Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

resolve RUSTSEC-2023-0086 #2004

Closed
wants to merge 1 commit into from

Conversation

aradwann
Copy link
Contributor

@aradwann aradwann commented Sep 30, 2024

resolves #1966 and #1655

awaiting apache/arrow-rs#6340

@aradwann aradwann marked this pull request as ready for review October 6, 2024 14:57
@AhmedSoliman AhmedSoliman added the dependencies Pull requests that update a dependency file label Oct 7, 2024
@tillrohrmann tillrohrmann force-pushed the resolve-RUSTSEC-2023-0086 branch from 9f61e6a to f8dcaa2 Compare October 7, 2024 08:22
Copy link
Contributor

@tillrohrmann tillrohrmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for fixing the advisory @aradwann. This is really cool. Also that you could get rid of the nasty hack to convert between tonic 0.12 and 0.11 :-) The changes look good to me.

I've rebased your changes onto the latest main and removed the merge commits so that we have a linear commit history. Once GHA gives green light, I'll merge your changes. Thanks a lot for your contribution. You are awesome!

upgrade API breaking arrow dependencies

fix SessionStateBuilder deprecation warnings

replace closure with function

remove unused tonic-0-11

cargo update

upgrade arrow

upgrade arrow convert

This fixes #2004.
@tillrohrmann tillrohrmann force-pushed the resolve-RUSTSEC-2023-0086 branch from f8dcaa2 to b0f7090 Compare October 7, 2024 16:48
@aradwann aradwann deleted the resolve-RUSTSEC-2023-0086 branch October 7, 2024 19:23
igalshilman added a commit to igalshilman/restate that referenced this pull request Oct 16, 2024
This is a bug fix that was introduced in restatedev#2004
Which change the order that optimizers are registered.
The reason for this is described as a comment few lines above.
igalshilman added a commit that referenced this pull request Oct 17, 2024
* [datafusion] prepend physical_optimizer_rule before the other rules

This is a bug fix that was introduced in #2004
Which change the order that optimizers are registered.
The reason for this is described as a comment few lines above.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Upgrade lexical-core to 1.0 (Apache Arrow transitive dependency)
3 participants