Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(Backend) - Update Google Dependencies to Address Vulnerabilities and General Tech Debt #2415

Merged
merged 8 commits into from
May 24, 2024
Merged

(Backend) - Update Google Dependencies to Address Vulnerabilities and General Tech Debt #2415

merged 8 commits into from
May 24, 2024

Conversation

timyates
Copy link
Collaborator

The original plan was to perform a minor upgrade of the Google dependencies, however the latest postgres-socket-factory pulls in a transitive major update to v2 of the google-api-client

So I went for it and grabbed the latest major version of all Google dependencies.

Also updated:

  • Patch Micronaut upgrade to 4.4.2
  • Micronaut Gradle plugin patch update
  • Selenium to latest
  • Latest webdrivermanager
  • Latest openrewrite library

Some Google classes have changed package, but I don't believe these are persisted (internal use only), so I think this is ok

@timyates timyates added the dependencies Pull requests that update a dependency file label May 21, 2024
@timyates timyates self-assigned this May 21, 2024
@timyates timyates linked an issue May 21, 2024 that may be closed by this pull request
(Backend) - Update Google Dependencies to Address Vulnerabilities and General Tech Debt #2367
Closed
mkimberlin
mkimberlin reviewed May 24, 2024
View reviewed changes
server/src/main/java/com/objectcomputing/checkins/services/file/GoogleDriveAccessor.java
@@ -16,7 +16,7 @@
@Singleton
public class GoogleDriveAccessor {

private static final JsonFactory JSON_FACTORY = JacksonFactory.getDefaultInstance();
private static final JsonFactory JSON_FACTORY = GsonFactory.getDefaultInstance();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any particular driver for this change? Just curious.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

They removed JacksonFactory in favor of GsonFactory

https://cloud.google.com/java/docs/reference/google-http-client/latest/com.google.api.client.json.jackson2.JacksonFactory

@mkimberlin mkimberlin merged commit 11fbc64 into develop May 24, 2024
1 check passed
@mkimberlin mkimberlin deleted the feature-2367/dependency-updates branch May 24, 2024 18:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mkimberlin mkimberlin mkimberlin approved these changes

@mjperry91 mjperry91 mjperry91 approved these changes

Assignees

@timyates timyates

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

(Backend) - Update Google Dependencies to Address Vulnerabilities and General Tech Debt
3 participants
@timyates @mkimberlin @mjperry91