Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change avro dependency to version 1.11.1. #27067

Closed
wants to merge 1 commit into from
Closed

Change avro dependency to version 1.11.1. #27067

wants to merge 1 commit into from

Conversation

ghost
Copy link

@ghost ghost commented Jun 8, 2023

The previous version of avro was 1.8.2, but parquet-avro:1.12.0, which is a dependency of beam-sdks-java-io-parquet, requires avro:1.10.1: https://mvnrepository.com/artifact/org.apache.parquet/parquet-avro/1.12.0.

Alternatively, we may update the version to avro:1.10.1 (required by parquet-avro:1.12.0), but avro:1.11.1 has fewer vulnerabilities:
https://mvnrepository.com/artifact/org.apache.avro/avro/1.10.1
https://mvnrepository.com/artifact/org.apache.avro/avro/1.11.1

Please add a meaningful description for your change here


Thank you for your contribution! Follow this checklist to help us incorporate your contribution quickly and easily:

  • Mention the appropriate issue in your description (for example: addresses #123), if applicable. This will automatically add a link to the pull request in the issue. If you would like the issue to automatically close on merging the pull request, comment fixes #<ISSUE NUMBER> instead.
  • Update CHANGES.md with noteworthy changes.
  • If this contribution is large, please file an Apache Individual Contributor License Agreement.

See the Contributor Guide for more tips on how to make review process smoother.

To check the build health, please visit https://github.com/apache/beam/blob/master/.test-infra/BUILD_STATUS.md

GitHub Actions Tests Status (on master branch)

Build python source distribution and wheels
Python tests
Java tests
Go tests

See CI.md for more information about GitHub Actions CI.

The previous version of avro was 1.8.2, but parquet-avro:1.12.0, which is a dependency of beam-sdks-java-io-parquet, requires avro:1.10.1: https://mvnrepository.com/artifact/org.apache.parquet/parquet-avro/1.12.0.
@codecov
Copy link

codecov bot commented Jun 8, 2023

Codecov Report

Merging #27067 (cfa5de9) into master (ea729df) will decrease coverage by 0.02%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master   #27067      +/-   ##
==========================================
- Coverage   71.53%   71.51%   -0.02%     
==========================================
  Files         854      854              
  Lines      104093   104093              
==========================================
- Hits        74464    74447      -17     
- Misses      28082    28099      +17     
  Partials     1547     1547              
Flag Coverage Δ
python 81.01% <ø> (-0.03%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 6 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@github-actions
Copy link
Contributor

github-actions bot commented Jun 8, 2023

Assigning reviewers. If you would like to opt out of this review, comment assign to next reviewer:

R: @Abacn added as fallback since no labels match configuration

Available commands:

  • stop reviewer notifications - opt out of the automated review tooling
  • remind me after tests pass - tag the comment author after tests pass
  • waiting on author - shift the attention set back to the author (any comment or push by the author will return the attention set to the reviewers)

The PR bot will only process comments in the main thread (not review comments).

@ghost
Copy link
Author

ghost commented Jun 13, 2023

There is on-going work on the dependency issue: #24292. Closing this PR.

@ghost ghost closed this Jun 13, 2023
@ghost ghost deleted the shunping-playpen-avro-1.11 branch June 13, 2023 19:00
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant