Uploaded image for project: 'Subscription Watch'
  1. Subscription Watch
  2. SWATCH-2035

The Quarkus Platform and Quarkus Gradle plugin are versioned independendly

XMLWordPrintable

      The Quarkus Platform bom and the Quarkus Gradle plugin are versioned independently in the dependencies.gradle file:

      ext.plugins = [
        // ...
        "io.quarkus:gradle-application-plugin:3.6.1",
        // ...
]

// BOMs
libraries["quarkus-bom"] = "io.quarkus.platform:quarkus-bom:3.6.0"

      This leads to mismatching issues when both dependencies should use the same version. Moreover, dependabot will create separate pull requests to bump these dependencies.

      As a solution, we could have a common property "quarkus.version" and use it in both dependencies, though I'm not sure how compatible this would be for dependabot.

      Another solution would be to try the Dependabot groups feature: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups

      Acceptance Criteria

      • Both dependencies should use the same version
      • Dependabot should bump the both dependencies at the same time

            jcarvaja@redhat.com Jose Carvajal Hilario
            jcarvaja@redhat.com Jose Carvajal Hilario
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: