[
https://issues.apache.org/jira/browse/AVRO-2981?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17508551#comment-17508551
]
Kyle Schoonover commented on AVRO-2981:
---------------------------------------
[~rskraba] Did this make it into 1.11.0 or 1.11.1?
> Avrogen: Bump dependency versions
> ---------------------------------
>
> Key: AVRO-2981
> URL: https://issues.apache.org/jira/browse/AVRO-2981
> Project: Apache Avro
> Issue Type: Improvement
> Components: csharp
> Reporter: Brian Lachniet
> Assignee: Brian Lachniet
> Priority: Major
> Fix For: 1.11.1
>
>
> As described in [this
> comment|https://github.com/apache/avro/pull/981#discussion_r525692847], we
> prefer not to bump the dependency versions in libraries.
> {quote}By updating the versions in our libraries, we require users of the
> library to update to a version equal to or greater than the version we
> reference. For example, if a user were to reference an older version of
> Newtonsoft.Json, the would be forced to update to a newer version before they
> could use a new version of the Avro library.
> In short, we should only update the version of the dependencies in our
> libraries if we absolutely must for functionality that we require. We leave
> it up to the users of the library as to whether or not they want the latest
> and greatest of a particularly dependency. We're only going to require the
> bare minimum.{quote}
> That said, we should still reference newer versions of dependencies in any
> executables we ship so that the exe has the latest security updates. At this
> time, Avrogen is the only exe we ship.
> As part of this issue, we should:
> * Update Avrogen dependencies
> * Document are dependency update strategy for exe vs library in the
> {{lang/cshpar/README.md}}
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
