I pinged the requesters of a new feature in the Rust SDK at https://github.com/apache/avro/pull/2014 for review and test But I am fine to release 1.11.2 even without this PR
On Thu, Mar 9, 2023 at 11:14 PM Ryan Skraba <[email protected]> wrote: > Hey all, I'd like to bring this discussion back to life -- are we in a > state to do a 1.11.2 release? > > I was on a pretty extended holiday in 2023, and it's pretty exciting > to see the movement in the project. If I remember correctly, there > wasn't much left in JIRA unresolved for 1.11.2! [1] > > There's still a python JIRA assigned to me that I'd like to finish up > now that I'm back before trying to release. Anyone else have things > that should be cherry-picked or merged? > > All my best, Ryan > > [1] > https://issues.apache.org/jira/issues/?jql=project%20%3D%20AVRO%20AND%20fixVersion%20%3D%201.11.2%20%20AND%20status%20!%3D%20Resolved > > > On Thu, Nov 10, 2022 at 7:37 PM Ryan Skraba <[email protected]> wrote: > > > > We probably don't need to do an initial vote on this :D Fixing CVEs > > is probably a compelling enought reason to do this! > > > > But if anybody thinks this is a bad idea, needs anything specific for > > 1.11.2 or wants to help review / resolve some of these PRs marked for > > 1.11.2, I'd love to hear about it. > > > > In any case, I'm definitely going to propose a release shadowing > > session (maybe recorded?) that I didn't deliver in 1.11.1 ! > > > > All my best, Ryan > > > > On Fri, Nov 4, 2022 at 7:45 PM Martin Grigorov <[email protected]> > wrote: > > > > > > +1 for 1.11.2 > > > > > > IMO Jackson could be upgraded to 2.13.x only for 1.12.0. > > > 2.12.7 is not affected by the CVEs > > > > > > On Fri, Nov 4, 2022, 20:07 Ryan Skraba <[email protected]> wrote: > > > > > > > It looks like there's been a couple of CVE fixes in dependencies that > > > > we might want to have! See AVRO-3656, and perhaps AVRO-3658 (not yet > > > > merged, bumping to jackson 2.13, which might have breaking changes). > > > > > > > > We've been cherry-picking pretty nicely so the branch is in a pretty > > > > good state, with just a few Unresolved issues (mostly with existing > > > > PRs that need some committer attention!) that have been marked for > > > > 1.11.2 > > > > > > > > What do you think? > > > > > > > > Ryan > > > > > > > > [1] > > > > > https://issues.apache.org/jira/issues/?jql=project%20%3D%20AVRO%20AND%20fixVersion%20%3D%201.11.2%20%20AND%20status%20!%3D%20Resolved > > > > >
