Open jospint opened 1 year ago
Hi there,
Are there any plans to upgrade Scrooge (and by extension, Finagle) to a newer version of libthrift? The version currently supported is 0.10.0, released in February 2017 and it is affected by 5 security vulnerabilities.
libthrift
0.10.0
EDIT: Snyk created a pull request for it in January: https://github.com/twitter/scrooge/pull/357
Snyk created a pull request for it in January: #357
Note that this PR was an automated one that didn't update '0.10.0 all the right places - https://github.com/twitter/scrooge/pull/367 is a fuller attempt.
Hi there,
Are there any plans to upgrade Scrooge (and by extension, Finagle) to a newer version of
libthrift
? The version currently supported is0.10.0
, released in February 2017 and it is affected by 5 security vulnerabilities.EDIT: Snyk created a pull request for it in January: https://github.com/twitter/scrooge/pull/357