Use Gradle version catalog #9
Conversation
... and bump a couple dependencies
| implementation("io.dropwizard:dropwizard-jackson:${dropwizardVersion}") | ||
| implementation(libs.eclipselink) | ||
| implementation(platform(libs.dropwizard.bom)) | ||
| implementation("io.dropwizard:dropwizard-jackson") |
There was a problem hiding this comment.
Is there a reason this one doesn't have a "libs." identifier?
There was a problem hiding this comment.
Yup - it's just some artifact that's "version managed" via a bom.
| caffeine = { module = "com.github.ben-manes.caffeine:caffeine", version = "3.1.8" } | ||
| commons-codec1 = { module = "commons-codec:commons-codec", version = "1.17.0" } | ||
| commons-lang3 = { module = "org.apache.commons:commons-lang3", version = "3.14.0" } | ||
| dropwizard-bom = { module = "io.dropwizard:dropwizard-bom", version = "4.0.7" } |
There was a problem hiding this comment.
can't version here be version.ref = "dropwizard"
There was a problem hiding this comment.
Could be - dependency management tools however generate the PR title from the place they update. Renovate for example would use a PR title like Update dependency software.amazon.awssdk:bom to v2.26.25 for the "non ref" ones, but something like fix(deps): update errorprone to v2.29.2 for the versions.
It's a bit of a taste/preference thing.
RussellSpitzer
left a comment
RussellSpitzer
left a comment
There was a problem hiding this comment.
Minor nits, Looks good to me otherwise
|
|
||
| testImplementation(platform("org.junit:junit-bom:5.10.3")) | ||
| testImplementation(platform(libs.junit.bom)) | ||
| testImplementation("org.junit.jupiter:junit-jupiter") |
There was a problem hiding this comment.
Can we use lib.xxx here as well?
There was a problem hiding this comment.
We could - it's a taste/preference thing.
There can be a lot of "unmanaged" dependencies (version-managed via a bom) mentioned in libs.gradle.toml over time.
There was a problem hiding this comment.
WRT to "visible dependency report" - I'll come up w/ additional PRs to a) automatically licenses, b) verify NOTICE content and c) generate a license report containing all deps in distributables.
There was a problem hiding this comment.
it's a taste/preference thing.
I'd prefer a consistent style, but we can fix it in followup PRs.
…ad-table Add load table entity lookup
[Cherrypick] SNOW-1926859 Hotfix CLIENT_REGION
3 participants
Description
Introduces Gradle version catalogs (toml files), also bump a couple dependencies to recent versions.
Version catalogs as a central place to declare dependencies are easier to manage. Tools like renovate(bot) and dependabot can use these.
Type of change
Please delete options that are not relevant.