Gradle wrapper upgrade should update more files #3565
Comments
rarkins
added
manager:gradle
|
The difference seems to be:
I’m not a Gradle user but neither of these seem to be a problem, so will wait to gather more opinions before making any changes. |
|
There is also a difference in the binary jar file used to download the gradle distribution. Maybe it's unimportant, maybe it's a big security fix. And maybe future upgrades will introduce more important changes in the script files or elsewhere. The fact that this specific upgrade only brings minor, maybe ignorable changes to the files is irrelevant: there is an official procedure to upgrade gradle, that is documented and does everything required to make sure everything is installed as expected, and renovate should follow this procedure instead of taking shortcuts. IMHO of course :-) |
|
Besides, these comments contain copyright/licensing information. If gradle, an open source project that I happily benefit from, thinks this should be in the files that I redistribute in my own projects, then I should comply, IMHO. |
|
|
when doing a gradle upgrade with the command above it can change up to 4 files
start scripts rarly contain changes which are important, but gradle-wrapper.jar may contain security and bugfixes which are important for the downloading of the dsitribution which will be used when building the project |
|
Thanks. Sounds like we need to perform this command as an “artifacts” get like we do with lock files, checksums, etc. |
rarkins
added
type:bug
I have used renovate for the last few gradle updates, but I used to do the upgrade by myself before, so maybe the copyright terms could have appeared before (if I hadn't used renovate), but they're recent. |
rarkins
changed the title
rarkins
added
priority-3-medium
* run
./gradlew wrapper --distribution-type all
git checkout gradle/wrapper/gradle-wrapper.properties
* see renovatebot issue:
renovatebot/renovate#3565
|
@rarkins I can try to fix this issue. Can you assign it to me? |
|
🎉 This issue has been resolved in version 19.192.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
What Renovate type are you using?
Renovate GitHub App
Describe the bug
The upgrade of gradle is incomplete. It only updates the version in gradle/wrapper/gradle-wrapper.properties (see for example https://github.com/Ninja-Squad/globe42/pull/663/files, which upgrades from 5.3.1 to 5.4).
However, if I do the upgrade manually by following the procedure documented in the Gradle release notes:
then not only this URL is changed, but the generated gradlew and gradlew.bat files, and the binary wrapper jar files are being modified. See https://github.com/Ninja-Squad/globe42/pull/665/files for the same upgrade doing it by applying the correct upgrade procedure.
Renovate should apply the correct procedure instead of just changing the version.
Expected behavior
I expect renovate to produce the same changes as if I executed
The text was updated successfully, but these errors were encountered: