Skip to content
This repository has been archived by the owner on Mar 22, 2024. It is now read-only.

build(deps): Bump github.com/jhump/protoreflect from 1.10.1 to 1.15.1 #137

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Mar 6, 2023

Bumps github.com/jhump/protoreflect from 1.10.1 to 1.15.1.

Release notes

Sourced from github.com/jhump/protoreflect's releases.

v1.15.1

This is small bugfix release to address regressions reported in v1.15.0.

"github.com/jhump/protoreflect/desc/protoparse"

Changes/fixes:

  • As of v1.15.0, descriptors returned from this package would include dynamic extension fields to represent option values for custom options that were defined in the set of files being compiled. This was a regression from all previous versions, where custom options were represented using statically known extension fields (i.e. extensions that were generated to Go code and linked into the calling program) or as unrecognized fields. This break some usages, where code was using type assertions of the extension value to a generated struct (which fails when the value is a dynamic message value). This has been fixed, and the behavior from v1.14.1 and before has been restored.
  • As of v1.15.0, a data race was possible. This is was a regression, where #236 revealed its ugly head again. The issue would occur if a parse operation used the Parser.LookupImport or Parser.LookupImportProto field to supply some dependencies as descriptors instead of as source. The race occurred when the same descriptor was referenced from different, concurrent parse operations: one goroutine would modify the descriptor during linking, while another goroutine was trying to access it (without synchronization). It has now been fixed (via a fix in the underlying protocompile library: bufbuild/protocompile#103).

v1.15.0

This is a significant and admittedly long overdue release. This release finally provides a bridge for interoperability between packages and functionality in this repo and the new reflection packages and APIs added in the "v2 API" of the Protobuf runtime for Go (google.golang.org/protobuf), particularly the protoreflect, protodesc, protoregistry, and dynamicpb packages.

This repo began because the Protobuf runtime (at the time, the "v1 API" in github.com/golang/protobuf) had no support for Protobuf reflection and dynamic messages. The functionality slowly grew to include dynamic gRPC, interesting meta features like parsing Protobuf sources or printing Protobuf source from a descriptor, etc.

But the v2 API was released nearly three years ago. And it does provide some functionality that this repo provided, but now in the core runtime library. And yet this repo still refers to the now-deprecated v1 API.

Under the hood, this is a very big change, mainly due to the big changes (described below) in the github.com/jhump/protoreflect/desc and github.com/jhump/protoreflect/desc/protoparse packages.

This release is planned to be the final v1 release. Any other changes significant enough to warrant a new minor version will instead be added in an upcoming v2 version. A new v2 version will have zero references to the v1 API of the Protobuf runtime, and it will not duplicate any of the functionality that now exists in the v2 API.

The changes are all detailed below and include all of the changes described in the past two release candidates (v1.15.0-rc1 and v1.15.0-rc2).


NOTE: Zero defects were reported in the nearly six weeks since the first release candidate was created. It is entirely possible that very few users tried it, so there still could be some material bugs and compatibility issues lurking in this release. If you encounter any marked changes in behavior between the previous release (v1.14.1) and this one, please file an issue as soon as possible! However, if the issue is a performance degradation, it may not be addressed until a v2. So If your use case is very sensitive to performance, you may need to stay on v1.14.1. The under-the-hood changes in this repo for this release are expected to have some performance impact, though it will hopefully be minor or even negligible for most users.


"github.com/jhump/protoreflect/desc"

Changes/fixes:

  • This package, the core of this whole repo, with its descriptor interfaces and related functions, has been substantially overhauled. The descriptor values provided by this package are now backed by the descriptor implementations in the google.golang.org/protobuf/reflect/protoreflect package.
    • The primary advantage of this change is that it is now easy to convert a protoreflect.Descriptor to a desc.Descriptor (via the various Wrap* functions in this package). It is similarly easy to unwrap a desc.Descriptor value, to recover the underlying protoreflectDescriptor.
    • This allows this package to be easily used in conjunction with protoreflect and accompanying packages. You can take a protoreflect.Descriptor and then easily use it with the desc/builder and desc/protoprint packages in this repo. Similarly, you can create a desc.Descriptor using the desc/protoparse package and easily turn that into a protoreflect.Descriptor, for use with the google.golang.org/protobuf/... packages.

Additions:

  • This adds a new DescriptorWrapper interface, which is implemented by all descriptor implementations in this package. It contains an Unwrap() protoreflect.Descriptor function, to recover the underlying protoreflect.Descriptor.
  • Also, all descriptor implementations in this package also have additional methods that are more strongly typed. For example, *desc.FileDescriptor has a method UnwrapFile() protoreflect.FileDescriptor.
  • Finally, this package now has numerous Wrap* functions, which accept a protoreflect.Descriptor and wrap it, returning a desc.Descriptor. There is one function for each concrete type, for example for messages there is WrapMessage(d protoreflect.MessageDescriptor) (*MessageDescriptor, error)

"github.com/jhump/protoreflect/desc/builder"

Changes/fixes:

  • Previously, not all rules of the Protobuf language were enforced when building a new descriptor with this package. Since the desc.Descriptor values returned by this package are now backed by protoreflect.Descriptor values, more rules are enforced. This is because the implementation of descriptors in the protoreflect package does perform all of those validation checks. The new checks that are now enforced that previously were not:
    1. Files with a syntax of proto3 are not allowed to have required fields.
    2. Files with a syntax of proto3 are not allowed to have messages that define extension ranges.

... (truncated)

Commits
  • 81aa758 hack: change internal package name for grpc.reflection.v1 to prevent possible...
  • 7923b75 protoparse: fixes to issues reported in v1.15.0 (#554)
  • bc601ae build(deps): bump golang.org/x/net (#551)
  • 7fcc3b0 build(deps): bump golang.org/x/text from 0.3.2 to 0.3.8 (#548)
  • 1d63728 protoprint: make sure output is stable, even when there is no source code inf...
  • 220303e another fuzz test fix, even newer version of protocompile (#546)
  • fea8ba4 newer protocompile with potential fix to fuzz test perf issue (#545)
  • d2a36df add doc comments for all new, recently added API elements (#544)
  • 384ff0e protocompile v0.2.0 (#543)
  • 0400f4d many validation rules previously unimplemented are now implemented (#542)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/jhump/protoreflect](https://github.com/jhump/protoreflect) from 1.10.1 to 1.15.1.
- [Release notes](https://github.com/jhump/protoreflect/releases)
- [Commits](jhump/protoreflect@v1.10.1...v1.15.1)

---
updated-dependencies:
- dependency-name: github.com/jhump/protoreflect
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 6, 2023
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Mar 6, 2023

Dependabot tried to add @alexanderbez and @fedekunze as reviewers to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/forbole/cosmos-sdk/pulls/137/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the forbole/cosmos-sdk repository. // See: https://docs.github.com/rest/reference/pulls#request-reviewers-for-a-pull-request

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Mar 6, 2023

The following labels could not be found: automerge.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants