Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bump google.library.version to 26.30.0 #10186

Merged
merged 5 commits into from Jan 30, 2024
Merged

bump google.library.version to 26.30.0 #10186

merged 5 commits into from Jan 30, 2024

Conversation

donsizemore
Copy link
Contributor

@donsizemore donsizemore commented Dec 12, 2023
edited by qqmyers

What this PR does / why we need it:

Switches to the latest version of a more focused bom as a way to address the issue. See the changed file.

Which issue(s) this PR closes:

dataverse-security #75

Special notes for your reviewer:

None

Suggestions on how to test this:

test Google Cloud preservation workflow. Unless IQSS wants to set up for this, @qqmyers can tested it at QDR (where v26.28 of the library has already been tested. Beyond that, general regression testing is needed.

Does this PR introduce a user interface change? If mockups are available, please link/include them here:

No

Is there a release notes update needed for this change?:

No

Additional documentation:

None

@coveralls
Copy link

coveralls commented Dec 12, 2023
edited

Coverage Status

coverage: 20.142% (-0.003%) from 20.145%
when pulling 2eeda3d on 75_google_cloud_protobuf
into e8af210 on develop.

@github-actions GitHub Actions

This comment has been minimized.

Sign in to view
@qqmyers
Copy link
Member

qqmyers commented Dec 12, 2023

@donsizemore - QDR switched to using the libraries-bom, which I think is smaller. See https://github.com/QualitativeDataRepository/dataverse/blob/888503e5c248930fe9770073376cd75edfeee822/modules/dataverse-parent/pom.xml#L42-L48 and https://github.com/QualitativeDataRepository/dataverse/blob/888503e5c248930fe9770073376cd75edfeee822/modules/dataverse-parent/pom.xml#L156. Would that make sense here w.r.t. security? (I think we only use this in the Google Archiver and that works with the latest libraries-bom version (26.28.0)).

@donsizemore
Copy link
Contributor Author

@donsizemore - QDR switched to using the libraries-bom, which I think is smaller. See https://github.com/QualitativeDataRepository/dataverse/blob/888503e5c248930fe9770073376cd75edfeee822/modules/dataverse-parent/pom.xml#L42-L48 and https://github.com/QualitativeDataRepository/dataverse/blob/888503e5c248930fe9770073376cd75edfeee822/modules/dataverse-parent/pom.xml#L156. Would that make sense here w.r.t. security? (I think we only use this in the Google Archiver and that works with the latest libraries-bom version (26.28.0)).

I think this makes perfect sense. I'll update my branch - thank you.

@github-actions GitHub Actions

This comment has been minimized.

Sign in to view
qqmyers
qqmyers approved these changes Dec 14, 2023
View reviewed changes
Copy link
Member

@qqmyers qqmyers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Note I've only tested up to v 26.28.0 so far (29 came out yesterday!). Before this is merged I can test 29 @ QDR (unless someone wants to setup a Google Archiver).

@qqmyers qqmyers added the Size: 0.5 A percentage of a sprint. 0.35 hours label Dec 14, 2023
@donsizemore donsizemore mentioned this pull request Jan 12, 2024
Closed
@qqmyers
Copy link
Member

qqmyers commented Jan 19, 2024

@donsizemore - care to bump this to 26.30.0 before QA? It came out the 17th.

@donsizemore donsizemore changed the title bump google.cloud.version to 0.209.0 bump google.library.version to 26.30.0 Jan 22, 2024
@donsizemore
Copy link
Contributor Author

@donsizemore - care to bump this to 26.30.0 before QA? It came out the 17th.

@qqmyers done!

@github-actions GitHub Actions

This comment has been minimized.

Sign in to view
@qqmyers
Copy link
Member

qqmyers commented Jan 26, 2024

QDR is running this in production.

@landreev
Copy link
Contributor

This test failed in the last Jenkins run on this PR: edu.harvard.iq.dataverse.api.SwordIT.testDeleteFiles - was it a random fluke?
... let me run it again, just for s-n-g.

@landreev landreev self-assigned this Jan 30, 2024
@landreev
Copy link
Contributor

It did just bomb with the same test failure. Could still be something not specific to this pr - but it appears to be passing in develop branch as of this morning: https://jenkins.dataverse.org/job/IQSS-dataverse-develop/
?

@github-actions GitHub Actions
Copy link

📦 Pushed preview images as

ghcr.io/gdcc/dataverse:75-google-cloud-protobuf

ghcr.io/gdcc/configbaker:75-google-cloud-protobuf

🚢 See on GHCR. Use by referencing with full name as printed above, mind the registry name.

@landreev
Copy link
Contributor

Thank you @donsizemore and @qqmyers.
Merging.

@landreev landreev merged commit 97508e6 into develop Jan 30, 2024
21 checks passed
@landreev landreev deleted the 75_google_cloud_protobuf branch January 30, 2024 19:18
@pdurbin pdurbin added this to the 6.2 milestone Jan 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@qqmyers qqmyers qqmyers approved these changes

Assignees

@landreev landreev

Labels
Size: 0.5 A percentage of a sprint. 0.35 hours
Projects
IQSS Dataverse Project
Status: Done 🧹
Milestone
6.2
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@donsizemore @coveralls @qqmyers @landreev @pdurbin