Bump okhttp-api from 4.10.0-125.v3593b_a_f8c97b_ to 4.10.0-127.vf711b_27a_f7fe in /bom-weekly #1851
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [okhttp-api](https://github.com/jenkinsci/okhttp-api-plugin) from 4.10.0-125.v3593b_a_f8c97b_ to 4.10.0-127.vf711b_27a_f7fe. - [Release notes](https://github.com/jenkinsci/okhttp-api-plugin/releases) - [Commits](https://github.com/jenkinsci/okhttp-api-plugin/commits) --- updated-dependencies: - dependency-name: io.jenkins.plugins:okhttp-api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
Needed for okhttp 4.10.0-127.vf711b_27a_f7fe
jglick
reviewed
Mar 14, 2023
sample-plugin/pom.xml
Outdated
| @@ -39,6 +39,11 @@ | |||
| <artifactId>json</artifactId> | |||
| <version>20230227</version> | |||
| </dependency> | |||
| <dependency> | |||
| <groupId>org.jetbrains</groupId> | |||
| <artifactId>annotations</artifactId> | |||
There was a problem hiding this comment.
@jtnord @MarkEWaite I thought the point of this update was to remove all of these overrides?
There was a problem hiding this comment.
the kotlin override above (line 30) should now be removed - alas the annotation is real conflict as it is bundled in multiple (two) plugins (config as code and okhttp) and at a lower version on config-as-code.
Given the dependencies are listed alphabetically maven sees the dependency from c-as-c first and then gives you the lower bound.
I had thought about introducing a kotlin dependency - but a quick look seemed to show only okhttp requiring it, and introducing it just for a class retention annotation seemed like overkill.
There was a problem hiding this comment.
jenkinsci/okhttp-api-plugin#142. Yet when they are removed:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-enforcer-plugin:3.2.1:enforce (display-info) on project sample:
[ERROR] Rule 5: org.apache.maven.enforcer.rules.dependency.RequireUpperBoundDeps failed with message:
[ERROR] Failed while enforcing RequireUpperBoundDeps. The error(s) are [
[ERROR] Require upper bound dependencies error for org.jetbrains:annotations:13.0 [test] paths to dependency are:
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.plugins:okhttp-api:4.10.0-127.vf711b_27a_f7fe [test]
[ERROR] +-org.jetbrains:annotations:13.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.plugins:okhttp-api:4.10.0-127.vf711b_27a_f7fe [test]
[ERROR] +-org.jetbrains.kotlin:kotlin-stdlib:1.8.10 [test]
[ERROR] +-org.jetbrains:annotations:13.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util-ast:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util-builder:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util-collection:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util-data:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util-dependency:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util-format:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util-html:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util-misc:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util-options:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util-sequence:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util-visitor:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-all:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-ext-abbreviation:0.62.2 [test]
[ERROR] +-com.vladsch.flexmark:flexmark-util:0.62.2 [test]
[ERROR] +-org.jetbrains:annotations:15.0 [test]
[ERROR] ,
[ERROR] Require upper bound dependencies error for org.json:json:20220320 [test] paths to dependency are:
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins:configuration-as-code:1569.vb_72405b_80249 [test]
[ERROR] +-org.json:json:20220320 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-org.jenkins-ci.plugins:slack:629.vf00ea_cb_40d53 [test]
[ERROR] +-org.json:json:20220924 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-io.jenkins.configuration-as-code:test-harness:1569.vb_72405b_80249 [test]
[ERROR] +-com.github.erosb:everit-json-schema:1.14.1 [test]
[ERROR] +-org.json:json:20220320 [test]
[ERROR] and
[ERROR] +-io.jenkins.tools.bom:sample:999999-SNAPSHOT
[ERROR] +-org.jenkins-ci.plugins:jackson2-api:2.14.2-319.v37853346a_229 [test]
[ERROR] +-com.fasterxml.jackson.datatype:jackson-datatype-json-org:2.14.2 [test]
[ERROR] +-org.json:json:20190722 [test]
[ERROR] ]
org.jetbrains:annotations should I guess be excluded as a dep from both okhttp-api and configuration-as-code. org.json:json seems like an actual conflict (missing library plugin) between configuration-as-code, slack, and jackson2-api.
There was a problem hiding this comment.
should I guess be excluded as a dep from ... configuration-as-code
Last time I did that it broke config as code as it could no longer tell what was optional vs required by reading the various nullability annotations.
Granted this appears to be the test harness and flexmark which is just a markdown parser....
As it was an older version of an annotation I was concerned that the annotation could have changed in an incompatible way that would somehow break classloading. (I know it is fine if missing - unless the annotation has RUNTIME retention - but was not sure if the annotation was present yet incompatible how things would fall out)
There was a problem hiding this comment.
Well the annotation dep could certainly be excluded from okhttp-api, right?
There was a problem hiding this comment.
what could possibly go wrong right :)
…abot/maven/bom-weekly/io.jenkins.plugins-okhttp-api-4.10.0-127.vf711b_27a_f7fe
jtnord
approved these changes
Mar 14, 2023
MarkEWaite
approved these changes
Mar 14, 2023
|
A newer version of io.jenkins.plugins:okhttp-api exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged. |
…gins-okhttp-api-4.10.0-127.vf711b_27a_f7fe
…gins-okhttp-api-4.10.0-127.vf711b_27a_f7fe
…gins-okhttp-api-4.10.0-127.vf711b_27a_f7fe
MarkEWaite
deleted the
dependabot/maven/bom-weekly/io.jenkins.plugins-okhttp-api-4.10.0-127.vf711b_27a_f7fe
branch
lemeurherve
pushed a commit
to lemeurherve/bom
that referenced
this pull request
Mar 31, 2023
…_27a_f7fe in /bom-weekly (jenkinsci#1851) * Bump okhttp-api in /bom-weekly Bumps [okhttp-api](https://github.com/jenkinsci/okhttp-api-plugin) from 4.10.0-125.v3593b_a_f8c97b_ to 4.10.0-127.vf711b_27a_f7fe. - [Release notes](https://github.com/jenkinsci/okhttp-api-plugin/releases) - [Commits](https://github.com/jenkinsci/okhttp-api-plugin/commits) --- updated-dependencies: - dependency-name: io.jenkins.plugins:okhttp-api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Add org.jetbrains.annotations to sample plugin dep mgmt Needed for okhttp 4.10.0-127.vf711b_27a_f7fe * Can at least remove `kotlin-bom` now * Better to use `exclusions` rather than pin a version --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Mark Waite <[email protected]> Co-authored-by: Jesse Glick <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps okhttp-api from 4.10.0-125.v3593b_a_f8c97b_ to 4.10.0-127.vf711b_27a_f7fe.
Release notes
Sourced from okhttp-api's releases.
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)