Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump git-plugin.version from 4.14.1 to 4.14.2 in /bom-weekly #1623

Closed
wants to merge 1 commit into from
Closed

Bump git-plugin.version from 4.14.1 to 4.14.2 in /bom-weekly #1623

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 6, 2022
edited
Loading

Bumps git-plugin.version from 4.14.1 to 4.14.2.
Updates git from 4.14.1 to 4.14.2

Release notes

Sourced from git's releases.

4.14.2

🚦 Tests

✍ Other changes

📦 Dependency updates

Commits
  • f166cef [maven-release-plugin] prepare release git-4.14.2
  • 9a4ddc2 Do not assert changeset paths are unique
  • 699eef5 Better message in assertion
  • c8dff1b Make objectID more readable in assertion failure
  • c41d570 Merge pull request #1371 from jenkinsci/dependabot/maven/master/nl.jqno.equal...
  • 0acb753 Bump equalsverifier from 3.11.1 to 3.12.1
  • dd3658d Improve assertion failure message in browser test
  • ce8b936 Merge pull request #1369 from jenkinsci/dependabot/maven/org.jenkins-ci.plugi...
  • 7a5afa3 Require at least promoted builds 3.11
  • 57a7af3 Bump parameterized-trigger from 2.39 to 2.43.1
  • Additional commits viewable in compare view

Updates git from 4.14.1 to 4.14.2

Release notes

Sourced from git's releases.

4.14.2

🚦 Tests

✍ Other changes

📦 Dependency updates

Commits
  • f166cef [maven-release-plugin] prepare release git-4.14.2
  • 9a4ddc2 Do not assert changeset paths are unique
  • 699eef5 Better message in assertion
  • c8dff1b Make objectID more readable in assertion failure
  • c41d570 Merge pull request #1371 from jenkinsci/dependabot/maven/master/nl.jqno.equal...
  • 0acb753 Bump equalsverifier from 3.11.1 to 3.12.1
  • dd3658d Improve assertion failure message in browser test
  • ce8b936 Merge pull request #1369 from jenkinsci/dependabot/maven/org.jenkins-ci.plugi...
  • 7a5afa3 Require at least promoted builds 3.11
  • 57a7af3 Bump parameterized-trigger from 2.39 to 2.43.1
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once it's up-to-date and CI passes on it, as requested by @MarkEWaite.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump git-plugin.version from 4.14.1 to 4.14.2 in /bom-weekly
81c8fb5 
Bumps `git-plugin.version` from 4.14.1 to 4.14.2.

Updates `git` from 4.14.1 to 4.14.2
- [Release notes](https://github.com/jenkinsci/git-plugin/releases)
- [Changelog](https://github.com/jenkinsci/git-plugin/blob/master/CHANGELOG.adoc)
- [Commits](jenkinsci/git-plugin@git-4.14.1...git-4.14.2)

Updates `git` from 4.14.1 to 4.14.2
- [Release notes](https://github.com/jenkinsci/git-plugin/releases)
- [Changelog](https://github.com/jenkinsci/git-plugin/blob/master/CHANGELOG.adoc)
- [Commits](jenkinsci/git-plugin@git-4.14.1...git-4.14.2)

---
updated-dependencies:
- dependency-name: org.jenkins-ci.plugins:git
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.jenkins-ci.plugins:git:tests
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Dec 6, 2022
@dependabot dependabot bot requested a review from jglick December 6, 2022 01:12
MarkEWaite
MarkEWaite approved these changes Dec 6, 2022
View reviewed changes
Copy link
Contributor

@MarkEWaite MarkEWaite left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dependabot merge

@MarkEWaite
Copy link
Contributor

@dependabot squash and merge

@MarkEWaite MarkEWaite mentioned this pull request Dec 6, 2022
Closed
@basil
Copy link
Member

basil commented Dec 6, 2022

Can be reproduced in git-plugin by running

$ mvn -Denforcer.skip=true -Dhpi-plugin.version=3.37 -Djenkins.version=2.381 -Djth.jenkins-war.path=/home/basil/src/jenkinsci/bom/target/local-test/megawar.war -DoverrideWar=/home/basil/src/jenkinsci/bom/target/local-test/megawar.war -DoverrideWarAdditions=true -Dtest=InjectedTest -DupperBoundsExcludes=javax.servlet:servlet-api -DuseUpperBounds=true clean verify

after running in bom

$ PLUGINS=git TEST=InjectedTest bash local-test.sh

to build the megawar.

Bisection shows the trouble started occurring at jenkinsci/git-plugin#1369 which updated parameterized-trigger from 2.39 to 2.43.1, which in turn updated conditional-buildstep from 1.3.1 to 1.4.1, which in turn put maven-plugin on the compile classpath. Turns out that declaring maven-plugin as non-optional was a bug in conditional-buildstep 1.4.1, fixed in 1.4.2 with jenkinsci/conditional-buildstep-plugin#27.

Verified that the problem can be successfully worked around in git-plugin by downgrading parameterized-trigger back to 2.39 (which also downgrades conditional-buildstep down to 1.3.1) or upgrading conditional-buildstep to 1.4.2 with

diff --git a/pom.xml b/pom.xml
index 3753e57c..e187d4f4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -79,6 +79,11 @@
         <type>pom</type>
         <scope>import</scope>
       </dependency>
+      <dependency>
+        <groupId>org.jenkins-ci.plugins</groupId>
+        <artifactId>conditional-buildstep</artifactId>
+        <version>1.4.2</version>
+      </dependency>
     </dependencies>
   </dependencyManagement>

But a better solution would be to upgrade conditional-buildstep to 1.4.2 in parameterized-trigger; i.e., releasing jenkinsci/parameterized-trigger-plugin#252 and then upgrading to that release in the Git plugin.

OK, so who is going to implement this? I am not just talking. If you want me to do it Mark feel free to create an issue and assign it to me, and it will be taken care of with the speed you know me for. If you want to do this yourself that is fine too. If you think we should ask someone else, I would be happy to guide them through the changes.

@MarkEWaite
Copy link
Contributor

MarkEWaite commented Dec 7, 2022
edited
Loading

OK, so who is going to implement this? I am not just talking. If you want me to do it Mark feel free to create an issue and assign it to me, and it will be taken care of with the speed you know me for. If you want to do this yourself that is fine too. If you think we should ask someone else, I would be happy to guide them through the changes.

Thanks so much for the detailed analysis. Much appreciated! I'll need to study your technique so that I can use it in the future.

I'd like to handle it by releasing a new version of the git plugin without placing a dependency on the release of another plugin. I should be able to release the new version within the next 24 hours.

@MarkEWaite MarkEWaite closed this Dec 7, 2022
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 7, 2022

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/maven/bom-weekly/git-plugin.version-4.14.2 branch December 7, 2022 02:51
@MarkEWaite
Copy link
Contributor

I "fat fingered" the close of this pull request, but ultimately it would need to be closed anyway, since a new release of git plugin will be needed to solve the problem.

This was referenced Dec 11, 2022
Merged
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MarkEWaite MarkEWaite MarkEWaite approved these changes

@jglick jglick Awaiting requested review from jglick

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MarkEWaite @basil