Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated Apache-avro dependency #60

Merged
merged 1 commit into from
Jan 10, 2024
Merged

Updated Apache-avro dependency #60

merged 1 commit into from
Jan 10, 2024

Conversation

ilikepi63
Copy link
Contributor

Reference: https://rustsec.org/advisories/RUSTSEC-2023-0074

apache-avro. 0.16 doesn't have a dependency on zerocopy, and therefore avoids this security advisory

@lerouxrgd lerouxrgd merged commit 92f6a77 into lerouxrgd:master Jan 10, 2024
0 of 2 checks passed
@lerouxrgd
Copy link
Owner

Indeed, thanks !

@martin-g
Copy link
Contributor

The CI checks have failed!
Some extra work is needed to upgrade to 0.16.

@lerouxrgd
Copy link
Owner

Interestingly 0.16 cannot parse this schema anymore:

{
  "type": "record",
  "name": "DateLogicalType",
  "fields": [ {
    "name": "birthday",
    "type": {"type": "int", "logicalType": "date"},
    "default": 1681601653
  } ]
}

It says:
default's value type of field "birthday" in "DateLogicalType" must be "{\"type\":\"int\",\"logicalType\":\"date\"}"

However this one is fine:

{
  "type": "record",
  "name": "DateLogicalType",
  "fields": [ {
    "name": "release_datetime_micro",
    "type": {"type": "long", "logicalType": "timestamp-micros"},
    "default": 1570903062000000
  } ]
}

@martin-g Do you know where I should report this ?

@martin-g
Copy link
Contributor

https://issues.apache.org/jira/browse/AVRO
Thank you!

@martin-g
Copy link
Contributor 

diff --git i/lang/rust/avro/src/types.rs w/lang/rust/avro/src/types.rs
index 97d6b7174..8d9652d71 100644
--- i/lang/rust/avro/src/types.rs
+++ w/lang/rust/avro/src/types.rs
@@ -281,7 +281,14 @@ impl From<JsonValue> for Value {
         match value {
             JsonValue::Null => Self::Null,
             JsonValue::Bool(b) => b.into(),
-            JsonValue::Number(ref n) if n.is_i64() => Value::Long(n.as_i64().unwrap()),
+            JsonValue::Number(ref n) if n.is_i64() => {
+                let n = n.as_i64().unwrap();
+                if n >= i32::MIN as i64 && n <= i32::MAX as i64 {
+                    Value::Int(n as i32)
+                } else {
+                    Value::Long(n)
+                }
+            },
             JsonValue::Number(ref n) if n.is_f64() => Value::Double(n.as_f64().unwrap()),
             JsonValue::Number(n) => Value::Long(n.as_u64().unwrap() as i64), // TODO: Not so great
             JsonValue::String(s) => s.into(),

This fixes the problem,

@lerouxrgd
Copy link
Owner

Thanks, I have asked for an account on the JIRA server to be able to create issues.
Let me know when you manage to release this fix for apache-avro, I'll update my code accordingly.

@lerouxrgd
Copy link
Owner

Ok I created this issue:
https://issues.apache.org/jira/browse/AVRO-3928
(Not sure I filled up correctly all the fields though 😅)

@martin-g
Copy link
Contributor

The fix is committed!
There are talks in motion about releasing Avro 1.12.0 (including apache_avro crate 0.17.0) but I have no idea how much time it would take ...

@lerouxrgd lerouxrgd mentioned this pull request Jan 15, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ilikepi63 @lerouxrgd @martin-g