codeborne / klite

Kotlin async http server framework with coroutines and zero deps
MIT License
104 stars 17 forks source link

Bump org.jetbrains.kotlinx:kotlinx-serialization-json from 1.6.3 to 1.7.1 #62

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 4 months ago

Bumps org.jetbrains.kotlinx:kotlinx-serialization-json from 1.6.3 to 1.7.1.

Release notes

Sourced from org.jetbrains.kotlinx:kotlinx-serialization-json's releases.

1.7.1

This is a bugfix release that aims to fix missing kotlinx-serialization-hocon artifact. It also contains experimental integration with kotlinx-io library. Kotlin 2.0.0 is used by default.

Fixed HOCON publication

Sadly, 1.7.0 release was published incomplete: kotlinx-serialization-hocon artifact is missing from 1.7.0 and 1.7.0-RC releases. This release fixes this problem and now kotlinx-serialization-hocon is available again with 1.7.1 version. No other changes were made to this artifact. Related ticket: #2717.

Add integration with a kotlinx-io library

kotlinx-io is an official multiplatform library that provides basic IO primitives, similar to Okio. kotlinx.serialization integration is now available in a separate artifact, located at the kotlinx-serialization-json-io coordinates. Integration artifact provides functions similar to existing Okio integration: encodeToSink, decodeFromSource, and decodeSourceToSequence. Check out the PR for more details.

Other bugfixes

  • Prohibited use of elements other than JsonObject in JsonTransformingSerializer with polymorphic serialization (#2715)

1.7.0

This release contains all of the changes from 1.7.0-RC and is compatible with Kotlin 2.0. Please note that for reasons explained in the 1.7.0-RC changelog, it may not be possible to use it with the Kotlin 1.9.x compiler plugin. Yet, it is still fully backward compatible with previous versions.

The only difference with 1.7.0-RC is that the classDiscriminatorMode property in JsonBuilder is marked as experimental, as it should have been when it was introduced (#2680).

1.7.0-RC

This is a release candidate for the next version. It is based on Kotlin 2.0.0-RC3 and is fully compatible with a stable Kotlin 2.0 release. Due to a potential breaking change (see below), it requires a compiler plugin with a version at least of 2.0.0-RC1.

Important change: priority of PolymorphicSerializer for interfaces during call to serializer() function

Non-sealed interfaces in kotlinx.serialization are always serializable with a polymorphic serializer, even if they do not have @Serializable annotation. This also means that serializersModule.serializer<SomeInterface>() call will return you a serializer capable of polymorphism. This function was written in a way that it unconditionally returns a PolymorphicSerializer if type argument is a non-sealed interface. This caused problems with SerializersModule functionality, because actual module was not taken into consideration, and therefore it was impossible to override serializer for interface using 'contextual serialization' feature. The problem is described in detail here. To overcome these problems, we had to change the behavior of this function regarding interfaces. It now looks into SerializersModule first if T is a non-sealed interface, and only if there is no registered contextual serializer for T, it returns a polymorphic serializer.

Behavior before 1.7.0-RC:

interface SomeInterface

val module = SerializersModule {
contextual(SomeInterface::class, CustomSomeInterfaceSerializer)
}

// Prints PolymorphicSerializer<SomeInterface>:
println(module.serializer<SomeInterface>())

Behavior in 1.7.0-RC, 1.7.0, and higher:

... (truncated)

Changelog

Sourced from org.jetbrains.kotlinx:kotlinx-serialization-json's changelog.

1.7.1 / 2024-06-25

This is a bugfix release that aims to fix missing kotlinx-serialization-hocon artifact. It also contains experimental integration with kotlinx-io library. Kotlin 2.0.0 is used by default.

Fixed HOCON publication

Sadly, 1.7.0 release was published incomplete: kotlinx-serialization-hocon artifact is missing from 1.7.0 and 1.7.0-RC releases. This release fixes this problem and now kotlinx-serialization-hocon is available again with 1.7.1 version. No other changes were made to this artifact. Related ticket: #2717.

Add integration with a kotlinx-io library

kotlinx-io is an official multiplatform library that provides basic IO primitives, similar to Okio. kotlinx.serialization integration is now available in a separate artifact, located at the kotlinx-serialization-json-io coordinates. Integration artifact provides functions similar to existing Okio integration: encodeToSink, decodeFromSource, and decodeSourceToSequence. Check out the PR for more details.

Other bugfixes

  • Prohibited use of elements other than JsonObject in JsonTransformingSerializer with polymorphic serialization (#2715)

1.7.0 / 2024-06-05

This release contains all of the changes from 1.7.0-RC and is compatible with Kotlin 2.0. Please note that for reasons explained in the 1.7.0-RC changelog, it may not be possible to use it with the Kotlin 1.9.x compiler plugin. Yet, it is still fully backwards compatible with previous versions.

The only difference with 1.7.0-RC is that classDiscriminatorMode property in JsonBuilder is marked as experimental, as it should have been when it was introduced (#2680).

1.7.0-RC / 2024-05-16

This is a release candidate for the next version. It is based on Kotlin 2.0.0-RC3 and is fully compatible with a stable Kotlin 2.0 release. Due to a potential breaking change (see below), it requires a compiler plugin with a version at least of 2.0.0-RC1.

Important change: priority of PolymorphicSerializer for interfaces during call to serializer() function

Non-sealed interfaces in kotlinx.serialization are always serializable with a polymorphic serializer, even if they do not have @Serializable annotation. This also means that serializersModule.serializer<SomeInterface>() call will return you a serializer capable of polymorphism. This function was written in a way that it unconditionally returns a PolymorphicSerializer if type argument is a non-sealed interface. This caused problems with SerializersModule functionality, because actual module was not taken into consideration, and therefore it was impossible to override serializer for interface using 'contextual serialization' feature. The problem is described in details here. To overcome these problems, we had to change the behavior of this function regarding interfaces. It now looks into SerializersModule first if T is a non-sealed interface, and only if there is no registered contextual serializer for T, it returns a polymorphic serializer.

Behavior before 1.7.0-RC:

... (truncated)

Commits
  • c75b46d Prepare 1.7.1 release (#2726)
  • c628e29 Prohibited use of elements other than JsonObject in JsonTransformingSerialize...
  • 3de98ff Fixed HOCON publication (#2723)
  • 0013192 Setup running native tests in release mode (#2667)
  • 08e604a Add integration with kotlinx-io library (#2707)
  • d2dc7d2 Update to Kotlin 2.0 and prepare 1.7.0 release (#2706)
  • 1cac162 Merge remote-tracking branch 'origin/master' into dev
  • fbd0734 Use @​PublishedApi annotation on functions called from plugin-generated code (...
  • 4bf4113 Add bencoding to community-supported formats (#2687)
  • c487e78 JSON: Fix mutable classDiscriminatorMode in config, and mark experimental i...
  • Additional commits viewable in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.