You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@flume.apache.org by GitBox <gi...@apache.org> on 2019/11/13 01:53:28 UTC
[GitHub] [flume] dependabot[bot] opened a new pull request #307: Bump
libthrift from 0.9.3 to 0.12.0
dependabot[bot] opened a new pull request #307: Bump libthrift from 0.9.3 to 0.12.0
URL: https://github.com/apache/flume/pull/307
Bumps [libthrift](https://github.com/apache/thrift) from 0.9.3 to 0.12.0.
<details>
<summary>Release notes</summary>
*Sourced from [libthrift's releases](https://github.com/apache/thrift/releases).*
> ## Version 0.12.0
> # Thrift v0.12.0
>
> ## New Languages
> * Common LISP (cl)
> * Swift
> * Typescript (nodets)
>
> ## Complete Release Notes
>
> https://github.com/apache/thrift/blob/0.12.0/CHANGES
>
> ## Version 0.9.3.1
> This release is a backport of the security fix for [CVE-2018-1320](https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-1320) as documented in [THRIFT-4506](https://issues.apache.org/jira/browse/THRIFT-4506). The only code change is in Java, and a 0.9.3-1 package was released to [Maven Central](https://search.maven.org/search?q=g:org.apache.thrift%20AND%20a:libthrift&core=gav).
>
> This is marked in GitHub as a pre-release so that it does not become the "latest" release.
</details>
<details>
<summary>Changelog</summary>
*Sourced from [libthrift's changelog](https://github.com/apache/thrift/blob/master/CHANGES.md).*
> ## 0.12.0
>
> Released 2019-JAN-04
>
> ### New Languages
> - Common LISP (cl)
> - Swift
> - Typescript (nodets)
>
> ### Deprecated Languages
> - C++03/C++98 (move to C++11)
> - Cocoa (move to Swift)
>
> ### Breaking Changes (since 0.11.0)
> - [THRIFT-4529](https://issues.apache.org/jira/browse/THRIFT-4529) - Rust enum variants are now camel-cased instead of uppercased to conform to Rust naming conventions
> - [THRIFT-4448](https://issues.apache.org/jira/browse/THRIFT-4448) - Support for golang 1.6 and earlier has been dropped.
> - [THRIFT-4474](https://issues.apache.org/jira/browse/THRIFT-4474) - PHP now uses the PSR-4 loader by default instead of class maps.
> - [THRIFT-4532](https://issues.apache.org/jira/browse/THRIFT-4532) - method signatures changed in the compiler's t_oop_generator.
> - [THRIFT-4648](https://issues.apache.org/jira/browse/THRIFT-4648) - The C (GLib) compiler's handling of namespaces has been improved.
>
> ### Known Issues (Blocker or Critical)
> - [THRIFT-4037](https://issues.apache.org/jira/browse/THRIFT-4037) - build: use a single build system for thrift
> - [THRIFT-4119](https://issues.apache.org/jira/browse/THRIFT-4119) - build: bootstrap.sh is missing from source tarball
> - [THRIFT-3289](https://issues.apache.org/jira/browse/THRIFT-3289) - csharp: socket exhaustion in csharp implementation
> - [THRIFT-3029](https://issues.apache.org/jira/browse/THRIFT-3029) - cocoa: Getters for fields defined with uppercase names do not work
> - [THRIFT-3325](https://issues.apache.org/jira/browse/THRIFT-3325) - cocoa: Extended services aren't subclasses in generated Cocoa
> - [THRIFT-4116](https://issues.apache.org/jira/browse/THRIFT-4116) - cocoa: Thrift de-capitalizes the name of IsSet property in Cocoa
> - [THRIFT-3877](https://issues.apache.org/jira/browse/THRIFT-3877) - cpp: the http implementation is not standard; interop with other languages is spotty at best
> - [THRIFT-4180](https://issues.apache.org/jira/browse/THRIFT-4180) - cpp: Impossible to build Thrift C++ library for Android (NDK)
> - [THRIFT-4384](https://issues.apache.org/jira/browse/THRIFT-4384) - cpp: Using multiple async services simultaneously is not thread-safe
> - [THRIFT-3108](https://issues.apache.org/jira/browse/THRIFT-3108) - haskell: Defaulted struct parameters on a service generates invalid Haskell
> - [THRIFT-3990](https://issues.apache.org/jira/browse/THRIFT-3990) - nodejs: Exception swallowed by deserialization function
> - [THRIFT-4214](https://issues.apache.org/jira/browse/THRIFT-4214) - nodejs: map<i64,value> key treated as hex value in JavaScript
> - [THRIFT-4602](https://issues.apache.org/jira/browse/THRIFT-4602) - nodejs: ERROR in ./node_modules/thrift/lib/nodejs/lib/thrift/connection.js Module not found: Error: Can't resolve 'child_process'
> - [THRIFT-4639](https://issues.apache.org/jira/browse/THRIFT-4639) - nodejs: Sequence numbering for multiplexed protocol broken
> - [THRIFT-1310](https://issues.apache.org/jira/browse/THRIFT-1310) - php: sequence and reconnection management issues
> - [THRIFT-1538](https://issues.apache.org/jira/browse/THRIFT-1538) - php: Error during deserialization int64 on 32-bit architecture
> - [THRIFT-1580](https://issues.apache.org/jira/browse/THRIFT-1580) - php: thrift type i64 java to php serialize/deserealize not working
> - [THRIFT-1950](https://issues.apache.org/jira/browse/THRIFT-1950) - php: PHP gets stuck in infinite loop
> - [THRIFT-2954](https://issues.apache.org/jira/browse/THRIFT-2954) - python: sending int or float in a double field breaks the connection
> - [THRIFT-4080](https://issues.apache.org/jira/browse/THRIFT-4080) - python: unix sockets can get stuck forever
> - [THRIFT-4281](https://issues.apache.org/jira/browse/THRIFT-4281) - python: generated code is out of order and causes load issues
> - [THRIFT-4677](https://issues.apache.org/jira/browse/THRIFT-4677) - py3: UnicodeDecideError in Python3
>
> ### Build Process
> - [THRIFT-4067](https://issues.apache.org/jira/browse/THRIFT-4067) - Windows thrift compiler distributed on the apache web site has runtime dependencies
> - [THRIFT-4308](https://issues.apache.org/jira/browse/THRIFT-4308) - D language docker images need demios for libevent and openssl fixed to re-enable make cross on dlang
> - [THRIFT-4579](https://issues.apache.org/jira/browse/THRIFT-4579) - Use Ubuntu Bionic (18.04 LTS) for CI builds instead of Artful (17.10)
> - [THRIFT-4508](https://issues.apache.org/jira/browse/THRIFT-4508) - Define CI operating system coverage rules for the project and (hopefully) simplify CI a little more
> - [THRIFT-4397](https://issues.apache.org/jira/browse/THRIFT-4397) - ubuntu install instructions broken on 16.04
></tr></table> ... (truncated)
</details>
<details>
<summary>Commits</summary>
- [`384647d`](https://github.com/apache/thrift/commit/384647d290e2e4a55a14b1b7ef1b7e66293a2c33) Version 0.12.0
- [`9b75e4f`](https://github.com/apache/thrift/commit/9b75e4fe745a9b08e6ccdc0998ec7a69272f5b4c) THRIFT-4680: fix up std::min, std::max, and numeric limits min/max on Windows...
- [`56ac72e`](https://github.com/apache/thrift/commit/56ac72e74ae354c286c41f5d5a3c0b8723feb587) Update a couple of our m4 files for autoconf
- [`33772b7`](https://github.com/apache/thrift/commit/33772b7d78dc3e73154f1942320e1a6ef3301e1b) Add node.ts to the languages markdown
- [`f4b1785`](https://github.com/apache/thrift/commit/f4b17857db4a7ff6885d22535b0e9b963af49397) Merge pull request [#1646](https://github-redirect.dependabot.com/apache/thrift/issues/1646) from allengeorge/rustfmt_10
- [`ef7a189`](https://github.com/apache/thrift/commit/ef7a18970f309632e3a3015ac1c659d72d36967b) Reformat rust code with rustfmt 1.0
- [`2b7365c`](https://github.com/apache/thrift/commit/2b7365c54f823013cc6a4760798051b22743c103) THRIFT-4659: Fix race when closing server socket ([#1645](https://github-redirect.dependabot.com/apache/thrift/issues/1645))
- [`44ee32c`](https://github.com/apache/thrift/commit/44ee32cef57cbbd0ad62dfa026f0ee5e746f5c2b) Fix c++98 build
- [`e6e7e62`](https://github.com/apache/thrift/commit/e6e7e62981e285d6d7e023a618be3bafa514edae) Correct c++17 definition
- [`db61f10`](https://github.com/apache/thrift/commit/db61f10497bcf069da03537629dcc79b0523ebe4) Fix build with old c++
- Additional commits viewable in [compare view](https://github.com/apache/thrift/compare/0.9.3...v0.12.0)
</details>
<br />
[](https://help.github.com/articles/configuring-automated-security-fixes)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/apache/flume/network/alerts).
</details>
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services