Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update jackson #7146

Merged
merged 3 commits into from Mar 29, 2022
Merged

Update jackson #7146

merged 3 commits into from Mar 29, 2022

Conversation

yawkat
Copy link
Member

@yawkat yawkat commented Mar 25, 2022

No description provided.

@yawkat yawkat requested a review from sdelamo March 25, 2022 06:13
@yawkat
Copy link
Member Author

yawkat commented Mar 25, 2022

@melix can you take a look at how to do this? 2.13.2.1 was only released for the jackson-databind artifact, but the build is failing with missing 2.13.2.1 bom. not sure where that comes from or how to fix it.

@yawkat
Copy link
Member Author

yawkat commented Mar 25, 2022

Apparently we're not the only ones with this problem: FasterXML/jackson-databind#3428

@melix
Copy link
Contributor

melix commented Mar 25, 2022
edited

Right, so it's wrong metadata published on the Jackson side. We can fix it locally via a component metadata rule, but it wouldn't be propagated to our users.

Alternatively, we can add a constraint which would fix this problem but should be removed once a new version of Jackson which fixes the problem is released:

dependencies {
    constraints {
        api('com.fasterxml.jackson:jackson-bom') {
            version {
                strictly '[2.13.2, 2.13.3['
                prefer '2.13.2'
                reject '2.13.2.1'
            }
            because 'Jackson Databind references non existent BOM'
        }
    }
}

@yawkat
Copy link
Member Author

yawkat commented Mar 25, 2022

ok i will wait a few days and if tatu fixes it on jacksons side we can update to 2.13.2.2, else use the workaround

@melix
Copy link
Contributor

melix commented Mar 25, 2022

Note however that if we publish this and that 2.13.2.1 BOM is finally published, then we would never get it, which is probably not acceptable. So maybe wait for an official answer from the Jackson folks.

@yawkat yawkat marked this pull request as draft March 25, 2022 08:33
@yawkat yawkat added this to the 3.4.1 milestone Mar 25, 2022
@sdelamo sdelamo added the status: awaiting third-party Awaiting changes to a third party library label Mar 29, 2022
@melix melix removed the status: awaiting third-party Awaiting changes to a third party library label Mar 29, 2022
@sonarcloud
Copy link

sonarcloud bot commented Mar 29, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@melix
Copy link
Contributor

melix commented Mar 29, 2022

Issue seems to be fixed now.

@yawkat yawkat marked this pull request as ready for review March 29, 2022 10:23
@yawkat
Copy link
Member Author

yawkat commented Mar 29, 2022

@sdelamo please review and merge this before releasing 3.4.1.

@sdelamo sdelamo merged commit 5ee724e into 3.4.x Mar 29, 2022
@sdelamo sdelamo deleted the yawkat-patch-1 branch March 29, 2022 17:09
@sdelamo
Copy link
Collaborator

sdelamo commented Mar 29, 2022

@yawkat thanks for being on top of this.

@timyates timyates mentioned this pull request May 3, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sdelamo sdelamo Awaiting requested review from sdelamo

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
3.4.1
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@yawkat @melix @sdelamo