[jira] [Updated] (THRIFT-4064) Update node library dependencies

James E. King, III (JIRA) Thu, 14 Sep 2017 08:20:16 -0700

     [ 
https://issues.apache.org/jira/browse/THRIFT-4064?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


James E. King, III updated THRIFT-4064:
---------------------------------------
    Description: 
ws@0.4.32 is really old and presents issues for users using modern versions of 
Node (see https://github.com/apache/thrift/pull/672#issuecomment-276678791). 
Its should be updated.

In the third pull request, here are the dependencies:

node-int64 ~0.4.0
q ~1.5.0
ws >= 2.2.3 which implies node >= 4.1.0 
(https://github.com/websockets/ws/tree/2.2.3)

On the ubuntu-xenial image which uses node v8.4.0 and npm 5.3.0, and on the 
centos-7.3 image which uses node v6.11.1 and npm 3.10.10 you end up with the 
following packages:
{noformat}
root@ddb384ee75a5:/thrift/src/lib/nodejs# npm list --depth 0
thrift@1.0.0-dev /thrift/src
+-- buffer-equals@1.0.4
+-- commander@2.11.0
+-- connect@3.6.3
+-- istanbul@0.4.5
+-- minimatch@3.0.4
+-- node-int64@0.4.0
+-- phantomjs@2.1.7
+-- q@1.5.0
+-- run-browser@2.0.2
+-- tape@4.8.0
+-- utf-8-validate@3.0.3
`-- ws@3.1.0
{noformat}

  was:
ws@0.4.32 is really old and presents issues for users using modern versions of 
Node (see https://github.com/apache/thrift/pull/672#issuecomment-276678791). 
Its should be updated.

In the third pull request, here are the dependencies:

node-int64 ~0.4.0
q ~1.5.0
ws >= 2.2.3 which implies node >= 4.1.0


> Update node library dependencies
> --------------------------------
>
>                 Key: THRIFT-4064
>                 URL: https://issues.apache.org/jira/browse/THRIFT-4064
>             Project: Thrift
>          Issue Type: Improvement
>          Components: Node.js - Library
>    Affects Versions: 0.10.0
>            Reporter: Andres Suarez
>            Assignee: James E. King, III
>              Labels: security-issue
>
> ws@0.4.32 is really old and presents issues for users using modern versions 
> of Node (see 
> https://github.com/apache/thrift/pull/672#issuecomment-276678791). Its should 
> be updated.
> In the third pull request, here are the dependencies:
> node-int64 ~0.4.0
> q ~1.5.0
> ws >= 2.2.3 which implies node >= 4.1.0 
> (https://github.com/websockets/ws/tree/2.2.3)
> On the ubuntu-xenial image which uses node v8.4.0 and npm 5.3.0, and on the 
> centos-7.3 image which uses node v6.11.1 and npm 3.10.10 you end up with the 
> following packages:
> {noformat}
> root@ddb384ee75a5:/thrift/src/lib/nodejs# npm list --depth 0
> thrift@1.0.0-dev /thrift/src
> +-- buffer-equals@1.0.4
> +-- commander@2.11.0
> +-- connect@3.6.3
> +-- istanbul@0.4.5
> +-- minimatch@3.0.4
> +-- node-int64@0.4.0
> +-- phantomjs@2.1.7
> +-- q@1.5.0
> +-- run-browser@2.0.2
> +-- tape@4.8.0
> +-- utf-8-validate@3.0.3
> `-- ws@3.1.0
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (THRIFT-4064) Update node library dependencies

Reply via email to