Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): Update dependencies #4258

Open
wants to merge 7 commits into
base: master
Choose a base branch
from

Conversation

reneleonhardt
Copy link

@reneleonhardt reneleonhardt commented Sep 21, 2023

  • Breaking change? (if so, please describe the impact and migration path for existing application instances)

What changes did you make? (Give an overview)

My team suggested to replace kafdrop by kafka-ui, but I saw that your last release is 3 months old and therefore contains critical and high security findings.
So I updated all versions where possible without breaking changes, now trivy shows no critical or high findings anymore.
Those updates which would require additional work from my experience I just commented in the POMs without actually changing the version.

Is there anything you'd like reviewers to focus on?

If you remember a dependency where updating a minor revision broke something, then review those dependencies more carefully or maybe add a test if possible.
If you can, please enable dependabot/renovate where possible, staying up-to-date is the least amount of work and security bugs from my experience.
Updating is much easier if every version number is moved to an individual property: mvn versions:display-property-updates

How Has This Been Tested? (put an "x" (case-sensitive!) next to an item)

  • No need to
  • Manually (please, describe, if necessary)
  • Unit checks
  • Integration checks
  • Covered by existing automation

Checklist (put an "x" (case-sensitive!) next to all the items, otherwise the build will fail)

  • [x ] I have performed a self-review of my own code
  • [ x] I have commented my code, particularly in hard-to-understand areas
  • [ x] I have made corresponding changes to the documentation (e.g. ENVIRONMENT VARIABLES)
  • [ x] My changes generate no new warnings (e.g. Sonar is happy)
  • [ x] I have added tests that prove my fix is effective or that my feature works
  • [ x] New and existing unit tests pass locally with my changes
  • [ x] Any dependent changes have been merged

Check out Contributing and Code of Conduct

A picture of a cute animal (not mandatory but encouraged)

@reneleonhardt reneleonhardt requested review from a team and Haarolean as code owners September 21, 2023 14:31
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello there reneleonhardt! 👋

Thank you and congrats 🎉 for opening your first PR on this project! ✨ 💖

We will try to review it soon!

@reneleonhardt reneleonhardt requested a review from a team as a code owner October 1, 2023 10:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant