claudio4j commented on PR #1191:
URL: https://github.com/apache/camel-k-runtime/pull/1191#issuecomment-2018065676
More context about the changes:
1) in `support/camel-k-maven-plugin/pom.xml` the dependency
`org.apache.camel.quarkus:camel-quarkus-catalog` sets the version to
`${camel-quarkus-version}`, which may eventually be different from the version
driven by quarkus-camel-bom, if there is a patch release from either projects.
For the recently upstream version, this may not be a problem, but once we reach
productization, this could lead to a different `camel-quarkus-catalog` version
from the one defined in the `quarkus-camel-bom`. So, this change aligns the
`camel-quarkus-catalog` version to the `quarkus-camel-bom` for consistency.
2) The removal of the groovy dependencies from the test module, it brings
the `org.apache.groovy:groovy` defined in the `quarkus-camel-bom`, which
camel-quarkus relies on. For upstream this may not be a problem, but for
downstream it may lead to different groovy version in the mrrc repository which
eventually have vulnerable artifacts picked up by CVE reports. So, this is good
to align to the `quarkus-camel-bom`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
