fix(logs): update apache-avro crate to fix serialization issue#42369
Merged
fix(logs): update apache-avro crate to fix serialization issue#42369
Conversation
Wiz Scan Summary
To detect these findings earlier in the dev lifecycle, try using Wiz Code VS Code Extension. |
frankh
commented
Dec 1, 2025
| dependencies = [ | ||
| "autocfg", | ||
| "libm", | ||
| "num-bigint", | ||
| "num-integer", | ||
| "num-traits", | ||
| "serde", | ||
| "serde_json", |
Contributor
Author
There was a problem hiding this comment.
this is the root cause
Contributor
There was a problem hiding this comment.
Pull request overview
This PR fixes a serialization bug affecting floating point values in maps by updating the apache-avro crate from 0.18.0 to 0.21.0. The root cause was a transitive dependency issue in the bigdecimal crate, which has been resolved in the newer version by removing its dependency on serde_json.
- Updated apache-avro from 0.18.0 to 0.21.0 to bring in the fixed bigdecimal dependency
- The bigdecimal crate (transitive dependency) updated from 0.4.8 to 0.4.9, removing the problematic serde_json dependency
- Various transitive dependencies updated as part of the apache-avro upgrade
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| rust/capture-logs/Cargo.toml | Updated apache-avro version specification from 0.18.0 to 0.21.0 |
| rust/Cargo.lock | Lock file updates reflecting apache-avro upgrade and all transitive dependency changes, including the critical bigdecimal fix that removes serde_json dependency |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
update apache-avro to 0.21.0 -> this fixes a strange serde deserialization error: apache/avro-rs#219 this updates the serde lib which causes swc_common to break swc_common is required by js-source-scopes which is required by symbolic update symbolic to latest version, but that only requires js-source-scopes 0.6.0 where we need 0.7.0 so patch the js-source-scopes to include the swc depedency fixes
frankh
force-pushed
the
frank/logs-update-avro-crate
branch
from
109395d to
6e72290
Compare
sakce
pushed a commit
that referenced
this pull request
Dec 5, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
there's a bug in the "bigdecimal" crate which somehow breaks certain json serializations of floating point values in maps - this was causing issues with the nodejs library
the apache-avro crate requires bigdecimal. Luckily, they fixed this transitive dependency issue in apache/avro-rs#219 so updating this crate solves the problem
BUT updating the apache-avro crate causes serde to be updated, which breaks the compilation of cymbal due to transitive dependencies on SWC
This needs to be fixed in js-sources-scopes (fix is here getsentry/js-source-scopes#30) and then this fix needs to be brought into getsentry/symbolic (I made a PR here getsentry/symbolic#945)
without this fix i added a patch to include the dependency fixes in js-sources-scopes
Changes
update the crate, fix the bug, patch js-sources-scopes
How did you test this code?
ran locally, confirmed before/after updating fixed the issue
👉 Stay up-to-date with PostHog coding conventions for a smoother review.
Changelog: (features only) Is this feature complete?