protobuf from 1.3.2 to 1.4.1 #215

New issue

Closed

opened 2026-02-25 22:31:26 +03:00 by kerem · 0 comments

kerem commented

2026-02-25 22:31:26 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/evenh/intercert/pull/103
Author: @dependabot-preview[bot]
Created: 5/5/2020
Status: ❌ Closed

Base: master ← Head: dependabot/go_modules/github.com/golang/protobuf-1.4.1

📝 Commits (1)

24725ad Bump github.com/golang/protobuf from 1.3.2 to 1.4.1

📊 Changes

2 files changed (+17 additions, -1 deletions)

View changed files

📝 go.mod (+1 -1)
📝 go.sum (+16 -0)

📄 Description

Bumps github.com/golang/protobuf from 1.3.2 to 1.4.1.

Release notes

Sourced from github.com/golang/protobuf's releases.

v1.4.1

Notable changes:

(#1114) all: upgrade to google.golang.org/protobuf@v1.22.0

(#1113) protoc-gen-go/grpc: make grpc identical to v1.3.5

v1.4.0

Overview

Backwards compatibility

Notable changes

Wire serialization

JSON and text serialization

Well-known types

Types registry

Nil values

Errors

Generated code

Upcoming breakage changes

Deprecation of Descriptor methods

Removal of generator package

Overview

This release of the github.com/golang/protobuf module introduces a number of significant changes relative to the previous minor release. In particular, this module is now implemented in terms of the new google.golang.org/protobuf module, which is the next major revision of Go bindings for protocol buffers. From this point onwards, most of the development effort for Go protobufs will be dedicated to the new module, with minimal changes being made to this module.

See the release notes for the new module for specific implementation details that may affect this release.

Backwards compatibility

This release maintains backwards compatibility with previous releases of this module. Any observable changes in behavior are to fix bugs, change unspecified behavior, or to make behavior more compliant with the protobuf specification. The compatibility document provides us the freedom to make changes in these areas.

Notable changes

Wire serialization

Wire serialization is now implemented in terms of the new proto package by calling out to the relevant functionality in that package (e.g., proto.Marshal and proto.Unmarshal). There should be no observable changes in behavior other what is mentioned elsewhere in the release notes (e.g., behavior around errors or nil values).

JSON and text serialization

The JSON and text format implementations have been ported to use protobuf reflection under the hood instead of relying on Go reflection. This provides flexibility as they can operate on any concrete message type that properly implements the new proto.Message interface.

The implementations do not use the new protojson or prototext packages in order to maintain a higher degree of backwards compatibility. Our analysis unfortunately showed us that too many tests rely on their output being stable by performing byte-for-byte comparisons. Even though the compatibility promise gives us the freedom to change the output, we have chosen not to do so for pragmatic reasons. The implementations are now functionally frozen (bugs and all) and will not receive future improvements. Users are encouraged to migrate to the protojson or prototext packages instead.

Well-known types

The well-known types declared under ptypes are moved to the google.golang.org/protobuf module. The packages continue to exist, but all declarations forward to ones in the new module.

For a period of time, it is expected that the protoc-gen-go plugin continues to generate code with dependencies on the well-known types in this module. The import paths for the well-known types are determined by the go_package option specified in the .proto files. Since these files are managed by the main protocol buffers project, it will require a new release of the protobuf toolchain before the new import paths take effect. Depending on this module’s packages for well-known types is fine since they simply forward over to the new packages.

While descriptor and plugin are not packages for well-known types, they too have also been moved to the new module.
... (truncated)

Commits

6c66de7 all: upgrade to google.golang.org/protobuf@v1.22.0 (#1114)
b5de78c all: minor documentation adjustments (#1112)
8d9af28 protoc-gen-go/grpc: make grpc identical to v1.3.5 (#1113)
fa093f5 proto: fix stale deprecation documentation on registry functions (#1093)
1b794fe all: upgrade to google.golang.org/protobuf@v1.21.0 (#1081)
e9dc0d7 all: update to wrap google.golang.org/protobuf
3a3cefd all: use google.golang.org/protobuf/testing/protopack for tests (#1063)
c8ad453 all: use google.golang.org/encoding/protowire (#1062)
7592abe internal/cmd/generate-alias: fix for lacking go_package options (#1061)
b860323 proto: inline the implementation of protoimpl.X.ExtensionDescFromType (#1056)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
@dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

Update frequency (including time of day and day of week)
Pull request limits (per update run and/or open at any time)
Automerge options (never/patch/minor, and dev/runtime dependencies)
Out-of-range updates (receive only lockfile updates, if desired)
Security updates (receive only security updates, if desired)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/evenh/intercert/pull/103 **Author:** [@dependabot-preview[bot]](https://github.com/apps/dependabot-preview) **Created:** 5/5/2020 **Status:** ❌ Closed **Base:** `master` ← **Head:** `dependabot/go_modules/github.com/golang/protobuf-1.4.1` --- ### 📝 Commits (1) - [`24725ad`](https://github.com/evenh/intercert/commit/24725ad9269d063b264a45f31d9a6b91bbcfde6a) Bump github.com/golang/protobuf from 1.3.2 to 1.4.1 ### 📊 Changes **2 files changed** (+17 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `go.mod` (+1 -1) 📝 `go.sum` (+16 -0) </details> ### 📄 Description Bumps [github.com/golang/protobuf](https://github.com/golang/protobuf) from 1.3.2 to 1.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/golang/protobuf/releases">github.com/golang/protobuf's releases</a>.</em></p> <blockquote> <h2>v1.4.1</h2> <p>Notable changes:</p> <ul> <li>(<a href="https://github-redirect.dependabot.com/golang/protobuf/issues/1114">#1114</a>) all: upgrade to google.golang.org/protobuf@v1.22.0</li> <li>(<a href="https://github-redirect.dependabot.com/golang/protobuf/issues/1113">#1113</a>) protoc-gen-go/grpc: make grpc identical to v1.3.5</li> </ul> <h2>v1.4.0</h2> <ul> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-overview">Overview</a> <ul> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-backwards-compatibility">Backwards compatibility</a></li> </ul> </li> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-notable-changes">Notable changes</a> <ul> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-wire-serialization">Wire serialization</a></li> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-json-text-serialization">JSON and text serialization</a></li> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-well-known-types">Well-known types</a></li> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-types-registry">Types registry</a></li> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-nil-values">Nil values</a></li> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-errors">Errors</a></li> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-generated-code">Generated code</a></li> </ul> </li> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-breaking-changes">Upcoming breakage changes</a> <ul> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-deprecated-descriptor">Deprecation of <code>Descriptor</code> methods</a></li> <li><a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-remove-generator">Removal of <code>generator</code> package</a></li> </ul> </li> </ul> <h1>Overview <a name="v1.4-overview"></a></h1> <p>This release of the <a href="https://pkg.go.dev/mod/github.com/golang/protobuf"><code>github.com/golang/protobuf</code></a> module introduces a number of significant changes relative to the previous minor release. In particular, this module is now implemented in terms of the new <a href="https://pkg.go.dev/mod/google.golang.org/protobuf"><code>google.golang.org/protobuf</code></a> module, which is the next major revision of Go bindings for protocol buffers. From this point onwards, most of the development effort for Go protobufs will be dedicated to the new module, with minimal changes being made to this module.</p> <p>See the <a href="https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.20.0">release notes for the new module</a> for specific implementation details that may affect this release.</p> <h2>Backwards compatibility <a name="v1.4-backwards-compatibility"></a></h2> <p>This release maintains backwards compatibility with previous releases of this module. Any observable changes in behavior are to fix bugs, change unspecified behavior, or to make behavior more compliant with the protobuf specification. The <a href="https://github.com/golang/protobuf#compatibility">compatibility document</a> provides us the freedom to make changes in these areas.</p> <h1>Notable changes <a name="v1.4-notable-changes"></a></h1> <h2>Wire serialization <a name="v1.4-wire-serialization"></a></h2> <p>Wire serialization is now implemented in terms of the new <a href="https://pkg.go.dev/google.golang.org/protobuf/proto"><code>proto</code></a> package by calling out to the relevant functionality in that package (e.g., <a href="https://pkg.go.dev/google.golang.org/protobuf/proto?tab=doc#Marshal"><code>proto.Marshal</code></a> and <a href="https://pkg.go.dev/google.golang.org/protobuf/proto?tab=doc#Unmarshal"><code>proto.Unmarshal</code></a>). There should be no observable changes in behavior other what is mentioned elsewhere in the release notes (e.g., behavior around <a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-errors">errors</a> or <a href="https://github.com/golang/protobuf/blob/HEAD/#v1.4-nil-values">nil values</a>).</p> <h2>JSON and text serialization <a name="v1.4-json-text-serialization"></a></h2> <p>The JSON and text format implementations have been ported to use <a href="https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.20.0#v1.20-reflection">protobuf reflection</a> under the hood instead of relying on Go reflection. This provides flexibility as they can operate on any concrete message type that properly implements the new <a href="https://pkg.go.dev/google.golang.org/protobuf/proto?tab=doc#Message"><code>proto.Message</code></a> interface.</p> <p>The implementations do <em>not</em> use the new <a href="https://pkg.go.dev/google.golang.org/protobuf/encoding/protojson?tab=doc#Message"><code>protojson</code></a> or <a href="https://pkg.go.dev/google.golang.org/protobuf/encoding/prototext?tab=doc#Message"><code>prototext</code></a> packages in order to maintain a higher degree of backwards compatibility. Our analysis unfortunately showed us that too many tests rely on their output being stable by performing byte-for-byte comparisons. Even though the compatibility promise gives us the freedom to change the output, we have chosen not to do so for pragmatic reasons. The implementations are now functionally frozen (bugs and all) and will not receive future improvements. Users are encouraged to migrate to the <code>protojson</code> or <code>prototext</code> packages instead.</p> <h2>Well-known types <a name="v1.4-well-known-types"></a></h2> <p>The well-known types declared under <a href="https://pkg.go.dev/github.com/golang/protobuf/ptypes?tab=subdirectories"><code>ptypes</code></a> are moved to the <code>google.golang.org/protobuf</code> module. The packages continue to exist, but all declarations forward to <a href="https://pkg.go.dev/google.golang.org/protobuf/types/known?tab=subdirectories">ones in the new module</a>.</p> <p>For a period of time, it is expected that the <a href="https://pkg.go.dev/github.com/golang/protobuf/protoc-gen-go"><code>protoc-gen-go</code></a> plugin continues to generate code with dependencies on the well-known types in this module. The import paths for the well-known types are determined by the <code>go_package</code> option specified in the <code>.proto</code> files. Since these files are managed by the main protocol buffers project, it will require a new release of the protobuf toolchain before the new import paths take effect. Depending on this module’s packages for well-known types is fine since they simply forward over to the new packages.</p> <p>While <a href="https://pkg.go.dev/github.com/golang/protobuf/protoc-gen-go/descriptor"><code>descriptor</code></a> and <a href="https://pkg.go.dev/github.com/golang/protobuf/protoc-gen-go/plugin"><code>plugin</code></a> are not packages for well-known types, they too have also been moved to the new module.</p> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/protobuf/commit/6c66de79d66478d166c7ea05f5d2ccaf016fbd6b"><code>6c66de7</code></a> all: upgrade to google.golang.org/protobuf@v1.22.0 (<a href="https://github-redirect.dependabot.com/golang/protobuf/issues/1114">#1114</a>)</li> <li><a href="https://github.com/golang/protobuf/commit/b5de78c91d0d09482d65f0a96927631cd343d7bb"><code>b5de78c</code></a> all: minor documentation adjustments (<a href="https://github-redirect.dependabot.com/golang/protobuf/issues/1112">#1112</a>)</li> <li><a href="https://github.com/golang/protobuf/commit/8d9af285403e1acdb3b235d3dcca77099325f417"><code>8d9af28</code></a> protoc-gen-go/grpc: make grpc identical to v1.3.5 (<a href="https://github-redirect.dependabot.com/golang/protobuf/issues/1113">#1113</a>)</li> <li><a href="https://github.com/golang/protobuf/commit/fa093f59480c0adaaabf88a72a0b0e48b95aec25"><code>fa093f5</code></a> proto: fix stale deprecation documentation on registry functions (<a href="https://github-redirect.dependabot.com/golang/protobuf/issues/1093">#1093</a>)</li> <li><a href="https://github.com/golang/protobuf/commit/1b794fe86dd6a0c7c52ae69b5c9cb0aeedc52afa"><code>1b794fe</code></a> all: upgrade to google.golang.org/protobuf@v1.21.0 (<a href="https://github-redirect.dependabot.com/golang/protobuf/issues/1081">#1081</a>)</li> <li><a href="https://github.com/golang/protobuf/commit/e9dc0d72c1a35f349f6d6871842199ddaaaf9edc"><code>e9dc0d7</code></a> all: update to wrap google.golang.org/protobuf</li> <li><a href="https://github.com/golang/protobuf/commit/3a3cefd0f2bd86460816e3312135813db1ea21e1"><code>3a3cefd</code></a> all: use google.golang.org/protobuf/testing/protopack for tests (<a href="https://github-redirect.dependabot.com/golang/protobuf/issues/1063">#1063</a>)</li> <li><a href="https://github.com/golang/protobuf/commit/c8ad4533e5ee80006c446ab1180954b56bc1f06c"><code>c8ad453</code></a> all: use google.golang.org/encoding/protowire (<a href="https://github-redirect.dependabot.com/golang/protobuf/issues/1062">#1062</a>)</li> <li><a href="https://github.com/golang/protobuf/commit/7592abeb9628aea3061d7173129b27084ef087b2"><code>7592abe</code></a> internal/cmd/generate-alias: fix for lacking go_package options (<a href="https://github-redirect.dependabot.com/golang/protobuf/issues/1061">#1061</a>)</li> <li><a href="https://github.com/golang/protobuf/commit/b860323f09d003f27661946a05cca5329f3c7950"><code>b860323</code></a> proto: inline the implementation of protoimpl.X.ExtensionDescFromType (<a href="https://github-redirect.dependabot.com/golang/protobuf/issues/1056">#1056</a>)</li> <li>Additional commits viewable in <a href="https://github.com/golang/protobuf/compare/v1.3.2...v1.4.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=github.com/golang/protobuf&package-manager=go_modules&previous-version=1.3.2&new-version=1.4.1)](https://dependabot.com/compatibility-score/?dependency-name=github.com/golang/protobuf&package-manager=go_modules&previous-version=1.3.2&new-version=1.4.1) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>