Safety vulnerability ID: 64231
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Nextflow 23.04.5 upgrades its pf4j dependency version from 3.4.1 to 3.10.0 due to the CVE-2023-40826.
Note: The Nextflow launcher installer itself does not contain any vulnerable code. However, installing this package will result in using a version of the Nextflow core that may contain known vulnerabilities.
Latest version: 24.10.4
A Python wrapper that installs the Nextflow launcher
- Fix container environment with special chars (4594) [663b2936]
v23.12.0-edge
- Add AWS_SESSION_TOKEN to Fusion environment (4581) [552f29b0]
- Add ability to disable Cloudinfo service (4606) [f7251895]
- Add experimental support for Fargate compute type for AWS Batch (3474) [47cf335b]
- Add support for Instance template to Google Batch [df7ed294]
- Add support for Singularity/Apptainer auto pull mode for OCI containers [b7f1a192]
- Fix BitBucket get source API with custom branch [58937831]
- Fix Fusion tags documentation (4551) [687e2e96]
- Fix Harden regular expression to used to strip secrets in logs (4563) [832bff24]
- Fix bug with Fusion symlink resolution (4593) [09e85582]
- Fix container environment with special chars (4594) [e0fe952f]
- Fix custom notification template [ccf4f59e]
- Fix fusion symlink test (4604) [681ace86]
- Fix smoke tests [d3c2f330]
- Improve GLS tests [58590b1c]
- Load nf-amazon when AWS SES is enabled [887f06f4]
- Move build num & timestamp to BuildInfo class [ec8083d4]
- Move app version to BuildInfo class [c7d749e8]
- Remove deprecated Wave observer [0e009ef7]
- Remove undocumented userEmulation mode (4596) [f6c79788]
- Remove unused DSL2 check [e9ee3b2c]
- Replace each iterator with class for [f7662e68]
- Bump nf-amazon2.3.0 [0b40b7b9]
- Bump nf-google1.10.0 [bcb20fcf]
- Bump nf-wave1.2.0 [aa981814]
- Bump wave-utils0.8.1 and micromamba1.5.5 [9cb50035]
- Build optimizations (4579) [5ad41e44]
v23.11.0-edge
- Add `fusion.cacheSize` config option (4518) [2faadc22]
- Add Topic channel type (experimental) (4459) [921313d1]
- Add Google Batch native retry on spot termination (4500) [ea1c1b70]
- Add Retry policy to Google Storage (4524) [c271bb18]
- Add ability detect Google Batch spot interruption (4462) [d49f02ae]
- Add doc tests, move some snippets to separate files (3959) [0ff3b305]
- Add docs section on container requirements (4501) [3fb29f78]
- Add labels field in Job request for Google Batch (4538) [627c595e]
- Add note about limitations of glacier auto retrieval (4514) [82e56799]
- Add note about local executor and enforcing resource limits (4468) [6a0626f7]
- Add section about sharing modules (4482) [3e66fba4]
- Add section on process directives to plugin docs (4477) [d9ee9870]
- Add support for Azure low-priority pool (4527) [8320ea10]
- Add support for FUSION_AWS_REGION (4481) [8f8b09fa]
- Add support for Fusion when using Singularity OCI mode (4508) [4f3aa631]
- Add support for K8s schedulerName pod spec (4485) [ci fast] [dfc7b7c8]
- Add support for Singularity OCI mode (4440) [f5362a7b]
- Allow the use of error built-in function in onComplete handler (4458) [ci fast] [35a4424b]
- Fix Bug in JsonSplitter ordering [ci fast] [8ec14dd2]
- Fix Bypass Google Batch Price query if task cpus and memory are defined (4521) [7f8f20d3]
- Fix Checkout remote tag if checkout remote branch fails (4247) [b8907ccb]
- Fix Fusion symlinks when publishing files (4348) [89f09fe0]
- Fix Inspect command fails with Singularity [f5bb829f]
- Fix ParamsMap copyWith param aliases (4188) [b480ee0e]
- Fix Singularity docs [e952299f]
- Fix container hashing for Singularity + Wave containers [4c6f2e85]
- Fix detection of Conda local path made by Wave client [ci fast] (4532) [4d5bc216]
- Fix doc tests to fail on test failure (4505) [4d326551]
- Fix errors when NXF_HOME contains spaces (4456) [ci fast] [fe5bea99]
- Fix Google Batch network/subnetwork docs (4475) [27d132f3]
- Fix rounding error with long durations (4496) [ci fast] [0356178b]
- Fix security vulnerabilities (4513) [a310c777]
- Fix Use consistently NXF_TASK_WORKDIR (4484) [48ee3c64]
- Improve error details for AbortOperationException [35609cb0]
- Improve operator docs (4502) [38210e11]
- Makefile clean to also remove buildSrc/build (4517) [2ccb05d0]
- Minor test improvements [ci fast] [171831ea]
- Minor types improvement for mix operator [ci fast] [91c1ab15]
- Normalise channel docs [b641d677]
- Remove deprecated TowerArchiver feature [ff8e06a3]
- Remove dsl1 deprecated code (part 2) [159effb1]
- Remove dsl1 deprecated code [2b433a52]
- Remove incorrect note about workflow inputs (4509) [54bc0b7d]
- Return error if plugin version is not specified in offline mode (4487) [f5d7246e]
- Update README.md with new branding color for Nextflow (4412) [7a13b18b]
- Update background color of docs status badges (4411) [3cb1c53c]
- Update logging filter for Google Batch provider. (4488) [66a3ed19]
- Bump Gradle 8.4 and test vs Java 21 (4450) [8cb2702c]
- Bump nf-amazon2.2.0 [8e2d7879]
- Bump nf-azure1.4.0 [7c47d090]
- Bump nf-cloudcache0.3.1 [65240b75]
- Bump nf-codecommit0.1.6 [725f0510]
- Bump nf-console1.0.7 [a307686c]
- Bump nf-ga4gh1.1.1 [e54ea007]
- Bump nf-google1.9.0 [033ec92c]
- Bump nf-tower1.7.0 [836a44a5]
- Bump nf-wave1.1.0 [620523ef]
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application