Java fixes for 22.x #12035
Merged
Java fixes for 22.x #12035
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…were not being set as immutable. This would allow code to get a builder for a sub-message and modify the original (supposedly immutable) copy. PiperOrigin-RevId: 511598810
Fix for: #11393 PiperOrigin-RevId: 511807920
deannagarcia
approved these changes
Feb 23, 2023
srowen
pushed a commit
to apache/spark
that referenced
this pull request
Apr 25, 2023
### What changes were proposed in this pull request? This pr aims upgrade protobuf-java from 3.22.0 to 3.22.3. ### Why are the changes needed? The new version fixed the issue of `NoSuchMethodError` thrown when using Java 8 to run proto compiled with Java 9+ (even if --target 1.8): - protocolbuffers/protobuf#11393 / protocolbuffers/protobuf#12035 The full release notes as follows: - https://github.com/protocolbuffers/protobuf/releases/tag/v22.1 - https://github.com/protocolbuffers/protobuf/releases/tag/v22.2 - https://github.com/protocolbuffers/protobuf/releases/tag/v22.3 - protocolbuffers/protobuf@v3.22.0...v3.22.3 ### Does this PR introduce _any_ user-facing change? No ### How was this patch tested? Pass GitHub Actions Closes #40430 from LuciferYang/SPARK-42798. Lead-authored-by: YangJie <yangjie01@baidu.com> Co-authored-by: yangjie01 <yangjie01@baidu.com> Signed-off-by: Sean Owen <srowen@gmail.com>
trustin
pushed a commit
to line/armeria
that referenced
this pull request
May 30, 2023
Motivation: The protobuf-java:3.21.1 version used in Armeria has a few CVEs: Unsatisfied rule TrivyScan: Detected unresolved vulnerabilities, please see http://go/maven-vulnerabilities. Set TRIVY_FAIL_RESOLUTION=0 in your environment to temporarily disable this check.: com.google.protobuf:protobuf-java:3.21.1 -> CVE-2022-3171, CVE-2022-3509, CVE-2022-3510 Modifications: - Bump protobuf-java to 3.22.2 since it has the fix for protocolbuffers/protobuf#12035 and also all the fixes for the above CVEs. Result: - Library consumers will not see Armeria detected as a vulnerability.
bithium
pushed a commit
to bithium/protobuf
that referenced
this pull request
Sep 4, 2023
* Fix mutability bug in Java proto lite: sub-messages inside of oneofs were not being set as immutable. This would allow code to get a builder for a sub-message and modify the original (supposedly immutable) copy. PiperOrigin-RevId: 511598810 * Add casts to make protobuf compatible with Java 1.8 runtime. Fix for: protocolbuffers#11393 PiperOrigin-RevId: 511807920 --------- Co-authored-by: Protobuf Team Bot <protobuf-github-bot@google.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Patch Java lite mutability fix and Java 8 compatibility fix into 22.x