Skip to content

Auto-update dependencies.#680

Merged
thatfiredev merged 1 commit into
masterfrom
dpebot-repositorygardener
May 15, 2026
Merged

Auto-update dependencies.#680
thatfiredev merged 1 commit into
masterfrom
dpebot-repositorygardener

Conversation

@dpebot
Copy link
Copy Markdown
Collaborator

@dpebot dpebot commented May 9, 2026

Brought to you by your friendly Repository Gardener.

@dpebot dpebot added the automerge Summon MOG for automerging label May 9, 2026
gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 9, 2026
View reviewed changes
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the kotlinx-coroutines-reactive dependency from version 1.10.2 to 1.11.0. The review feedback highlights a potential risk of binary incompatibility when updating coroutines modules individually and suggests using the kotlinx-coroutines-bom to maintain version consistency across the project.

Comment thread functions/app/build.gradle.kts

// For streaming callable Cloud Functions
implementation("org.jetbrains.kotlinx:kotlinx-coroutines-reactive:1.10.2")
implementation("org.jetbrains.kotlinx:kotlinx-coroutines-reactive:1.11.0")
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist Bot May 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

Updating kotlinx-coroutines-reactive to 1.11.0 in isolation can lead to binary incompatibility and runtime crashes. All kotlinx-coroutines modules (such as core, android, and reactive) must be kept on the same version to ensure stability. Since this is an Android project, kotlinx-coroutines-android is likely present as a transitive dependency (e.g., via Lifecycle KTX). It is highly recommended to use the kotlinx-coroutines-bom to ensure version consistency across all coroutines modules.

    implementation(platform("org.jetbrains.kotlinx:kotlinx-coroutines-bom:1.11.0"))
    implementation("org.jetbrains.kotlinx:kotlinx-coroutines-reactive")

@dpebot dpebot force-pushed the dpebot-repositorygardener branch 5 times, most recently from 06088cc to 176d309 Compare May 14, 2026 09:55
@wiz-9635d3485b
Copy link
Copy Markdown

wiz-9635d3485b Bot commented May 14, 2026
edited
Loading

Wiz Scan Summary

Scanner Findings
Vulnerability Finding Vulnerabilities 1 Medium 1 Low
Data Finding Sensitive Data -
Secret Finding Secrets -
IaC Misconfiguration IaC Misconfigurations -
SAST Finding SAST Findings -
Software Management Finding Software Management Findings -
Total 1 Medium 1 Low

View scan details in Wiz

To detect these findings earlier in the dev lifecycle, try using Wiz Code VS Code Extension.

@dpebot dpebot force-pushed the dpebot-repositorygardener branch from 176d309 to 21e08f5 Compare May 15, 2026 09:54
@thatfiredev thatfiredev merged commit 23fc5bf into master May 15, 2026
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thatfiredev thatfiredev thatfiredev approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

automerge Summon MOG for automerging

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dpebot @thatfiredev