Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrading thrift dependency #93

Closed
GeorgiosGoniotakis opened this issue Feb 5, 2020 · 3 comments
Closed

Upgrading thrift dependency #93

GeorgiosGoniotakis opened this issue Feb 5, 2020 · 3 comments

Comments

@GeorgiosGoniotakis
Copy link

GeorgiosGoniotakis commented Feb 5, 2020
edited
Loading

Hello there 😄 Thank you for your contribution to open source. In your code I observed that you have locked the version of thrift between 0.10 and 0.12. Recently, I scanned one my projects with Snyk and was presented with the following vulnerability report. Are there any plans of upgrading thrift to version 13?
@codeboten
Copy link
Contributor

Hey @GeorgiosGoniotakis, thanks for raising this issue. The version of thrift was updated in #94 which was released in 4.4.3.

@andrewhsu
Copy link

Is this issue now resolved with https://github.com/lightstep/lightstep-tracer-python/releases/tag/4.4.3 ?

@GeorgiosGoniotakis
Copy link
Author

Yes! Thank you for that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@andrewhsu @codeboten @GeorgiosGoniotakis