Pil0tXia opened a new pull request, #4827:
URL: https://github.com/apache/eventmesh/pull/4827
<!--
### Contribution Checklist
- Name the pull request in the form "[ISSUE #XXXX] Title of the pull
request",
where *XXXX* should be replaced by the actual issue number.
Skip *[ISSUE #XXXX]* if there is no associated github issue for this
pull request.
- Fill out the template below to describe the changes contributed by the
pull request.
That will give reviewers the context they need to do the review.
- Each pull request should address only one issue.
Please do not mix up code from multiple issues.
- Each commit in the pull request should have a meaningful commit message.
- Once all items of the checklist are addressed, remove the above text and
this checklist,
leaving only the filled out template below.
(The sections below can be removed for hotfixes of typos)
-->
<!--
(If this PR fixes a GitHub issue, please add `Fixes #<XXX>` or `Closes
#<XXX>`.)
-->
Fixes #4720
### Motivation
The list of artifacts recorded in `known-dependencies.txt` does not help the
maintainer manage dependencies effectively. This list lacks a reference
hierarchy of artifacts, and it's more practical to print the dependency tree
using Gradle.
The purpose of `check-dependencies.sh` is to inspect the licenses of
third-party dependencies, preventing developers from casually introducing
untracked new artifacts. It also requires developers to add the license file of
new artifacts when introducing them to comply with Apache regulations.
The presence of `known-dependencies.txt` blocks Dependabot because it cannot
update this file through CI. If our project does not keep up with new versions
of dependencies for a long time, it will gradually fall behind and be submerged.
Therefore, I believe it is necessary to cancel the version checking of
artifacts of `known-dependencies.txt` in `check-dependencies.sh`.
### Modifications
Only the artifact name is recorded in `known-dependencies.txt`, the version
number is no longer recorded.
### Documentation
- Does this pull request introduce a new feature? (yes)
- If yes, how is the feature documented? (not applicable)
- If a feature is not applicable for documentation, explain why? See CI logs
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
