Backport to branch(3) : Bump the dependencies group across 1 directory with 10 updates #205
Conversation
Bumps the dependencies group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | org.apache.logging.log4j:log4j-core | `2.25.0` | `2.25.1` | | org.apache.logging.log4j:log4j-slf4j-impl | `2.25.0` | `2.25.1` | | [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.19.1` | `2.19.2` | | [org.junit.jupiter:junit-jupiter-api](https://github.com/junit-team/junit-framework) | `5.13.3` | `5.13.4` | | [org.junit.jupiter:junit-jupiter-engine](https://github.com/junit-team/junit-framework) | `5.13.3` | `5.13.4` | | [org.junit.jupiter:junit-jupiter-params](https://github.com/junit-team/junit-framework) | `5.13.3` | `5.13.4` | | [org.junit.platform:junit-platform-console](https://github.com/junit-team/junit-framework) | `1.13.3` | `1.13.4` | | [org.apache.commons:commons-text](https://github.com/apache/commons-text) | `1.13.1` | `1.14.0` | | [com.scalar-labs:scalardb](https://github.com/scalar-labs/scalardb) | `3.16.0` | `3.16.1` | | [com.scalar-labs:scalardb-schema-loader](https://github.com/scalar-labs/scalardb) | `3.16.0` | `3.16.1` | Updates `org.apache.logging.log4j:log4j-core` from 2.25.0 to 2.25.1 Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.25.0 to 2.25.1 Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.25.0 to 2.25.1 Updates `com.fasterxml.jackson.core:jackson-databind` from 2.19.1 to 2.19.2 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `org.junit.jupiter:junit-jupiter-api` from 5.13.3 to 5.13.4 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.3...r5.13.4) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.13.3 to 5.13.4 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.3...r5.13.4) Updates `org.junit.jupiter:junit-jupiter-params` from 5.13.3 to 5.13.4 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.3...r5.13.4) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.13.3 to 5.13.4 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.3...r5.13.4) Updates `org.junit.platform:junit-platform-console` from 1.13.3 to 1.13.4 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/commits) Updates `org.apache.commons:commons-text` from 1.13.1 to 1.14.0 - [Changelog](https://github.com/apache/commons-text/blob/master/RELEASE-NOTES.txt) - [Commits](apache/commons-text@rel/commons-text-1.13.1...rel/commons-text-1.14.0) Updates `com.scalar-labs:scalardb` from 3.16.0 to 3.16.1 - [Release notes](https://github.com/scalar-labs/scalardb/releases) - [Commits](scalar-labs/scalardb@v3.16.0...v3.16.1) Updates `com.scalar-labs:scalardb-schema-loader` from 3.16.0 to 3.16.1 - [Release notes](https://github.com/scalar-labs/scalardb/releases) - [Commits](scalar-labs/scalardb@v3.16.0...v3.16.1) Updates `com.scalar-labs:scalardb-schema-loader` from 3.16.0 to 3.16.1 - [Release notes](https://github.com/scalar-labs/scalardb/releases) - [Commits](scalar-labs/scalardb@v3.16.0...v3.16.1) Updates `org.junit.jupiter:junit-jupiter-params` from 5.13.3 to 5.13.4 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.3...r5.13.4) --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-core dependency-version: 2.25.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-slf4j-impl dependency-version: 2.25.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-slf4j-impl dependency-version: 2.25.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-version: 2.19.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-version: 5.13.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-version: 5.13.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.junit.jupiter:junit-jupiter-params dependency-version: 5.13.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-version: 5.13.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.junit.platform:junit-platform-console dependency-version: 1.13.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.commons:commons-text dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.scalar-labs:scalardb dependency-version: 3.16.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: com.scalar-labs:scalardb-schema-loader dependency-version: 3.16.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: com.scalar-labs:scalardb-schema-loader dependency-version: 3.16.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.junit.jupiter:junit-jupiter-params dependency-version: 5.13.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary of Changes
Hello @feeblefakie, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
I have reviewed this pull request and determined it is an automated backport aimed at synchronizing dependency versions on branch(3) with recent updates from the main development branch. It primarily focuses on upgrading various library versions to ensure the project benefits from the latest features, bug fixes, and security patches.
Highlights
- Dependency Backport: I've identified that this PR is an automated backport of dependency version bumps to
branch(3), originating fromscalar-labs/scalardl/pull/204. - Specific Dependency Updates: My analysis of
build.gradleshows updates forlog4j,jackson,scalarDb,junit,junitPlatform, andcommonsText.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments or fill out our survey to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
There was a problem hiding this comment.
Code Review
This pull request is an automated backport that updates several dependencies to their newer patch or minor versions. The changes are straightforward and seem to be routine maintenance. My review includes one suggestion to improve the maintainability of the JUnit dependency management by using a Bill of Materials (BOM), which would make future updates safer and simpler.
| junitVersion = '5.13.4' | ||
| junitPlatformVersion = '1.13.4' |
There was a problem hiding this comment.
Maintainability: Consolidate JUnit versions with a BOM
Using separate properties junitVersion and junitPlatformVersion for different components of the same framework can be error-prone, as they might accidentally go out of sync in future updates, leading to potential build failures or runtime issues.
To improve maintainability and ensure all JUnit 5 modules are compatible, I recommend using the JUnit 5 Bill of Materials (BOM). This allows managing all JUnit-related dependency versions with a single property.
You could replace these two properties with a single junitBomVersion and then import the BOM in your subprojects. For example:
// In a subproject's build.gradle
dependencies {
// Import the BOM (Bill of Materials)
testImplementation platform("org.junit:junit-bom:${junitBomVersion}")
// Now, you can declare JUnit dependencies without a version
testImplementation 'org.junit.jupiter:junit-jupiter-api'
testImplementation 'org.junit.jupiter:junit-jupiter-params'
}This change would centralize version control for JUnit, making dependency management simpler and more robust.
2 participants
This is an automated backport of the following:
Please merge this PR after all checks have passed.