You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@thrift.apache.org by "James E. King, III (JIRA)" <ji...@apache.org> on 2018/03/06 21:05:00 UTC

[jira] [Closed] (THRIFT-4369) Upgrade Thrift for Node.js with ws new version

     [ https://issues.apache.org/jira/browse/THRIFT-4369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

James E. King, III closed THRIFT-4369.
--------------------------------------
       Resolution: Fixed
         Assignee: James E. King, III
    Fix Version/s: 0.11.0

In 0.11.0 we moved to {{>= 2.2.3}} which would put it at 4.5.0.
In THRIFT-4508 it is moving to {{^5.0.0}}
Resolving/closing as fixed in 0.11.0.

> Upgrade Thrift for Node.js with ws new version
> ----------------------------------------------
>
>                 Key: THRIFT-4369
>                 URL: https://issues.apache.org/jira/browse/THRIFT-4369
>             Project: Thrift
>          Issue Type: Dependency upgrade
>          Components: Node.js - Library
>    Affects Versions: 0.10.0
>            Reporter: MarioDu
>            Assignee: James E. King, III
>            Priority: Major
>             Fix For: 0.11.0
>
>
> https://snyk.io/vuln/npm:ws:20160104, https://nodesecurity.io/advisories/67, https://snyk.io/vuln/npm:ws:20160624, https://nodesecurity.io/advisories/120, https://snyk.io/vuln/npm:ws:20160920
> ws@0.4.32 is very dangerous, please upgrade it.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)