-
-
Notifications
You must be signed in to change notification settings - Fork 661
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): bump org.siouan.frontend-jdk17 from 8.0.0 to 9.0.0 #1991
base: dev
Are you sure you want to change the base?
Conversation
Bumps org.siouan.frontend-jdk17 from 8.0.0 to 9.0.0. --- updated-dependencies: - dependency-name: org.siouan.frontend-jdk17 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
thanks, approuve to run now! |
@v1nc3n4 seems that it's falling, you have any clue? |
Hi @tchiotludo, Indeed, I suspect the upgrade fails due to a dependency conflict. The plugin uses the latest version of Apache Commons Compress (v1.27.1) but another dependency in the project probably uses a version < 1.25, and the one retained during the Gradle build is not the latest one. It's difficult for me to tell more and to identify the plugin/dependency that brings this old version. I can't tell why this issue happens now whereas the project could be built without any problem in the past years. I cannot reproduce the problem neither on my Windows workstation, or my WSL Ubuntu system. Between releases 1.24 and 1.25 of this library, there is a method signature change that may explain the error itself. From my personal experience, such issue generally occurs when the Gradle whole project does not clearly isolate each independent project from each other. Here, the root project contains all the configuration for the server project, and the client project is a subproject. I would recommend separating both projects and make each one an independent subproject. I guess this refactoring would not be simple, but it's a matter of moving server-related code, build scripts, configuration files in a dedicated subproject (named 'server' to be consistent with the 'client' subproject name). However, there may be 2 workarounds:
I will experiment a little soon and provide additional info here. |
Hi @tchiotludo Here are some additional details:
The easiest way to prevent such issue is to retain the latest version of plugins, and expect each one to retain the latest version of their own dependencies. After scanning the build, I found plugin I think this PR and the original Dependabot PR could be closed because the frontend plugin cannot be upgraded without dealing with the other plugin. For reference: Gradle forum discussion |
I forgot to mention that I can confirm moving server related files (build script plugins and configuration, code, YAML configuration, etc) in a dedicated |
Hi,
I saw this dependency upgrade failed. I need to temporary enable Gradle stack traces and this plugin verbosity during CI workflow to identify the cause.
Thanks in advance!
BR