Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork12
Bump github.com/ory/jsonschema/v3 from 3.0.4 to 3.0.8#522
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
base:main
Are you sure you want to change the base?
Bump github.com/ory/jsonschema/v3 from 3.0.4 to 3.0.8#522
Uh oh!
There was an error while loading.Please reload this page.
Conversation
Bumps [github.com/ory/jsonschema/v3](https://github.com/ory/jsonschema) from 3.0.4 to 3.0.8.- [Release notes](https://github.com/ory/jsonschema/releases)- [Commits](ory/jsonschema@v3.0.4...v3.0.8)---updated-dependencies:- dependency-name: github.com/ory/jsonschema/v3 dependency-type: direct:production update-type: version-update:semver-patch...Signed-off-by: dependabot[bot] <support@github.com>
per1234 left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
A major breaking change was made to the API of this module and then released with only a patch version bump (v3.0.4 -> v3.0.5).
When I asked about this, I received this response:
Yes, we only use this fork internally though. I'd recommend using the upstream for anyone else
Since the current version of the dependency works fine, it doesn't seem worth the effort to port the code to accommodate the breaking change. It would be better to invest the development resources to replacing this dependency that is not being maintained in a reliable manner (or perhaps to abandoning the too limiting schema-based approach completely).
I thoroughly evaluated all the available Go modules for JSON schema validation during the initial development of Arduino Lint. Most were not at all suitable because they only provide human readable validation output. Arduino Lint requires machine consumable output which can then be interpreted according to the current tool settings and translated to user friendly error and warning messages.
The only module I found that met this requirement was:
https://github.com/santhosh-tekuri/jsonschema
However, I found even it did not provide sufficient machine consumable output under certain schema configurations. Another user had previously encountered this issue andcreated a fork when the main module's maintainer was not receptive tothe proposal. So I used that fork.
It would be worth checking to see if it would now be possible to switch from usinggithub.com/ory/jsonschema to the properly maintained upstreamgithub.com/santhosh-tekuri/jsonschema. There has been quite a lot of development in that module since the time I evaluated it, so maybe the needed capability has been added.
An alternative solution would be to configure the schemas in such a manner as to avoid the limitation that caused me to rejectgithub.com/santhosh-tekuri/jsonschema originally. I think that is possible, but it makes them much more difficult to develop, maintain, and contribute to. The main benefit to the JSON schema-based approach is standardization, so we lose some of that by not providing full compatibility.
Uh oh!
There was an error while loading.Please reload this page.
Bumpsgithub.com/ory/jsonschema/v3 from 3.0.4 to 3.0.8.
Release notes
Sourced fromgithub.com/ory/jsonschema/v3's releases.
Commits
d248f49Merge pull request#9 from ory/context9d5eb0dfix: error assertion19b089dfix: lintd4395d3chore: bump dependencies and Go version0ee262bfeat: use context in HTTP loaderb41762fci: fix tool paths00f509bchore: remove ory/x dependencyd2f6636feat: make context a dedicated typefa85aeadocs: clarify use case68e5cd2fix: contextualize everythingYou can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)