frugal icon indicating copy to clipboard operation
frugal copied to clipboard

Published 20 hours ago verified publisher icon Workiva

go-lib: bump github.com/apache/thrift from 0.14.2 to 0.17.0 in /lib/go

Open dependabot[bot] opened this issue 2 years ago • 1 comments

Bumps github.com/apache/thrift from 0.14.2 to 0.17.0.

Release notes

Sourced from github.com/apache/thrift's releases.

Version 0.17.0

Please head over to the official release download source: http://thrift.apache.org/download

The assets listed below are added by Github based on the release tag and they will therefore not match the checkums published on the Thrift project website.

Version 0.16.0

For release 0.16.0 head over to the official release download source: http://thrift.apache.org/download

The assets below are added by Github based on the release tag and they may therefore not match the checkums.

Version 0.15.0

For release 0.15.0 head over to the official release download source: http://thrift.apache.org/download

The assets below are added by Github based on the release tag and they may therefore not match the checkums.

Changelog

Sourced from github.com/apache/thrift's changelog.

0.17.0

Known Open Issues (Blocker or Critical)

  • THRIFT-3877 - C++ library don't work with HTTP (csharp server, cpp client; need cross test enhancement)
  • THRIFT-5468 - Swift service generator doesn't support oneway

Removed Languages

NB. CL had been finally dropped from 0.17.0 due to lack of active maintainers. In the meantime there is some ongoing work to reintegrate CL support in 0.18.0 version.

Build Process

  • THRIFT-5565 - upgrade travis ci base image to xenial
  • THRIFT-5572 - current travis build is broken (error timeout) within kerl erlang build step
  • THRIFT-5575 - Create a GitHub workflow using CMake

C++

  • THRIFT-5093 - lib: cpp: test: clarify effect of MemoryPolicy on TMemoryBuffer
  • THRIFT-5510 - On Windows NOMINMAX and WIN32_LEAN_AND_MEAN are unset even if set before
  • THRIFT-5515 - Oneway requests can stuck in TNonblockingServer with TSSLSocket
  • THRIFT-5529 - Missing space "<::" in C++ generator
  • THRIFT-5576 - fix old-style cast at const value ctor/copy and redundant copy at ctor

Common LISP

Compiler (General)

  • THRIFT-5506 - C26495 variable "t_field::req_" not initialized, t_field.h:40
  • THRIFT-5540 - Can't use a typedef for a container type containing enums in a constant
  • THRIFT-5588 - Remove slist/senum from IDL

Contributed

  • THRIFT-5599 - contrib/fb303 does not compile after C++ library refactorings

Delphi

Documentation

  • THRIFT-5592 - Update documentation and IDL definition files for uuid type

... (truncated)

Commits
  • 4d493e8 fixing missing EXTRA_DISTs
  • 383e4ad CHANGES.md updated
  • 22f6a8a If the amount of data transmitted is large, an error will be reported.
  • bce985b Revert "Update thrift_socket_transport.erl"
  • 60fef43 Update thrift_socket_transport.erl
  • 8ad8d5d THRIFT-5576: fix old-style cast and redundant copy
  • 0aa108f THRIFT-5502 Log SocketException at WARN level only + Fix formatting
  • d5c6697 THRIFT-4086: Add missing calls to get_true_type when generating validator + m...
  • bdfde85 Add a generic sync.Pool wrapper to go library
  • 7ae180b THRIFT-5609: Make TJSONProtocol safe to be used in deserializer pool
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Sep 19 '22 14:09 dependabot[bot]

Security Insights

No security relevant content was detected by automated scans.

Action Items

  • Review PR for security impact; comment "security review required" if needed or unsure
  • Verify aviary.yaml coverage of security relevant code

Questions or Comments? Reach out on Slack: #support-infosec.

aviary2-wf avatar Sep 19 '22 14:09 aviary2-wf