Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump libthrift from 0.9.3 to 0.12.0 in /client/java #2

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Feb 21, 2020

Bumps libthrift from 0.9.3 to 0.12.0.

Release notes

Sourced from libthrift's releases.

Version 0.12.0

Thrift v0.12.0

New Languages

* Common LISP (cl)
* Swift
* Typescript (nodets)

Complete Release Notes

https://github.com/apache/thrift/blob/0.12.0/CHANGES

Version 0.9.3.1

This release is a backport of the security fix for CVE-2018-1320 as documented in THRIFT-4506. The only code change is in Java, and a 0.9.3-1 package was released to Maven Central.

This is marked in GitHub as a pre-release so that it does not become the "latest" release.

Changelog

Sourced from libthrift's changelog.

0.12.0

Released 2019-JAN-04

New Languages

  • Common LISP (cl)
  • Swift
  • Typescript (nodets)

Deprecated Languages

  • C++03/C++98 (move to C++11)
  • Cocoa (move to Swift)

Breaking Changes (since 0.11.0)

  • THRIFT-4529 - Rust enum variants are now camel-cased instead of uppercased to conform to Rust naming conventions
  • THRIFT-4448 - Support for golang 1.6 and earlier has been dropped.
  • THRIFT-4474 - PHP now uses the PSR-4 loader by default instead of class maps.
  • THRIFT-4532 - method signatures changed in the compiler's t_oop_generator.
  • THRIFT-4648 - The C (GLib) compiler's handling of namespaces has been improved.

Known Issues (Blocker or Critical)

  • THRIFT-4037 - build: use a single build system for thrift
  • THRIFT-4119 - build: bootstrap.sh is missing from source tarball
  • THRIFT-3289 - csharp: socket exhaustion in csharp implementation
  • THRIFT-3029 - cocoa: Getters for fields defined with uppercase names do not work
  • THRIFT-3325 - cocoa: Extended services aren't subclasses in generated Cocoa
  • THRIFT-4116 - cocoa: Thrift de-capitalizes the name of IsSet property in Cocoa
  • THRIFT-3877 - cpp: the http implementation is not standard; interop with other languages is spotty at best
  • THRIFT-4180 - cpp: Impossible to build Thrift C++ library for Android (NDK)
  • THRIFT-4384 - cpp: Using multiple async services simultaneously is not thread-safe
  • THRIFT-3108 - haskell: Defaulted struct parameters on a service generates invalid Haskell
  • THRIFT-3990 - nodejs: Exception swallowed by deserialization function
  • THRIFT-4214 - nodejs: map<i64,value> key treated as hex value in JavaScript
  • THRIFT-4602 - nodejs: ERROR in ./node_modules/thrift/lib/nodejs/lib/thrift/connection.js Module not found: Error: Can't resolve 'child_process'
  • THRIFT-4639 - nodejs: Sequence numbering for multiplexed protocol broken
  • THRIFT-1310 - php: sequence and reconnection management issues
  • THRIFT-1538 - php: Error during deserialization int64 on 32-bit architecture
  • THRIFT-1580 - php: thrift type i64 java to php serialize/deserealize not working
  • THRIFT-1950 - php: PHP gets stuck in infinite loop
  • THRIFT-2954 - python: sending int or float in a double field breaks the connection
  • THRIFT-4080 - python: unix sockets can get stuck forever
  • THRIFT-4281 - python: generated code is out of order and causes load issues
  • THRIFT-4677 - py3: UnicodeDecideError in Python3

Build Process

  • THRIFT-4067 - Windows thrift compiler distributed on the apache web site has runtime dependencies
  • THRIFT-4308 - D language docker images need demios for libevent and openssl fixed to re-enable make cross on dlang
  • THRIFT-4579 - Use Ubuntu Bionic (18.04 LTS) for CI builds instead of Artful (17.10)
  • THRIFT-4508 - Define CI operating system coverage rules for the project and (hopefully) simplify CI a little more
  • THRIFT-4397 - ubuntu install instructions broken on 16.04
... (truncated)
Commits
  • 384647d Version 0.12.0
  • 9b75e4f THRIFT-4680: fix up std::min, std::max, and numeric limits min/max on Windows...
  • 56ac72e Update a couple of our m4 files for autoconf
  • 33772b7 Add node.ts to the languages markdown
  • f4b1785 Merge pull request #1646 from allengeorge/rustfmt_10
  • ef7a189 Reformat rust code with rustfmt 1.0
  • 2b7365c THRIFT-4659: Fix race when closing server socket (#1645)
  • 44ee32c Fix c++98 build
  • e6e7e62 Correct c++17 definition
  • db61f10 Fix build with old c++
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 21, 2020
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Mar 12, 2021

Superseded by #4.

@dependabot dependabot bot closed this Mar 12, 2021
@dependabot dependabot bot deleted the dependabot/maven/client/java/org.apache.thrift-libthrift-0.12.0 branch March 12, 2021 21:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants