build: bump non-micronaut managed patch dependencies #6776
Conversation
gradle/libs.versions.toml
Outdated
| managed-elasticsearch = "7.16.1" | ||
| managed-elasticsearch = "7.16.3" |
There was a problem hiding this comment.
This is managed by micronaut-elasticsearch https://github.com/micronaut-projects/micronaut-elasticsearch/blob/master/gradle.properties#L19
gradle/libs.versions.toml
Outdated
| managed-kafka = "2.8.0" | ||
| managed-ktor = "1.6.1" | ||
| managed-lettuce = "6.1.1.RELEASE" | ||
| managed-kafka = "2.8.1" | ||
| managed-ktor = "1.6.7" | ||
| managed-lettuce = "6.1.6.RELEASE" |
There was a problem hiding this comment.
These are managed by micronaut kafka, kotlin and redis modules
There was a problem hiding this comment.
Micronaut Kotlin, Kafka and Redis should provide BOMs
gradle/libs.versions.toml
Outdated
| managed-micrometer = "1.8.0" | ||
| managed-micrometer = "1.8.2" |
There was a problem hiding this comment.
Managed by micronaut-micrometer
There was a problem hiding this comment.
This version should be defined in https://github.com/micronaut-projects/micronaut-micrometer/blob/master/micrometer-bom/build.gradle
gradle/libs.versions.toml
Outdated
| managed-neo4j = "3.5.29" | ||
| managed-neo4j = "3.5.30" |
There was a problem hiding this comment.
Managed by micronaut-neo4j
There was a problem hiding this comment.
Micronaut Neo4j should provide a BOM
gradle/libs.versions.toml
Outdated
| managed-picocli = "4.6.1" | ||
| managed-picocli = "4.6.2" |
There was a problem hiding this comment.
Managed by micronaut-picocli
There was a problem hiding this comment.
Micronaut PicoCLI should provide a BOM
gradle/libs.versions.toml
Outdated
| managed-rxjava2 = "2.2.10" | ||
| managed-rxjava2 = "2.2.21" |
There was a problem hiding this comment.
Managed by micronaut-rxjava2 module
There was a problem hiding this comment.
Micronaut RxJava 2 should provide a BOM
gradle/libs.versions.toml
Outdated
| managed-swagger = "2.1.10" | ||
| managed-swagger = "2.1.12" |
There was a problem hiding this comment.
Managed by micronaut-openapi module
There was a problem hiding this comment.
Micronaut OpenAPI should provide a BOM
gradle/libs.versions.toml
Outdated
| managed-spring = "5.3.9" | ||
| managed-spring = "5.3.15" |
There was a problem hiding this comment.
Managed by micronaut-spring module
There was a problem hiding this comment.
Micronaut Spring should provide a BOM
|
@ilopmar how to reliably identify such modules? And does that mean that our current dependency upgrades job is broken right? |
|
@melix thoughts? |
We may miss something but if there is a micronaut-xxxxxx module with the same/related name that's probably the one responsible for managing the upgrade of the libraries. |
|
It's difficult to figure out what manages what, because there's a circular dependency: I guess something we can do is to have a job or task which actually checks if a dependency is defined both in the micronaut core BOM and any of the modules it includes. If so, then we must decide whether it makes sense to include it in the core BOM (because, a dependency may want to be managed by core independently, if it makes sense in multiple modules). |
|
yeah I think personally the solution is that these versions shouldn't be managed by core and the module that updates the version in the core BOM should instead express it in their own BOM |
|
So that means that every micronaut module should publish its own bom? even for modules with one "exposed/managed" dependency (flyway, liquibase,...) |
|
yes ultimately those versions are only tested in the modules so the only way to know compatibility with the version is in the sub module anyway which makes these PRs close to useless |
No description provided.