You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@avro.apache.org by "Ryan Skraba (Jira)" <ji...@apache.org> on 2021/03/05 16:39:00 UTC
[jira] [Updated] (AVRO-2981) Avrogen: Bump dependency versions
[ https://issues.apache.org/jira/browse/AVRO-2981?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ryan Skraba updated AVRO-2981:
------------------------------
Fix Version/s: (was: 1.10.2)
> Avrogen: Bump dependency versions
> ---------------------------------
>
> Key: AVRO-2981
> URL: https://issues.apache.org/jira/browse/AVRO-2981
> Project: Apache Avro
> Issue Type: Improvement
> Components: csharp
> Reporter: Brian Lachniet
> Assignee: Brian Lachniet
> Priority: Major
> Fix For: 1.11.0
>
>
> As described in [this comment|https://github.com/apache/avro/pull/981#discussion_r525692847], we prefer not to bump the dependency versions in libraries.
> {quote}By updating the versions in our libraries, we require users of the library to update to a version equal to or greater than the version we reference. For example, if a user were to reference an older version of Newtonsoft.Json, the would be forced to update to a newer version before they could use a new version of the Avro library.
> In short, we should only update the version of the dependencies in our libraries if we absolutely must for functionality that we require. We leave it up to the users of the library as to whether or not they want the latest and greatest of a particularly dependency. We're only going to require the bare minimum.{quote}
> That said, we should still reference newer versions of dependencies in any executables we ship so that the exe has the latest security updates. At this time, Avrogen is the only exe we ship.
> As part of this issue, we should:
> * Update Avrogen dependencies
> * Document are dependency update strategy for exe vs library in the {{lang/cshpar/README.md}}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)