Safety vulnerability ID: 71101
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Nextflow updates its Logback dependency from version 1.4.12 to 1.4.14 to address CVE-2023-6378.
Note: The Nextflow launcher installer itself does not contain any vulnerable code. However, installing this package will result in using a version of the Nextflow core that may contain known vulnerabilities.
Latest version: 24.10.0
A Python wrapper that installs the Nextflow launcher
- Add 'preview' to workflow runtime metadata (4985) [935bb1e5]
- Add enabled property to output dsl (5008) [284415b1]
- Fix Taskbar API is not supported error [0ea09ccc]
- Fix inspect should not write history entry [c713ad51]
- Fix unexpected container resolution [a5ecf8a4]
- Improve icon loading error handling [c72e16f8]
- Remove Fusion symlink resolution (5004) [071ea74c]
- Remove `seqera` and `defaults` from Conda default channels (5003) [ec5ebd0b]
- Use protected visibility for updateStatus method [6871ba06]
- Workflow output definition (4784) [cf0546b1]
- Bump Fusion 2.3 (5005) [7176c113]
- Bump groovy-console 4.0.21-patch.2 [eb97831f]
- Bump nf-amazon2.5.1 [96ee633d]
- Bump nf-console1.1.3 [e8359042]
- Bump nf-google1.13.1 [5dcb4c7a]
- Bump nf-wave1.4.2 [73c668a6]
24.04.0-edge - 13 May 2024
- Add Wave and Fusion info to workflow metadata (4945) [bb7e1c8e]
- Add `k8s.cpuLimits` config option (3027) [3c6e96d0]
- Add account config option for grid executors (4975) [a09e37dd]
- Add git to docs deps [aa9e1273]
- Add resourceLimits directive (2911) [7c9d965e]
- Add support for Job arrays (3892) [ca9bc9d4]
- Add support for clusterOptions as a list of values (4993) [dd173e33]
- Add threads dump for troubleshooting purposes [8992ebde]
- Fix Gstring casting exception when clusterOptions is a closure [74004fbd]
- Fix Missing error code when no entry is specified [f507e9a4]
- Fix NPE in LogsCheckpoint class [deb3076d]
- Fix Prevent maxForks less than zero [7676dd9c]
- Fix Use fully qualified S3 uris in error message (4923) [f1cffd1b]
- Fix Wave container resolution with singularity and ociMode [54ad6241]
- Fix collectFile saving to GCS with sort: false (4965) [1418553a]
- Fix console "Plugin manager not initialised" warn (4989) [5ff44538]
- Fix console icon (4991) [b8a23706]
- Fix docs formatting [c02e58c7]
- Fix docs snippet [6499649d]
- Fix flaky docs test (4957) [ea8246f6]
- Fix groovy console issue (4988) [b9bf6410]
- Fix job array docs (4984) [6a3347ee]
- Fix missing include error message (4981) [aad100e1]
- Fix script error text alignment (4681) [1dc4e4e4]
- Fix security vulnerability in logback (4947) [0ffcc4ca]
- Fix semaphore in parallel polling monitor (4927) [5c37fcc2]
- Fix remove commented out test lines in Azure Batch Pool opts tests. (4914) [cb607f07]
- Guarantees K8s pod name is unique on resume (4959) [361cef84]
- Improve config resolution docs (4950) [019eb86c]
- Improve documentation about azcopy installation requirements for custom Azure Batch worker pools (4911) [5c410db8]
- Improve error message for image pull time-out for Singularity/Apptainer/Charliecloud (4974) [73015fbd]
- Remove unused const [6e91285d]
- Run task finalisation asynchronously (4890) [e0e94227]
- Strip auth secret from logs [acf63e0e]
- Update TES executor to TES API v1.1 (4195) [7b32c2d6]
- Update aws.md to include Cluster access (4951) [459d725b]
- Update developer diagrams (4922) [dcff41a5]
- Update operator return types (4976) [a614fbe7]
- Update stale documentation in overview.md (4968) [6a58c6d7]
- Use for instead eachLine in error formatting [4a821f46]
- azure batch autopool feature more comprehensive documentation (4941) [adbd8903]
- Bump Gradle 8.7 [8b5cf3cc]
- Bump nf-wave1.4.1 [830b032c]
- Bump nf-tower1.9.1 [163683c2]
- Bump nf-google1.13.0 [6d99a22a]
- Bump nf-ga4gh1.3.0 [89695ed3]
- Bump nf-console1.1.2 [357b143a]
- Bump nf-amazon2.5.0 [6c62a60a]
24.03.0-edge - 15 Apr 2024
- Add custom jobName for Google Batch [df40d55f]
- Add escher to name generator class [2e6496e2]
- Add retry policy to Google Batch client [c4981dcc]
- Add retry strategy for publishing (4839) [c9c7032c]
- Add support for Azure custom startTask (4913) [27d01e3a]
- Add task tip extension point [eadad5b8]
- Allow secrets to be used in pipeline script (4171) [df866a24]
- Do not print a new line when stdout is empty (4892) [658a5ec8]
- Fix Azure pool creation [2ee4d11e]
- Fix Use of secrets in the includeConfig path [00c9f226]
- Fix coloured ANSI log bug (4898) [a04d6983]
- Fix eval output type via bash -c wrapping (4887) [2165a14d]
- Fix exception handling in local executor [74d7d7a8]
- Fix support for GCS requester pays bucket option [d9d61cff]
- Fix test when missing Google secret [33dc3ce0]
- Improve Charliecloud support (4879) [287471c0]
- Improve control on azcopy install (4883) [01447d5c]
- Improve error message when Google creds file is corrupted [a550e52f]
- Improve getting started docs (4764) [b59111b3]
- Improve retry logic for AWS Batch executor [62926c28]
- Nextflow launch script: improving search for JAVA_CMD (4830) [ebbbe9e7]
- Publish built-in reports as Tower reports (4760) [b710d923]
- Remove not needed dsl=2 + error in example (4812) [7c5779d7]
- Remove unused code from AssetManager [77365165]
- Revert "Fix failing CI tests (4861)" [7ba2e253]
- Update NameGenerator (4907) [248201af]
- Update Platform API endpoint (4855) [4842423a]
- Update Wave to API v1alpha2 (4906) [9c350872]
- Update docs (4852) [6e2d1a94]
- Updated docs on Google Cloud setup and credentials (4896) [7e8b5e26]
- Updated dodcs note on singularity default command (4825) [567f5334]
- Bump groovy 4.0.20 [66c1a164]
- Bump groovy 4.0.21 [9e08390b]
- Bump nf-wave1.4.0 [fc70dc8c]
- Bump nf-tower1.9.0 [b0c4e2c5]
- Bump nf-google1.12.0 [6ae25fad]
- Bump nf-azure1.6.0 [967c2ac8]
- Bump nf-amazon2.4.2 [ddda969e]
24.02.0-edge - 10 Mar 2024
- Add K8s job ttlSecondsAfterFinished option (4434) [93627be6]
- Add NXF_CACHE_DIR environment var (4655) [4b00170a]
- Add colours to ansi logs (4573) [5e2ce9ed]
- Add eval output type (4493) [df978113]
- Fix Always emit publish event for symlinks on resume (4790) [bb5c4f9d]
- Fix Do not create local plugin path in embedded mode [9d6dd6a0]
- Fix Error while publishing S3 file with blanks [b74c0227]
- Fix Missing dependency for console command [baf29110]
- Fix typo in Azure Batch docs ('Azore') (4735) [192bf8df]
- Fix typo in error message [a7f23305]
- Remove experimental admonition for podman [17d0dced]
- Remove square brackets from job name in LSF executor (4799) [6e0ac72d]
- Remove unneeded const [09c957fb]
- Rename Tower -> Seqera Platform in docs and log messages (4727) [7caffef9]
- Update Azure dependencies [1bcbaf0d]
- Update copyright info [e3089f0e]
- Use alias for HistoryFile.Record [17217a1c]
- minor cli docstring fix (4759) [ee4b4a25]
- Bump Grengine 3.0.2 [42ca2b6f]
- Bump groovy 4.0.19 [854dc1f0]
- Bump snakeyaml 2.2 [07480779]
- Bump nf-amazon2.4.1 [0eb84071]
- Bump nf-azure1.5.1 [d63be8c0]
- Bump nf-cloudcache0.4.1 [57b7004e]
- Bump nf-console1.1.1 [b7f703f5]
- Bump nf-tower1.8.1 [b8ffb180]
- Bump nf-wave1.3.1 [0c542eda]
- Bump amazoncorretto 17.0.10-al2023 [3e695ad9]
24.01.0-edge - 5 Feb 2024
- Add support for custom fuse device plugin (4612) [a1e33193]
- Fix Ignore stored process message when ansi log is enabled (4645) [f9ba47ef]
- Fix Wave container replicable checksum [da382ddf]
- Fix azure retry policy (4638) [85bab699]
- Fix handling of wave.s5cmdConfigUrl setting (4707) [3a19386d]
- Fix typo in Hyperqueue section (4635) [d5a6a963]
- Fix typo in OCI mode warning message (4633) [e216a876]
- Fix typo in the docs (4636) [ci-skip] [4727f174]
- Improve detection of sys home variable [8812138f]
- Improve handling of publish error (4703) [fc9f7685]
- LocalSecretsProvider: invalid permissions tests made more robust (4663) [682a6806]
- Remove Glacier auto-retrieval (4705) [5f0ec50d]
- Remove preview from cmd secret [dc040226]
- Set scratch default to false when using Fusion (4675) [9d17e407]
- Slight change in wording for error message about userEmulation (4680) [a9c8a841]
- Truncate max size exceeded error message (4644) [36090b70]
- Use AZURE_STORAGE_SAS_TOKEN environment variable (4627) [2e02afbf]
- Use canonical init method for plugins initialization [e7a20aff]
- Bump nf-wave1.3.0 [8b9905c7]
- Bump nf-tower1.8.0 [bfc94e46]
- Bump nf-google1.11.0 [01ff0353]
- Bump nf-ga4gh1.2.0 [3df34188]
- Bump nf-console1.1.0 [e90d73a7]
- Bump nf-codecommit0.2.0 [4379c941]
- Bump nf-cloudcache0.4.0 [2bc698c7]
- Bump nf-azure1.5.0 [07415ce1]
- Bump nf-amazon2.4.0 [b991e14b]
- Bump Groovy 4 (4443) [9d32503b]
- Bump actions/checkoutv4 [d1b3195e]
- Bump logback1.4.12 + guava33.0.0-jre [331ff425]
- Bump nextflow 23.12.0-edge as min version [63e83702]
- Bump tj-actions/changed-files from 35 to 41 in /.github/workflows (4622) [d67aef5f]
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application