Conversation
Co-authored-by: Pavel Kvach <pavel.kvach@gmail.com>
Co-authored-by: Pavel Kvach <pavel.kvach@gmail.com>
This PR fixes the Security tests to build on a clean install of ubuntu 20.04 and ubuntu 22.04 without modifications to the systems openssl configuration. * Enable TLS 1.0 and TLS 1.1 on OpenSSL 1.1 with the seclevel=0 flag * Disable TLS 1.0 and TLS 1.1 on OpenSSL 3.0 While its technically possible to enable it on OpenSSL 3 I think because of all the issues with these old TLS versions dropping support for it is better. This PR builds forth on the work done here: apache#2811 Tested with the ubuntu 20.04 (OpenSSL 1.1) and 22.04 (OpenSSL 3.0) docker containers. All lib/cpp tests succeed in both.
Some libraries want to bypass the TServer class and handle the full
service startup manually. For example when building a service that hosts
multiple thrift services where the IFace type is unknown when handling a
request.
For example when you host multiple services on top of netty and through
an HTTP path you want to route to the correct thrift service. In this
situation you treat can treat an IFace as an Object and use the
`getProcessMapView()` method to parse a byte array into a thrift message
and pass let the `AsyncProcessFunction` handle the invocation.
To return a correct thrift response it's necessary to write the
`{service_name}_result` that contains the response args.
While it is possible to get an incoming args object from the
(Async)ProcessFunction its unfortunately not possible to get
a result object without using reflection.
This PR extends the (Async)ProcessFunction by adding a
`getEmptyResultInstance` method that returns a new generic `A` (answer)
that matches the `{service_name}_result` object.
This allows thrift users to write the following processing code:
```java
<I> void handleRequest(
TProtocol in,
TProtocol out,
TBaseAsyncProcessor<I> processor,
I asyncIface
) throws TException {
final Map<String, AsyncProcessFunction<Object, TBase<?, ?>, TBase<?, ?>, TBase<?, ?>>> processMap = (Map) processor.getProcessMapView();
final var msg = in.readMessageBegin();
final var fn = processMap.get(msg.name);
final var args = fn.getEmptyArgsInstance();
args.read(in);
in.readMessageEnd();
if (fn.isOneway()) {
return;
}
fn.start(asyncIface, args, new AsyncMethodCallback<>() {
@OverRide
public void onComplete(TBase<?, ?> o) {
try {
out.writeMessageBegin(new TMessage(fn.getMethodName(), TMessageType.REPLY, msg.getSeqid()));
final var response_result = fn.getEmptyResultInstance();
final var success_field = response_result.fieldForId(SUCCESS_ID);
((TBase) response_result).setFieldValue(success_field, o);
response_result.write(out);
out.writeMessageEnd();
out.getTransport().flush();
} catch (TException e) {
throw new RuntimeException(e);
}
}
@OverRide
public void onError(Exception e) {
try {
out.writeMessageBegin(new TMessage(fn.getMethodName(), TMessageType.EXCEPTION, msg.getSeqid()));
((TApplicationException) e).write(out);
out.writeMessageEnd();
out.getTransport().flush();
} catch (TException ex) {
throw new RuntimeException(ex);
}
}
});
}
```
The above example code doesn't need any reference to the original types
and can dynamically create the correct objects to return a correct
response.
Client: Delphi Patch: Jens Geyer
…ory allocations when using COM types Client: Delphi Patch: JensG
Both the default constructor and operator== implementations reference certain member functions of the class' members. As an example, the default constructor references (i.e., "uses") the default constructors of its members. If a class contains a std::vector<Foo>, and Foo has only been *forward*- declared (which happens often in Thrift-generated code), this creates undefined behavior: The std::vector specification states that as long as Foo is an incomplete type, it is fine to reference std::vector<Foo>, but not any members (such as its default constructor). Thus, we must defer our default constructor's implementation (which references the default constructor of std::vector<Foo>) to a point where Foo is a complete type. That is the case in the .cpp file. The same holds for operator==.
This makes sure that helper structs like _args and _result also have their default constructors defined.
Client: nodejs
The Kotlin autoconfig script was missing a `test` causing it to try and execute `x/usr/local/bin/gradle` instead of test for its existence. This resulted in the following error: ``` ./configure: line 15049: x/usr/local/bin/gradle: No such file or directory ``` Adding `test` results in the configuration succeeding. Configure output now: ``` thrift 0.21.0 Building C (GLib) Library .... : yes Building C++ Library ......... : yes Building Common Lisp Library.. : yes Building D Library ........... : yes Building Dart Library ........ : yes Building .NET Standard Library : yes Building Erlang Library ...... : yes Building Go Library .......... : yes Building Haxe Library ........ : yes Building Java Library ........ : yes Building Kotlin Library ...... : yes Building Lua Library ......... : yes Building NodeJS Library ...... : yes Building Perl Library ........ : yes Building PHP Library ......... : yes Building Python Library ...... : yes Building Py3 Library ......... : yes Building Ruby Library ........ : yes Building Rust Library ........ : yes Building Swift Library ....... : yes ```
Run `gradlew :spotlessApply` to apply the correct coding style. Update kotlin compiler to support `getEmptyResultInstance` apache#2939 added the feature to create an instance of the result object without having to use the ProcessFunction. The Kotlin compiler re-uses the java lib so this commit udpates the Kotlin compiler to support this feature as well.
Bumps [jvm](https://github.com/JetBrains/kotlin) from 1.9.22 to 1.9.23. - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/v1.9.23/ChangeLog.md) - [Commits](JetBrains/kotlin@v1.9.22...v1.9.23) --- updated-dependencies: - dependency-name: jvm dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Client: delphi Patch: Jens Geyer
This PR submits fixes to the focal and jammy docker images. * Bionic support was dropped becaused dotnet 8 no longer supports bionic (Ubuntu 18.04). Moved to `old/` like other unmaintained images. * Focal/Jammy used the wrong apt location for dotnet, endpoint was 18.04 instead of 20.04/22.04 * Jammy cannot build Erlang OPT 23 since it depends on OpenSSL 1.1 which was dropped in favor of 3.0. Using Erlang OPT 25 fixes the problem since it depends on OpenSSL 3.0 * Jammy was installing JDK 11 but lib/java requires Java 17 All containers used the `root` used to volume map the local files into the running container. This creates a hard to maintain working directory on Linux and MacOS since files form the local user and root user are mixed. To solve this the new docker files can be build using the UID and GID of the host so the files dont mix. The script uses UID and GID 1000 since these are the default ids for most Linux distros. Change the travis yml to build with 20.04 instead of 18.04. Removed all traces of 18.04 but it cant be tested locally. Updated the README to reflect the new `build/docker/` directory.
Changes: * Comment unions with 'union' in Erlang * Add string type definition strategy * Add support for new sets implementation * Respect new string and set strategy in constant and default values
This is fully unsupported [1], and prevents further tests from running. [1]: actions/runner-images#11101
Client: php Patch: Balázs Dura-Kovács This closes apache#3109
This reverts commit 0481fcd.
When generated code reads a struct, it runs a `for` loop calling `ReadFieldBegin` at the top, but breaks if the field type ID is `thrift.STOP`. With TDuplicateToProtocol naively writing everything read, this results in extra writes, which breaks just about any protocol in the `DuplicateTo` struct field. The proposed fix is to simply add special handling for `thrift.STOP` to `ReadFieldBegin`. I'm no thrift expert, so I have no idea how other libraries handle this concern. Ideally, it seems like each protocol should understand and enforce the invariant that an attempt to call `WriteFieldBegin` with type ID 0 either isn't valid or is a misguided attempt to call `WriteFieldStop`. Co-authored-by: Yuxuan 'fishy' Wang <fishywang@gmail.com>
Client: php Patch: Balázs Dura-Kovács, Volodymyr Panivko This closes apache#3109 This closes apache#3130
Client: Swift This allows the Swift client library to be used as a Swift Package Manager dependency. [skip ci]
Client: Swift Patch: Kino Roy
Bumps [org.jetbrains.kotlinx:kotlinx-coroutines-jdk8](https://github.com/Kotlin/kotlinx.coroutines) from 1.10.1 to 1.10.2. - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](Kotlin/kotlinx.coroutines@1.10.1...1.10.2) --- updated-dependencies: - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-jdk8 dependency-version: 1.10.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps com.diffplug.spotless from 7.0.2 to 7.0.3. --- updated-dependencies: - dependency-name: com.diffplug.spotless dependency-version: 7.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Since the extconf.rb pass `-Werror`, the gem won't compile.
FIX: outdated golang versions in Dockerfiles
Client: cpp Patch: Carel Combrink This closes apache#3136
Client: cpp Patch: Carel Combrink This closes apache#3137
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Comment on lines
+35
to
+48
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Dryrun | ||
| working-directory: lib/rs | ||
| run: cargo publish --dry-run | ||
|
|
||
| - name: Publish | ||
| working-directory: lib/rs | ||
| # Only publish if it's a tag and the tag is not a pre-release | ||
| if: ${{ startsWith(github.ref, 'refs/tags/') && !contains(github.ref, '-') }} | ||
| run: cargo publish | ||
| env: | ||
| CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }} |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.