That's basically my question in the pr: https://github.com/apache/thrift/pull/2799#issuecomment-1609947314, That I don't know how severe the bug it's fixing is. If this is fixing some CVE then reverting would likely be a very bad idea.
On Fri, Jul 7, 2023 at 1:09 PM Jens Geyer <jensge...@hotmail.com> wrote: > Hi, > > > I'm wondering if we can simply revert it? Or would that be a bad idea? > > > Have fun, > > JensG > > > Am 07.07.2023 um 19:20 schrieb Yuxuan Wang: > > I believe the failing is caused by a dependbot upgrade, likely [1], that > it > > starts to complain about things it did not complain before. > > > > I tried to fix some low hanging fruits in [2], but even after that there > > are other checks still failing [3], which I'm not sure how to fix. > > > > Can someone familiar with java/kotlin/gradle take a look? The failures > also > > prevent us from running cross-test on Github Actions ever since. > > > > [1]: > > > https://protect.checkpoint.com/v2/___https://github.com/apache/thrift/commit/5582f31f504e2be6dc13a901eb52dc37f35e90e1___.YzJ1OnJlZGRpdDpjOmc6MTM1ZmNjMDZlNWYyYjYwYmIxNmU5OGFjYjhhYzdlYTk6NjpmZGMyOjgyMzI2NzE4NDRhZGFjNWQwOWMzYzBhMzk5MmMyN2RhMTEwZmIzYjkxMmZiNjdmNTIyY2JiOTlhNmI5NGJkOWI6cDpU > > [2]: > > > https://protect.checkpoint.com/v2/___https://github.com/apache/thrift/commit/abf3fc31470daf57dc50085f56396abba4b3bc1d___.YzJ1OnJlZGRpdDpjOmc6MTM1ZmNjMDZlNWYyYjYwYmIxNmU5OGFjYjhhYzdlYTk6Njo2NTA4OjRmNmM2ZDIzNTAwOTAwYTYzOWVjYjYxYTQzYTljOWFhNTM5YmM3NDFlZmMxYWVlYTNhYTNlMDE1NjEwNjIzOGU6cDpU > > [3]: > > > https://protect.checkpoint.com/v2/___https://github.com/apache/thrift/actions/runs/5393552270/jobs/9793527856___.YzJ1OnJlZGRpdDpjOmc6MTM1ZmNjMDZlNWYyYjYwYmIxNmU5OGFjYjhhYzdlYTk6NjplMTUzOjgyMDRlMzgzMDQ1N2FkZWRkNzcxODM5OWY0Mjc1NTQ3NTU5NjNlZDk4MzYzMTNiOTVlNzkwYzU4ZmRhYjk1MjU6cDpU > > >