Issue #12711: fix versions validation to use xmlstarlet with new XML format#19426
Conversation
8cec9c6 to
d46e05f
Compare
…h new XML format
d46e05f to
3e3e05d
Compare
|
@romani unrelated fail, please let me know if any other change needed |
|
Hmm, we use dependabot now for this reason. In what CI we run this job? We can merge update as backup option. But better to run it in CI . |
|
@romani versions job is called from .ci/validation.sh , runs in checkstyl cicleci pipelie, as 'job versions' in this pr's check and passed. this script acts like a backup validation layer with dependabot, since bot handle bumps but this fails the build if outdated dependencies are defected in ci |
| @@ -196,15 +196,23 @@ test-al) | |||
| versions) | |||
There was a problem hiding this comment.
checkstyle/azure-pipelines.yml
Lines 98 to 102 in 9b3b81a
There was a problem hiding this comment.
@romani thanks for finding that. yes it runs on cron only in azure. the fix ensures the script correctly parses the new xml format when it does run.
There was a problem hiding this comment.
We need some prove that it works.
Please do git checkout to some commit that is 2 months ago. Apply your commit and run. And share whole output of execution, I want to see how it can find new versions. We constantly update dependency, so it should catch what we updated recently
There was a problem hiding this comment.
@romani proof-> checked out commit 5e7a67e (from -2 months ago), applied the fix, and ran ./.ci/validation.sh versions. output i got :
New dependency versions:
com.google.truth:truth 1.4.4 -> 1.4.5
nl.jqno.equalsverifier:equalsverifier 4.3 -> 4.4.1
org.apache.maven.doxia:doxia-core 1.12.0 -> 2.1.0
org.apache.maven.doxia:doxia-module-xdoc 1.12.0 -> 2.1.0
org.checkerframework:checker-qual 3.53.0 -> 3.54.0
org.eclipse.jgit:org.eclipse.jgit 7.5.0.202512021534-r -> 7.6.0.202603022253-r
New plugin versions:
edu.illinois:nondex-maven-plugin 2.2.1 -> 2.2.5
org.apache.maven.plugins:maven-compiler-plugin 3.14.1 -> 3.15.0
org.apache.maven.plugins:maven-failsafe-plugin 3.5.4 -> 3.5.5
org.apache.maven.plugins:maven-resources-plugin 3.4.0 -> 3.5.0
org.apache.maven.plugins:maven-surefire-plugin 3.5.4 -> 3.5.5
org.gaul:modernizer-maven-plugin 3.2.0 -> 3.3.0
Verification is failed.
i think this fix detects all outdated dependencies/plugins using the new xml format
fixes #12711
Updated .ci/validation.sh to use xmlstarlet to parse the xml reports. the script now correctly detects outdated dependencies
and plugins by checking for status != 'no new available'