Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump grgit-gradle from 4.0.1 to 5.0.0 #243

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 17, 2022

Bumps grgit-gradle from 4.0.1 to 5.0.0.

Release notes

Sourced from grgit-gradle's releases.

5.0.0

This release includes a number of breaking changes, with the main user highlight being the long awaited configuration cache support.

Known Issue: #356 highlighted that (some?) multi-project builds will encounter an error when applying org.ajoberstar.grgit or org.ajoberstar.grgit.service to multiple projects. This is caused by an upstream Gradle issue gradle/gradle#17559 that is, as of 2/10/2022, is targeted to be fixed in 7.5. I suggest multi-project builds hold off on upgrading until that upstream issue is resolved.

Breaking Changes

  • Upgrade to JGit 6
  • Drops support for Java 8 (due to JGit upgrade)
  • Drops support for Gradle 4, 5, and 6
  • Drops support for Groovy 2
  • org.ajoberstar.grgit is no longer auto-applied to all subprojects, you must apply it to any project that wants to access the grgit property

Enhancements

  • #322 --configuration-cache is now supported (thanks @​abelom and @​runningcode)
  • #354 A new org.ajoberstar.grgit-service plugin is available to provide lazy access to a GrgitService (a Gradle BuildService). See the README for tips on how to use this.
  • Adds grgit.remote.remove(name: 'origin') to remove remotes

Fixes

None

Deprecations

None

Compatibility

Tested on the following version:

Java Version Gradle Versions
11 7.0.2, 7.3.3, 7.4-rc-2
17 7.3.3, 7.4-rc-2

5.0.0-rc.7

This release includes a number of breaking changes, with the main user highlight being the long awaited configuration cache support.

Breaking Changes

  • Upgrade to JGit 6
  • Drops support for Java 8 (due to JGit upgrade)
  • Drops support for Gradle 4, 5, and 6
  • Drops support for Groovy 2
  • org.ajoberstar.grgit is no longer auto-applied to all subprojects, you must apply it to any project that wants to access the grgit property

Enhancements

... (truncated)

Commits
  • 0de6903 Add maven central config and fix service plugin id
  • 6921ab4 Add group/description
  • a24b47a Remove publishPlugins task
  • 25429e8 Fix toolchain settings for build
  • 632cd45 Use Gradle 7.4
  • 8eb7ca2 Add repositories
  • 996cb6b Switch to gradle-defaults
  • c0450b1 Add command to remove remotes
  • 0354fa7 Fix for use of dir instead of currentDir
  • 6e14884 Merge pull request #354 from ajoberstar/config-cache
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot requested review from a team and madhusudhankonda as code owners October 17, 2022 09:41
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 17, 2022
@dblock
Copy link
Member

dblock commented Oct 17, 2022

@kotwanikunal What do I have to do here for dependabot + CHANGELOG?

@harshavamsi
Copy link
Contributor

@kotwanikunal What do I have to do here for dependabot + CHANGELOG?

https://github.com/opensearch-project/OpenSearch/blob/main/.github/workflows/dependabot_pr.yml -- I believe something like this is necessary.

@kotwanikunal
Copy link
Member

@kotwanikunal What do I have to do here for dependabot + CHANGELOG?

https://github.com/opensearch-project/OpenSearch/blob/main/.github/workflows/dependabot_pr.yml -- I believe something like this is necessary.

Yep. Specifically this block here.

@VachaShah
Copy link
Collaborator

@dependabot recreate

@dependabot dependabot bot force-pushed the dependabot/gradle/org.ajoberstar.grgit-grgit-gradle-5.0.0 branch from 88c43b5 to d3a1a25 Compare October 19, 2022 00:51
@VachaShah
Copy link
Collaborator

@harshavamsi The changelog for Dependabot PRs does not look to be updated, can you take a look? https://github.com/opensearch-project/opensearch-java/actions/runs/3277998211/jobs/5396124985

@harshavamsi
Copy link
Contributor

harshavamsi commented Oct 19, 2022

@harshavamsi The changelog for Dependabot PRs does not look to be updated, can you take a look? https://github.com/opensearch-project/opensearch-java/actions/runs/3277998211/jobs/5396124985

https://github.com/opensearch-project/opensearch-java/actions/runs/3277998211/jobs/5396124985#step:5:22

Says nothing to commit. Could it be because the workflow was added after dependabot created the PR? I know you recreated it but it might not have worked.

@VachaShah
Copy link
Collaborator

@harshavamsi The changelog for Dependabot PRs does not look to be updated, can you take a look? https://github.com/opensearch-project/opensearch-java/actions/runs/3277998211/jobs/5396124985

https://github.com/opensearch-project/opensearch-java/actions/runs/3277998211/jobs/5396124985#step:5:22

Says nothing to commit. Could it be because the workflow was added after dependabot created the PR? I know you recreated it but it might not have worked.

That might not be the case since the workflow ran. Can you try it on your fork and see if it works?

@harshavamsi
Copy link
Contributor

@dependabot recreate

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 19, 2022

Sorry, only users with push access can use that command.

@dblock
Copy link
Member

dblock commented Oct 19, 2022

@dependabot recreate

Bumps [grgit-gradle](https://github.com/ajoberstar/grgit) from 4.0.1 to 5.0.0.
- [Release notes](https://github.com/ajoberstar/grgit/releases)
- [Commits](ajoberstar/grgit@4.0.1...5.0.0)

---
updated-dependencies:
- dependency-name: org.ajoberstar.grgit:grgit-gradle
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/gradle/org.ajoberstar.grgit-grgit-gradle-5.0.0 branch from d3a1a25 to 164c6ec Compare October 19, 2022 20:45
Signed-off-by: dependabot[bot] <[email protected]>
@saratvemulapalli saratvemulapalli merged commit 4a3be6f into main Oct 20, 2022
@dependabot dependabot bot deleted the dependabot/gradle/org.ajoberstar.grgit-grgit-gradle-5.0.0 branch October 20, 2022 19:32
abhinav-nath pushed a commit to abhinav-nath/opensearch-java that referenced this pull request Oct 21, 2022
* Bump grgit-gradle from 4.0.1 to 5.0.0

Bumps [grgit-gradle](https://github.com/ajoberstar/grgit) from 4.0.1 to 5.0.0.
- [Release notes](https://github.com/ajoberstar/grgit/releases)
- [Commits](ajoberstar/grgit@4.0.1...5.0.0)

---
updated-dependencies:
- dependency-name: org.ajoberstar.grgit:grgit-gradle
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update changelog

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
abhinav-nath pushed a commit to abhinav-nath/opensearch-java that referenced this pull request Oct 21, 2022
* Bump grgit-gradle from 4.0.1 to 5.0.0

Bumps [grgit-gradle](https://github.com/ajoberstar/grgit) from 4.0.1 to 5.0.0.
- [Release notes](https://github.com/ajoberstar/grgit/releases)
- [Commits](ajoberstar/grgit@4.0.1...5.0.0)

---
updated-dependencies:
- dependency-name: org.ajoberstar.grgit:grgit-gradle
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update changelog

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
Signed-off-by: Abhinav Nath <[email protected]>
VachaShah pushed a commit that referenced this pull request Oct 21, 2022
…#234)

* Add support to parse sub-aggregations from filter/nested aggregations

Signed-off-by: Abhinav Nath <[email protected]>

* Add USER_GUIDE.md

Signed-off-by: Abhinav Nath <[email protected]>

* Add DCO

Signed-off-by: Abhinav Nath <[email protected]>

* Add link to USER_GUIDE.md in README.md

Signed-off-by: Abhinav Nath <[email protected]>

* Add changelog and changelog verifier (#239)

Signed-off-by: Harsha Vamsi Kalluri <[email protected]>

Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
Signed-off-by: Abhinav Nath <[email protected]>

* Set javadoc encoding to utf-8 (#50) (#241)

Signed-off-by: Meetesh Kumawat<[email protected]>
Signed-off-by: meetesh <[email protected]>

Signed-off-by: Meetesh Kumawat<[email protected]>
Signed-off-by: meetesh <[email protected]>
Signed-off-by: Abhinav Nath <[email protected]>

* Update Jackson Databind to 2.13.4.2 (addressing CVE-2022-42003) (#240)

Signed-off-by: Andriy Redko <[email protected]>

Signed-off-by: Andriy Redko <[email protected]>
Signed-off-by: Abhinav Nath <[email protected]>

* Updates changelog for dependabot PRs (#247)

* Updates changelog for dependabot PRs

Signed-off-by: Harsha Vamsi Kalluri <[email protected]>

* Adding dependabot label for workflow

Signed-off-by: Harsha Vamsi Kalluri <[email protected]>

Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
Signed-off-by: Abhinav Nath <[email protected]>

* Update tests to use JUnit's Assert (#244)

Signed-off-by: Andriy Redko <[email protected]>

Signed-off-by: Andriy Redko <[email protected]>
Signed-off-by: Abhinav Nath <[email protected]>

* Update literature around changelog (#242)

* Update literature

Signed-off-by: Harsha Vamsi Kalluri <[email protected]>

* Removing pr template and updating language

Signed-off-by: Harsha Vamsi Kalluri <[email protected]>

Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
Co-authored-by: Daniel (dB.) Doubrovkine <[email protected]>
Signed-off-by: Abhinav Nath <[email protected]>

* Bump grgit-gradle from 4.0.1 to 5.0.0 (#243)

* Bump grgit-gradle from 4.0.1 to 5.0.0

Bumps [grgit-gradle](https://github.com/ajoberstar/grgit) from 4.0.1 to 5.0.0.
- [Release notes](https://github.com/ajoberstar/grgit/releases)
- [Commits](ajoberstar/grgit@4.0.1...5.0.0)

---
updated-dependencies:
- dependency-name: org.ajoberstar.grgit:grgit-gradle
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update changelog

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
Signed-off-by: Abhinav Nath <[email protected]>

* Add DCO

Signed-off-by: Abhinav Nath <[email protected]>

* Update CHANGELOG and README

Signed-off-by: Abhinav Nath <[email protected]>

* Add DCO

Signed-off-by: Abhinav Nath <[email protected]>

* Add DCO

Signed-off-by: Abhinav Nath <[email protected]>

* Fix CHANGLOG and README TOC

Signed-off-by: Abhinav Nath <[email protected]>

Signed-off-by: Abhinav Nath <[email protected]>
Signed-off-by: Harsha Vamsi Kalluri <[email protected]>
Signed-off-by: Meetesh Kumawat<[email protected]>
Signed-off-by: meetesh <[email protected]>
Signed-off-by: Andriy Redko <[email protected]>
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Harsha Vamsi Kalluri <[email protected]>
Co-authored-by: Meetesh Kumawat <[email protected]>
Co-authored-by: Andriy Redko <[email protected]>
Co-authored-by: Daniel (dB.) Doubrovkine <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependabot dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants