-
Notifications
You must be signed in to change notification settings - Fork 227
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create Elide Bill Of Materials (7.x) #2884
Conversation
Bumps `version.logback` from 1.2.11 to 1.4.5. Updates `logback-classic` from 1.2.11 to 1.4.5 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.2.11...v_1.4.5) Updates `logback-core` from 1.2.11 to 1.4.5 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.2.11...v_1.4.5) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: ch.qos.logback:logback-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
pom.xml
Outdated
@@ -86,7 +87,7 @@ | |||
<!-- dependency versions --> | |||
<version.antlr4>4.10.1</version.antlr4> | |||
<version.jetty>11.0.13</version.jetty> | |||
<version.logback>1.2.11</version.logback> | |||
<version.logback>1.4.5</version.logback> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixes error
07:59:31 SLF4J: Class path contains SLF4J bindings targeting slf4j-api versions 1.7.x or earlier.
07:59:31 SLF4J: Ignoring binding found at [jar:file:/root/.m2/repository/ch/qos/logback/logback-classic/1.2.11/logback-classic-1.2.11.jar!/org/slf4j/impl/StaticLoggerBinder.class]
<version.restassured>5.3.0</version.restassured> | ||
<version.jackson>2.14.1</version.jackson> | ||
<version.jackson.databind>2.14.1</version.jackson.databind> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Jackson should define the correct component versions, not Elide.
i.e. https://mvnrepository.com/artifact/com.fasterxml.jackson/jackson-bom/2.13.4.20221013
<version.junit>5.9.1</version.junit> | ||
<version.junit.platform>1.9.1</version.junit.platform> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
JUnit will define the correct junit.platform component versions
@@ -41,7 +41,6 @@ | |||
<properties> | |||
<parent.pom.dir>${project.basedir}/../..</parent.pom.dir> | |||
<spring.boot.version>3.0.1</spring.boot.version> | |||
<groovy.version>3.0.13</groovy.version> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unused since spring 2.7.0. rest-assured now uses org.apache.groovy
not org.codehaus.groovy
[INFO] com.yahoo.elide:elide-spring-boot-autoconfigure:jar:7.0.0-RC7-SNAPSHOT
[INFO] +- io.rest-assured:rest-assured:jar:5.2.1:test
[INFO] | +- org.apache.groovy:groovy:jar:4.0.6:test (version managed from 4.0.1)
[INFO] | +- org.apache.groovy:groovy-xml:jar:4.0.6:test (version managed from 4.0.1)
[INFO] | | \- (org.apache.groovy:groovy:jar:4.0.6:test - version managed from 4.0.1; omitted for duplicate)
Description
Create the Elide Bill Of Materials.
See Apache bill of materials (BOM) files
Update build to use dependency Bill Of Materials.
Motivation and Context
See Spring doc
Jackson BOM
Gradle bom import
Synchronizing Elide jars will only require
How Has This Been Tested?
Built locally and used elide-bom with a local project.
License
I confirm that this contribution is made under an Apache 2.0 license and that I have the authority necessary to make this contribution on behalf of its copyright owner.