6.23.3 to 6.25.0 in /lib/java
  • 9d96f20 Fix ambigous typescript definitions
  • 7d4c7fa THRIFT-5750 deprecate "ansistr_binary_" option
  • 7507fa0 THRIFT-5753 PHP 8.1 deprecated warning about return type in jsonSerialize functions
  • 8238364 THRIFT-5754: Fix PHP 8.1 deprecates passing null to non-nullable internal function parameters
  • 3dcc0cd Revert "Bump upload/download-artifacts from v3 to v4"
  • c2738d0 [THRIFT-5752] Add TTransportFactoryInterface
  • 8ea1a48 Bump org.codehaus.plexus:plexus-utils in /contrib/thrift-maven-plugin
  • 8540066 Bump upload/download-artifacts from v3 to v4
  • 8004c37 Bump jvm from 1.9.21 to 1.9.22 in /lib/kotlin
  • 30c2845 Bump actions/setup-python from 4 to 5
  • 781c590 Bump com.diffplug.spotless from 6.23.2 to 6.23.3 in /lib/java
  • 1ebfcf8 Bump actions/setup-go from 4 to 5
  • be1c8fd Fix github actions for python3 tests
  • 5cf71b2 THRIFT-5749 Option to enable RTTI info (2nd attempt)
  • f1584f5 FIX: Unused import Map
  • 93222f6 THRIFT-5749 Option to enable RTTI info
  • 20e3124 Revert "lib: cpp: automake: ship thrift/numeric_cast.h"

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@adamsousa @snyk-bot