Skip to content

chore(deps): bump github.com/ugorji/go/codec from 1.2.14 to 1.3.0 #2261

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

chore(deps): bump github.com/ugorji/go/codec from 1.2.14 to 1.3.0 #2261

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 17, 2025
edited
Loading

Bumps github.com/ugorji/go/codec from 1.2.14 to 1.3.0.

Release notes

Sourced from github.com/ugorji/go/codec's releases.

1.3.0

Release 1.3.0

Today, we release v1.3.0 of go-codec.

This is a BIG production release of go-codec. We encourage all users to upgrade immediately.

Highlights:

  • codecgen removed
  • benchmarks moved completely to go-codec-bench/codec package
  • introduce generics extensively within unexported code (not exposed to consumers)
  • built atop generics, introduce monomorphization for optimized code execution
  • dramatic performance improvement: up to 18% on encode and 49% on decode
  • many architectural refactoring cleanup for better code
  • many fixes, including zero copy, trie for struct field lookup,
  • support NilCollectionToZeroLength: allowing encoding a nil collection as [] not null in json, etc
  • json: support TimeFormat and BytesFormat in json, for comprehensive support when encoding time.Time and []byte
  • numerous architectural clean ups and bug fixes leading to much more robust code

As noted above, this release is up to 18% faster on encode and 49% faster on decode, much more robust and provides better support for json and handling nil collections.

As a consequence of the changes, we now support at least 4 major releases of go. v1.3.0 supports go 1.21+ (ie last 2+ years of go releases).

The main goal has always been to provide the most feature-rich and performant package for encoding and decoding of multiple popular binary and text formats in a consistent way.

We believe we continue to achieve that!

Commits
  • 2f58d58 github workflow: no need to go get go-cmp package, since it is referenced in ...
  • d08e9df codec: nit (remove comments)
  • 2630ac4 codec: test: call testEqualOpts with right set of interfaces to ignoreunexpor...
  • 1bed99c codec: add go-cmp test dependency to go.mod, go.sum
  • 622e876 codec: github actions: add cache: false to resolve repo go.sum missing
  • f45b40a codec: simplify field name precedence support
  • 1bd7e92 codec: fix testEqual support for diff
  • 047fd14 codec: bench: add io with bufsize=0 to quicksuite, and other nits (use fmt.Sp...
  • 707f480 codec: bench: one pass check should handle recover while printing name of format
  • 0885686 codec: always log BenchOnePass output regardless of test.v flag
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 17, 2025
@dependabot dependabot bot requested a review from a team as a code owner June 17, 2025 01:22
@dependabot dependabot bot requested review from hdonnay and removed request for a team June 17, 2025 01:22
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 17, 2025
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/ugorji/go/codec-1.3.0 branch 2 times, most recently from 808c440 to 3bd3682 Compare June 20, 2025 16:32
@hdonnay
Copy link
Member

hdonnay commented Jun 20, 2025

@crozzy This is failing because of this (e.g. right now we make sure zero time.Time is encoded as a string instead of a null), but it's possible we don't care about this behavior. Thoughts?

@hdonnay
Copy link
Member

hdonnay commented Jun 20, 2025

Alternative to making code changes or doing this upgrade: start a parallel implementation on top of the go1.25 json experiment

@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/ugorji/go/codec-1.3.0 branch 2 times, most recently from 17f62f4 to 70cc774 Compare July 7, 2025 20:48
@dependabot
chore(deps): bump github.com/ugorji/go/codec from 1.2.14 to 1.3.0
76ccb8a 
Bumps [github.com/ugorji/go/codec](https://github.com/ugorji/go) from 1.2.14 to 1.3.0.
- [Release notes](https://github.com/ugorji/go/releases)
- [Commits](ugorji/go@v1.2.14...codec/v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/ugorji/go/codec
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/ugorji/go/codec-1.3.0 branch from 70cc774 to 76ccb8a Compare July 8, 2025 14:16
@hdonnay
Copy link
Member

hdonnay commented Sep 3, 2025

Would rather land #2266 than work out if the behavior change here is OK.

@hdonnay hdonnay closed this Sep 3, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 3, 2025

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/go_modules/github.com/ugorji/go/codec-1.3.0 branch September 3, 2025 21:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hdonnay hdonnay Awaiting requested review from hdonnay hdonnay is a code owner automatically assigned from quay/clair

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@hdonnay