Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork1.4k
build(deps)!: bump io.github.jeremylong:open-vulnerability-clients from 7.3.2 to 8.0.0#7630
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
base:main
Are you sure you want to change the base?
Uh oh!
There was an error while loading.Please reload this page.
Conversation
Bumps [io.github.jeremylong:open-vulnerability-clients](https://github.com/jeremylong/vuln-tools) from 7.3.2 to 8.0.0.- [Release notes](https://github.com/jeremylong/vuln-tools/releases)- [Commits](https://github.com/jeremylong/vuln-tools/commits/v8.0.0)---updated-dependencies:- dependency-name: io.github.jeremylong:open-vulnerability-clients dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major...Signed-off-by: dependabot[bot] <support@github.com>
…ulnerability-clients-8.0.0
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
LGTM
@nhumblot Think this could be merged too? Or is there a reason to not include it in a minor release of ODC? |
I felt this was a breaking change - so I was going to include it in the next major release. At least we should wait for the next minor release as opposed to the pending point release. |
While for the library it was a breaking release (split between CLI and the library code as separately released projects), I think for ODC it would not be a non-breaking change. AFAICT We're only adapting our internals and introducing two configuration properties (not exposed to the plugin configs) - one might consider the added properties a new feature for people using properties-file configurstion, so I can see how you may want to skip the revision level and wait for a feature release, though I would say for a proper feature it should be extended with extending the configurability in the gradle- and maven plugin configuration settings. |
Uh oh!
There was an error while loading.Please reload this page.
Bumpsio.github.jeremylong:open-vulnerability-clients from 7.3.2 to 8.0.0.
Release notes
Sourced fromio.github.jeremylong:open-vulnerability-clients's releases.
Commits
You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)