Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create Elide Bill Of Materials (7.x) #2884

Merged
merged 6 commits into from
Feb 11, 2023
Merged

Create Elide Bill Of Materials (7.x) #2884

merged 6 commits into from
Feb 11, 2023

Conversation

wcekan
Copy link
Contributor

@wcekan wcekan commented Feb 11, 2023
edited
Loading

Description

Create the Elide Bill Of Materials.
See Apache bill of materials (BOM) files

Update build to use dependency Bill Of Materials.

Motivation and Context

See Spring doc

Jackson BOM

Gradle bom import

Synchronizing Elide jars will only require

<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>com.yahoo.elide</groupId>
            <artifactId>elide-bom</artifactId>
            <version>${elide.version}</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>

How Has This Been Tested?

Built locally and used elide-bom with a local project.

License

I confirm that this contribution is made under an Apache 2.0 license and that I have the authority necessary to make this contribution on behalf of its copyright owner.

@dependabot @wcekan
Bump version.logback from 1.2.11 to 1.4.5
2a67961 
Bumps `version.logback` from 1.2.11 to 1.4.5.

Updates `logback-classic` from 1.2.11 to 1.4.5
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.2.11...v_1.4.5)

Updates `logback-core` from 1.2.11 to 1.4.5
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.2.11...v_1.4.5)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: ch.qos.logback:logback-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
wcekan
wcekan commented Feb 11, 2023
View reviewed changes
pom.xml Outdated
@@ -86,7 +87,7 @@
<!-- dependency versions -->
<version.antlr4>4.10.1</version.antlr4>
<version.jetty>11.0.13</version.jetty>
<version.logback>1.2.11</version.logback>
<version.logback>1.4.5</version.logback>
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixes error

07:59:31 SLF4J: Class path contains SLF4J bindings targeting slf4j-api versions 1.7.x or earlier.
07:59:31 SLF4J: Ignoring binding found at [jar:file:/root/.m2/repository/ch/qos/logback/logback-classic/1.2.11/logback-classic-1.2.11.jar!/org/slf4j/impl/StaticLoggerBinder.class]

wcekan
wcekan commented Feb 11, 2023
View reviewed changes
pom.xml
<version.restassured>5.3.0</version.restassured>
<version.jackson>2.14.1</version.jackson>
<version.jackson.databind>2.14.1</version.jackson.databind>
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Jackson should define the correct component versions, not Elide.

i.e. https://mvnrepository.com/artifact/com.fasterxml.jackson/jackson-bom/2.13.4.20221013

wcekan
wcekan commented Feb 11, 2023
View reviewed changes
pom.xml
<version.junit>5.9.1</version.junit>
<version.junit.platform>1.9.1</version.junit.platform>
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

JUnit will define the correct junit.platform component versions

wcekan
wcekan commented Feb 11, 2023
View reviewed changes
elide-spring/pom.xml
@@ -41,7 +41,6 @@
<properties>
<parent.pom.dir>${project.basedir}/../..</parent.pom.dir>
<spring.boot.version>3.0.1</spring.boot.version>
<groovy.version>3.0.13</groovy.version>
Copy link
Contributor Author

@wcekan wcekan Feb 11, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unused since spring 2.7.0. rest-assured now uses org.apache.groovy not org.codehaus.groovy

[INFO] com.yahoo.elide:elide-spring-boot-autoconfigure:jar:7.0.0-RC7-SNAPSHOT
[INFO] +- io.rest-assured:rest-assured:jar:5.2.1:test
[INFO] |  +- org.apache.groovy:groovy:jar:4.0.6:test (version managed from 4.0.1)
[INFO] |  +- org.apache.groovy:groovy-xml:jar:4.0.6:test (version managed from 4.0.1)
[INFO] |  |  \- (org.apache.groovy:groovy:jar:4.0.6:test - version managed from 4.0.1; omitted for duplicate)

@aklish aklish merged commit 88d0f62 into master Feb 11, 2023
@aklish aklish deleted the 7x-bom branch February 11, 2023 21:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aklish aklish aklish approved these changes

@moizarafat moizarafat Awaiting requested review from moizarafat

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@wcekan @aklish