Bump github.com/jhump/protoreflect from 1.16.0 to 1.17.0 #4001
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [github.com/jhump/protoreflect](https://github.com/jhump/protoreflect) from 1.16.0 to 1.17.0. - [Release notes](https://github.com/jhump/protoreflect/releases) - [Commits](jhump/protoreflect@v1.16.0...v1.17.0) --- updated-dependencies: - dependency-name: github.com/jhump/protoreflect dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
the
dependencies
dependabot
bot
requested review from
mstoykov,
oleiade and
a team
and removed request for
a team
|
I've invested a couple hours of time looking into the deprecations brought by this package, and I must admit I'm really out of my depth, and I honestly have no clue how to go about it still. I think it would take me a sizeable amount of time to be able to make this change with confidence as I just don't have enough context on protobuf and our grpc at the moment; and I frankly don't have the capacity to invest in going any further myself at the moment. Is this something you'd have the capacity and interest to look into @olegbespalov ? Otherwise, the bottom line is, 1.17.0 (the updated version) appears to be the last of their version 1 scope. So as long as we don't move to 2.0 .0 (in alpha at the moment) it should be somewhat okay to either not upgrade from 1.16.0 to 1.17.0, or ignore the deprecation warnings in the meatime, if we don't have the capacity to pursue it. cc @mstoykov |
|
I think it is okay if we skip this for v0.55.0 and try to get it in the next one after some more investigation. If we want to get this done now I will also recommend adding just |
Hey @oleiade, no, I don't have the capacity for doing that. Frankly, I believe that this should be handled by another team member. I don't want us to create a knowledge silo around things related to gRPC (like any other specific topic). And seems like this issue is a good opportunity to acquire knowledge in that domain since it remains in the core, and occasionally, we need to do work in that area. I do agree that there is no urgency in doing that right now, so let's skip it now and allocate resources in future cycles. |
|
Fair enough 👍🏻 I agree with your assessment @olegbespalov, I know I would have liked to get more comfortable around that module (I tried), I just don't have the capacity right now. Thus, I'll update to v1.17.0, add |
oleiade
deleted the
dependabot/go_modules/github.com/jhump/protoreflect-1.17.0
branch
Bumps github.com/jhump/protoreflect from 1.16.0 to 1.17.0.
Release notes
Sourced from github.com/jhump/protoreflect's releases.
Commits
06e5c08Update desc/sourceinfo to not wrap descriptors (#622)645b9ddUpdate protocompile, which fixes possible panic in ParseButDontLink (#621)9b68e7bUpdate styling of callouts in README; add info about trying out v29fdd942Allow grpcreflect to fall back to provided resolvers (#614)baac311update deps; reconcile couple of tests with latest protocompile (#613)bed9136desc/sourceinfo: fix panic when descriptor not found (#612)cb1d268perf: use concatenation to compute qualified name in MessageDescriptor.FindFi...1ba1524Add deprecation notices to the packages in this repo that have newer replacem...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)