Skip to content

Bump System.Text.Json to 8.0.4 #5787

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 11, 2024
Merged

Bump System.Text.Json to 8.0.4 #5787

merged 1 commit into from
Jul 11, 2024

Conversation

roji
Copy link
Member

@roji roji commented Jul 11, 2024
edited
Loading

Because of GHSA-hh2w-p6rv-4g7w

@roji roji requested a review from vonzshik as a code owner July 11, 2024 16:59
vonzshik
vonzshik approved these changes Jul 11, 2024
View reviewed changes
Directory.Packages.props
@@ -10,7 +10,7 @@
<PackageVersion Include="OpenTelemetry.API" Version="1.7.0" />

<!-- Compatibility -->
<PackageVersion Include="System.Text.Json" Version="$(SystemVersion)" />
<PackageVersion Include="System.Text.Json" Version="8.0.4" />
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe add a comment to bring back SystemVersion after we upgrade to the latest .NET?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually SystemVersion seems to block dependabot and dotnet updated, maybe we shouldn't use it...?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Huh. Maybe? No idea what's going to happen after .NET 9 GA though. Is it going to try and update npgsql 8 dependencies to .NET9?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think so... We'll see :)

@roji roji enabled auto-merge (squash) July 11, 2024 17:03
@roji roji merged commit a9bfb4a into npgsql:main Jul 11, 2024
@roji roji deleted the BumpJson branch July 11, 2024 17:04
roji added a commit that referenced this pull request Jul 11, 2024
@roji
Bump System.Text.Json to 8.0.4 (#5787)
81fd2d6 
(cherry picked from commit a9bfb4a)
@roji
Copy link
Member Author

roji commented Jul 11, 2024
edited
Loading

Backported to 7.0.8 via 81fd2d6 (reverted, seems to be incompatible with netcoreapp3.1 which is also targeted by the tests; 7.0 is out of supported in any case)

@acohenOT
Copy link

acohenOT commented Aug 29, 2024
edited
Loading

@roji by chance, do you have any estimate on when Npgsql 8.0.4 will be released that contains this fix? Thank you.

@roji
Copy link
Member Author

roji commented Aug 30, 2024

We really should do it soon - there are some pending bug fixes we wanted to get in, but we really shouldn't delay too much for them. I'll talk to the other members.

@roji roji mentioned this pull request Sep 4, 2024
Closed
roji added a commit that referenced this pull request Sep 4, 2024
@roji
Bump System.Text.Json to 8.0.4 (#5787)
2cca021 
(cherry picked from commit a9bfb4a)
@roji
Copy link
Member Author

roji commented Sep 4, 2024

Backported to 8.0.4 via 2cca021

roji added a commit that referenced this pull request Sep 4, 2024
@roji
Revert "Bump System.Text.Json to 8.0.4 (#5787)"
aae81db 
This reverts commit 81fd2d6.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vonzshik vonzshik vonzshik approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@roji @acohenOT @vonzshik