[BUILD-513] Wrap up dependency bot (dependency report) Created: 01/Sep/21 Updated: 16/Feb/22 Resolved: 10/Nov/21 |
|
| Status: | Closed |
| Project: | Build |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Neutral |
| Reporter: | Maxime Michel | Assignee: | Maxime Michel |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Template: |
|
||||||||
| Acceptance criteria: |
Empty
|
||||||||
| Epic Link: | Dependency bot | ||||||||
| Description |
|
In However, Maven also provides an XML report that breaks down which individual dependencies can be upgraded. When/if all version properties are up-to-date, then we should do that. — Implementation decision: leave the dependency bot's logic intact and update the boms instead. Dependencies with a defined <version> node should be refactored into versions with properties. That way, the bot can operate on all of them, and the dependency bot can be kept simple & stupid. |
| Comments |
| Comment by Maxime Michel [ 09/Nov/21 ] |
|
The solution we ended up going for triples the amount of dependency versions being tracked by the dependency bot. |