Skip to content

Bump erlavro from 2.9.10 to 2.11.2#60

Open
dependabot[bot] wants to merge 3 commits into
masterfrom
dependabot/hex/erlavro-2.11.2
Open

Bump erlavro from 2.9.10 to 2.11.2#60
dependabot[bot] wants to merge 3 commits into
masterfrom
dependabot/hex/erlavro-2.11.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 18, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps erlavro from 2.9.10 to 2.11.2.

Changelog

Sourced from erlavro's changelog.

  • 2.11.2

    • Adjust licenses tag in .app.src due to hex changes.

  • 2.11.1

    • avro_idl: the default IDL read_fun now confines imports to a root directory. Absolute paths and relative paths that escape the root through .. are refused with {error, {import_outside_root, Path}}, but .. is allowed as long as the resolved path stays under the root. The root defaults to the top-level caller's Cwd and can be overridden via the new {rootdir, Dir} option, supported by avro_idl:decode_schema/3, avro_idl:new_context/2, avro_idl:str_to_avpr/3, and the new avro_schema_store:new/3 / import_file/3 / import_files/3 entry points. Callers that need different resolution semantics (loading from arbitrary directories or from an in-memory store) can still supply their own function via the existing {read_fun, Fun} option, which bypasses path checks.

  • 2.11.0

    • Deleted jsone as dependency. When OTP release is 27 or later, the default JSON provider module is json, otherwise jsone. For OTP release 26 or earlier version, you must add jsone-1.8.1 or newer in your project dependency. For OTP release 27 or later, you can choose to continue using jsone by calling avro:set_json_provider(jsone).

  • 2.10.3

    • Allow union type to have zero member types.

  • 2.10.2

    • Fix bytes and fixed JSON value decode

  • 2.10.1

    • Fix dialyzer error.

  • 2.10.0

    • Add map as avro store, and use it as default.
    • Changed to store type aliases as type's full name index, so the type store map (or dict) is less bloated.
Commits
  • 09a4d05 Adjust licenses tag in .app.src due to hex changes
  • aa0698c Merge pull request #133 from zmstone/confine-idl-imports-to-cwd
  • 3a4ec74 refactor(avro_idl): normalize paths
  • 3b00377 reafctor(avro_idl): confine imports with a rootdir boundary
  • 01b7900 fix: do not allow improper path when importing
  • 618a557 Merge pull request #90 from seriyps/idl-parser
  • ee94d26 revert temporary changes in rebar.config
  • 65ba030 Rename idl records with idl_ prefix
  • ced16a1 test: add encode/decode tests for .avdl schemas with imports
  • 0d1c510 docs: add Avro IDL section to README with usage examples
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file elixir Pull requests that update elixir code labels Jun 18, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 18, 2026 01:34
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file elixir Pull requests that update elixir code labels Jun 18, 2026
@dependabot dependabot Bot force-pushed the dependabot/hex/erlavro-2.11.2 branch from ef8bf5a to 6c93909 Compare June 19, 2026 08:55
@dependabot
Bump erlavro from 2.9.10 to 2.11.2
365791c 
Bumps [erlavro](https://github.com/klarna/erlavro) from 2.9.10 to 2.11.2.
- [Release notes](https://github.com/klarna/erlavro/releases)
- [Changelog](https://github.com/klarna/erlavro/blob/master/changelog.md)
- [Commits](klarna/erlavro@2.9.10...2.11.2)

---
updated-dependencies:
- dependency-name: erlavro
  dependency-version: 2.11.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/hex/erlavro-2.11.2 branch from 6c93909 to 365791c Compare June 23, 2026 13:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file elixir Pull requests that update elixir code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cpiemontese