Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect SDK dependency version mismatches #126

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Detect SDK dependency version mismatches #126

wants to merge 6 commits into from

Conversation

lcian
Copy link
Member

@lcian lcian commented Feb 19, 2025
edited
Loading

📜 Description

Adds a new task validateSdkDependencyVersions that checks for dependencies in the io.sentry group (except for the plugin itself and the core SDK io.sentry:sentry, as an explicit dependency on the core SDK module could be valid if the intention is to override the default version used by the plugin) and validates if they have consistent versions.

Currently, customers would need to add

<goal>validateSdkDependencyVersions</goal>

to their pom.xml to enable running this new task.
I need to investigate on how to make it run automatically by default.

💡 Motivation and Context

Closes #123

💚 How did you test it?

I have tested different scenarios manually with the example project included in this repo.
I have also added integration tests, but it seems that they are not running this new task, even when explicitly specifying it as an execution goal.

📝 Checklist

  • I reviewed the submitted code
  • I added tests to verify the changes
  • I updated the docs if needed
  • No breaking changes

🔮 Next steps

  • Fix integration tests
  • Have the task run automatically in the validate phase (not possible)
  • update changelog
  • update docs if needed

@lcian lcian changed the title feat: detect SDK dependency version mismatches Detect SDK dependency version mismatches Feb 19, 2025
@lcian lcian requested review from adinauer and lbloder February 19, 2025 14:24
@lcian
Copy link
Member Author

lcian commented Feb 20, 2025

Need to check what happens with the BOM as well

@lcian
Copy link
Member Author

lcian commented Feb 20, 2025

Added some tests scenarios where the BOM is used as well.
The tests are still not effective as described above.

@lbloder
Copy link
Collaborator

lbloder commented Feb 24, 2025

@lcian afaik there is no simple way around setting <goal>validateSdkDependencyVersions</goal> in the execution tag of the plugin. So this is fine with me.

@lcian
Copy link
Member Author

lcian commented Feb 26, 2025

@lcian afaik there is no simple way around setting <goal>validateSdkDependencyVersions</goal> in the execution tag of the plugin. So this is fine with me.

That's a shame, would've been great to have this run automatically without customers needing to enable it.

@lcian lcian marked this pull request as ready for review February 26, 2025 14:54
@lcian lcian requested a review from lbloder February 26, 2025 14:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adinauer adinauer Awaiting requested review from adinauer adinauer is a code owner

@markushi markushi Awaiting requested review from markushi markushi is a code owner

@romtsn romtsn Awaiting requested review from romtsn romtsn is a code owner

@lbloder lbloder Awaiting requested review from lbloder

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Fail build if mixed Sentry versions detected
2 participants
@lcian @lbloder