confluent-schema-registry feature(dependencies): adding support for protobufjs 7

This PR add support for higher versions of protobufjs. resolves https://github.com/kafkajs/confluent-schema-registry/issues/240 and closes https://github.com/kafkajs/confluent-schema-registry/issues/237

It has been tested with protobufjs versions from 6.10.1 to 7.2.3 [UPDATE: 7.2.4 on latest commit] 6.10.1

7.2.3

Also run integration test with kafkajs and sent events to confluent

BTW You can move protobujs dependency to test it also limiting to under 8 because we don't know which breaking changes will come there. Leaving yarn.lock with latest protobufjs version so you can test it

Important to see if it will be better to install protobufjs as a peerDependency

  "peerDependencies":{
    "protobufjs": ">= 6.10.1 < 8"
  },

As a plus

Upgrade ts-jest that was misalign with jest version
Fix spacing in docker-compose.yml
Move dockest to latest version and modify correctly the dockest.ts + gitignore new log file

Extra in case someone wants to run dockest over Mac, it doesn't work because docker-compose config print published port as string instead of number, they have a PR since long ago but hasn't done anything

But you can do this in case of necessity (only Mac)

yarn &&
sed -i ''  's/mergedComposeFiles,/mergedComposeFiles.replaceAll(\/published: "(.*)"\/g, "published: $1"),/g' node_modules/dockest/dist/run/bootstrap/getParsedComposeFile.js &&
yarn test

Jun 22 '23 04:06 catYalere

@catYalere Hi, there is a new Prototype Pollution vulnerability in protobufjs: https://github.com/advisories/GHSA-h755-8qp9-cq85

Can you please upgrade protobuf to 7.2.4 as suggested in the vulnerability details?

Jul 09 '23 08:07 Gilad-Gur-Andelman

@Gilad-Gur-Andelman updated and verify that everything work as expected

Jul 12 '23 18:07 catYalere

@Nevon any chance to get this merged? would silence a lot of npm audit screams 😄

Jul 13 '23 09:07 FlashThePlayer

@Nevon @tulios ?

Jul 13 '23 17:07 catYalere

After a month of waiting I'm currently thinking to fork this and start maintenance and also publish npm package under my public account, thoughts?

Jul 18 '23 15:07 catYalere

@catYalere as much as I like this pragmatic approach, It would be better for you having rights to maintain this repository here, instead of forking it (imho). I don't think you'd want to put the burden of developing this package in the future all onto you?

Jul 19 '23 09:07 iwt-gregorpoloczek

@iwt-gregorpoloczek agree with that and I also prefer it but the issue is that we don't find the current maintainers, so I can help them, so I currently discard that option 😢

Jul 20 '23 16:07 catYalere

Updates on this? Can someone merge it?

Jul 28 '23 13:07 buccfer-knauf

I don't see any movement from any maintainer or collaborator since last October, not just the latest commit, I haven't seen even a comment. Seems like this project has been abandoned.

Jul 28 '23 16:07 Fryuni

@Nevon @evanshortiss

<3 could you do the merge please? 🥹🥹🥹🥹🥹🥹🥹

Jul 31 '23 21:07 gavageovanni

oI @augustozanetti consegue dar uma mao aqui ? rs

Aug 01 '23 14:08 gavageovanni

@Nevon @tulios ⬆️

Aug 01 '23 23:08 augustozanetti

cf https://github.com/tulios/kafkajs/issues/1603 @catYalere you could comment there if you're still up for the task :)

Aug 09 '23 17:08 cyppan

@Nevon @bifrost @erikengervall @tulios can we please have a getting this merged or update this repo to be archived so it is clear it is no longer maintained please?

Aug 16 '23 11:08 kaliabadi

Dec 07 '23 12:12 dotkas

Are we merging anytime soon?

https://github.com/kafkajs/confluent-schema-registry/pull/258

May 03 '24 10:05 sufiyangorgias

confluent-schema-registry confluent-schema-registry copied to clipboard

feature(dependencies): adding support for protobufjs 7

confluent-schema-registry
confluent-schema-registry copied to clipboard