Conversation
|
Closing this because upgrade dependencies is non-trivial right now due to transient dependency version issue. We need to spend some more dedicated time into this. |
What issue? Give some clue what you're talking about. Why can't we just skip that one dependency? It looks like if you just avoid upgrading lincheck at this point the build works (on my machine with |
|
We cannot upgrade |
Yes, I was talking about changes from that current point in the PR. For those other things, add a |
gradle/libs.versions.toml
Outdated
| # 2.11.0+ requires JDK 11+ (See https://github.com/google/error-prone/releases/tag/v2.11.0) | ||
| # checkForUpdates: errorprone-corejava8:2.10.+ | ||
| errorprone-corejava8 = "com.google.errorprone:error_prone_core:2.10.0" | ||
| # checkForUpdates: Newer versions requires protobuf 4.x. |
There was a problem hiding this comment.
The checkForUpdates comments are read by the checkForUpdates task. They should be machine-readable, and specify the pattern to use when searching for new versions.
See 6d611f7
gradle/libs.versions.toml
Outdated
| # checkForUpdates: google-api-protos:2.63.+ | ||
| google-api-protos = "com.google.api.grpc:proto-google-common-protos:2.63.2" |
There was a problem hiding this comment.
Seems we should upgrade to 2.66.0?
There was a problem hiding this comment.
Except this one. This can only be upgraded until 2.64.1
There was a problem hiding this comment.
Yeah cross checked with maven: proto-google-common-protos/2.64.1/dependencies has protobuf-java 3.25.8 and proto-google-common-protos/2.65.0/dependencies has protobuf-java 4.33.2.
There was a problem hiding this comment.
Your comment says "2.67.0+ requires protobuf 4.x." Either upgrade to the latest version prior to 2.67.0 or update the comment to describe why we aren't yet upgrading.
gradle/libs.versions.toml
Outdated
| # checkForUpdates: google-auth-credentials:1.41.+ | ||
| google-auth-credentials = "com.google.auth:google-auth-library-credentials:1.41.0" | ||
| # checkForUpdates: google-auth-oauth2Http:1.41.+ | ||
| google-auth-oauth2Http = "com.google.auth:google-auth-library-oauth2-http:1.41.0" |
gradle/libs.versions.toml
Outdated
| # checkForUpdates: google-cloud-logging:3.23.+ | ||
| google-cloud-logging = "com.google.cloud:google-cloud-logging:3.23.9" |
There was a problem hiding this comment.
google-cloud-logging can be upgraded to 3.23.10 and from 3.23.11 things are breaking because it has protobuf 4.33 as a dependency. Check here: https://mvnrepository.com/artifact/com.google.cloud/google-cloud-logging
There was a problem hiding this comment.
So even the patch upgrade is making problems. The comment for checkForUpgrades will not work. What should we have here?
# checkForUpdates: google-cloud-logging:3.23.+
There was a problem hiding this comment.
3.23.11 things are breaking because it has protobuf 4.33 as a dependency
Then the comment is wrong: "3.28.0+ require protobuf 4.x".
The comment for checkForUpgrades will not work. What should we have here?
checkForUpdates passes the version selection string from this comment to Gradle and then checks what version Gradle ended up selecting. See Gradle's docs for the ways to write a version.
If this comment is not here, then the task defaults to +, which just means "latest version". If it's only compatible with major version 3, then you'd write 3.+. You can also write 3.23.+ and 3.23.9, depending on the needs.
| # Need to decide when we require users to absorb the breaking changes in 4.2 | ||
| # checkForUpdates: netty-codec-http2:4.1.+ | ||
| netty-codec-http2 = "io.netty:netty-codec-http2:4.1.130.Final" | ||
| netty-codec-http2 = "io.netty:netty-codec-http2:4.1.131.Final" |
There was a problem hiding this comment.
Only upgrade Netty when we are ready to upgrade internally. It is fine to skip it right now (although the past several upgrades have been easy, so you could also do it now).
2 participants
No description provided.