We do not need to release for project-used dependencies. #1193
Comments
|
I didn't see where we make these automatic releases, but it's too bothering to update some revision updates, there is nothing changed between them like: diffuse diff --jar spotbugs-gradle-plugin-6.0.16.jar spotbugs-gradle-plugin-6.0.17.jar
OLD: spotbugs-gradle-plugin-6.0.16.jar
NEW: spotbugs-gradle-plugin-6.0.17.jar
JAR │ old │ new │ diff
───────┼───────────┼───────────┼──────
class │ 171.2 KiB │ 171.2 KiB │ 0 B
other │ 260 B │ 260 B │ 0 B
───────┼───────────┼───────────┼──────
total │ 171.5 KiB │ 171.5 KiB │ 0 B
CLASSES │ old │ new │ diff
─────────┼─────┼─────┼───────────
classes │ 44 │ 44 │ 0 (+0 -0)
methods │ 592 │ 592 │ 0 (+0 -0)
fields │ 81 │ 81 │ 0 (+0 -0) |
|
CC @KengoTODA |
|
Our release note does not include changes like dependency updates, so what is the core of the problem? I want to understand why we care the post in such dev-deps update PRs. https://github.com/spotbugs/spotbugs-gradle-plugin/releases/tag/6.0.17 |
|
As I described, some deps used by this project are just used for infra or building, they are not transitive deps that affect user sides, so we have no need to release them, it's so frequent. And you can see the diff result above, nothing changed between these two versions. |
|
Ah, I understand. Thanks for your explanation! In my understanding, this release is necessary to support Android Plugin v8.5.0. In this case, we luckily had no changes, but in some cases, we needed to change our code. #946 needed to change Java version and #552 needed to change dependency (not sure why #552 was handled as So for me, it is understandable that Dependabot used If possible, I want to close this issue without any change, to keep the release procedure simple. How do you think? 🤔 |
Originally posted by @Goooler in #1192 (comment)
The text was updated successfully, but these errors were encountered: