[BUILD-513] Wrap up dependency bot (dependency report) Created: 01/Sep/21  Updated: 16/Feb/22  Resolved: 10/Nov/21

Status: Closed
Project: Build
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Neutral
Reporter: Maxime Michel Assignee: Maxime Michel
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
relation
is related to BUILD-511 Implement a dependency bot (for boms ... Closed
Template:
Acceptance criteria:
Empty
Epic Link: Dependency bot

 Description   

In BUILD-511, we inspect the Maven report that inspects versions defined in properties at the top of the boms' pom file.

However, Maven also provides an XML report that breaks down which individual dependencies can be upgraded. When/if all version properties are up-to-date, then we should do that.

Implementation decision: leave the dependency bot's logic intact and update the boms instead. Dependencies with a defined <version> node should be refactored into versions with properties. That way, the bot can operate on all of them, and the dependency bot can be kept simple & stupid.



 Comments   
Comment by Maxime Michel [ 09/Nov/21 ]

The solution we ended up going for triples the amount of dependency versions being tracked by the dependency bot.

Generated at Sun Feb 11 23:42:33 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.