Bump Dependencies #24960039926#27677
Bump Dependencies #24960039926#27677jenkins-is-staging wants to merge 1 commit intowso2:archive_IS-7.3from
Conversation
📝 WalkthroughSummaryThis PR automatically bumps the Changes
WalkthroughThe Maven property Suggested reviewers
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@pom.xml`:
- Line 2806: The pom property identity.org.mgt.version is set to 2.4.23 which is
not available in public Maven repositories and will fail the build; change the
property value back to the last known good version (2.4.22) or ensure the
repository that hosts org.wso2.carbon.identity.organization.management:2.4.23 is
added to the project's repositories so the dependency can be resolved, updating
the identity.org.mgt.version property accordingly.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
| <authenticator.auth.otp.commons.version>1.1.1</authenticator.auth.otp.commons.version> | ||
|
|
||
| <identity.org.mgt.version>2.4.22</identity.org.mgt.version> | ||
| <identity.org.mgt.version>2.4.23</identity.org.mgt.version> |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Description: Verify that version 2.4.23 exists for org.wso2.carbon.identity.organization.management
# and check for any security advisories.
# Check if the version exists in the WSO2 Maven repository
echo "Checking if version 2.4.23 exists..."
curl -s -o /dev/null -w "%{http_code}" \
"https://maven.wso2.org/nexus/content/groups/wso2-public/org/wso2/carbon/identity/organization/management/org.wso2.carbon.identity.organization.management.server.feature/2.4.23/" | \
grep -q "200" && echo "Version 2.4.23 found" || echo "Version 2.4.23 not found"
# Check for security advisories using GitHub's GraphQL API
echo "Checking for security advisories..."
gh api graphql -f query='
{
securityVulnerabilities(first: 10, ecosystem: MAVEN, package: "org.wso2.carbon.identity.organization.management:org.wso2.carbon.identity.organization.management.server.feature") {
nodes {
advisory {
summary
severity
publishedAt
}
vulnerableVersionRange
firstPatchedVersion {
identifier
}
}
}
}'Repository: wso2/product-is
Length of output: 206
🏁 Script executed:
#!/bin/bash
# Check the correct artifact ID and verify if version 2.4.23 exists in other locations
# First, let's check what versions are available in the WSO2 repository
echo "Checking available versions in WSO2 Maven repository..."
curl -s "https://maven.wso2.org/nexus/content/groups/wso2-public/org/wso2/carbon/identity/organization/management/" 2>/dev/null | \
grep -o "2\.4\.[0-9]*" | sort -V | tail -10
# Also check the Maven Central Repository
echo ""
echo "Checking Maven Central Repository..."
curl -s "https://repo1.maven.org/maven2/org/wso2/carbon/identity/organization/management/" 2>/dev/null | \
grep -o "2\.4\.[0-9]*" | sort -V | tail -10
# Check if this is part of a staging repository
echo ""
echo "Checking WSO2 staging repository..."
curl -s "https://maven.wso2.org/nexus/content/repositories/staging/" -I 2>/dev/null | head -5Repository: wso2/product-is
Length of output: 592
🏁 Script executed:
#!/bin/bash
# Examine the pom.xml around the changed line and look for context
# Show the line in context
echo "=== Context around line 2806 ==="
sed -n '2800,2815p' pom.xml
echo ""
echo "=== Checking for other org.wso2.carbon.identity version properties ==="
grep -n "identity\.org\.mgt\.version" pom.xml
echo ""
echo "=== Checking git history for this property ==="
git log --oneline -10 -- pom.xml | head -5Repository: wso2/product-is
Length of output: 1444
Version 2.4.23 is not available in public Maven repositories and will cause build failures.
Version 2.4.23 of org.wso2.carbon.identity.organization.management could not be found in the WSO2 Maven repository, Maven Central, or other accessible repositories. This dependency will fail to resolve during the build. Either revert to version 2.4.22 or verify that this version has been published to the appropriate repository before proceeding.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@pom.xml` at line 2806, The pom property identity.org.mgt.version is set to
2.4.23 which is not available in public Maven repositories and will fail the
build; change the property value back to the last known good version (2.4.22) or
ensure the repository that hosts
org.wso2.carbon.identity.organization.management:2.4.23 is added to the
project's repositories so the dependency can be resolved, updating the
identity.org.mgt.version property accordingly.
|
1 participant
Bumps dependencies for product-is. Link : https://github.com/wso2/product-is/actions/runs/24960039926