Updates that help with testing in newer JDKs while still supporting
older ones (which version tends to depend on the specific component;
most have been or can be upgraded to JDK 8 at least). With Java 17
coming out, some developers will make the jump from 11 to 17.
On Sat, Sep 11, 2021 at 11:49 AM John Patrick wrote:
>
> So dependabot, most commons project already have it, so was helping out
> adding it the the rest.
> But the main reason was pro-active DevSecOps. So automatically testing the
> current main branch against the latest releases of dependencies. Save
> developer and contributors manually watching out for new dependencies being
> release, saves having to manually create a commit and manually raise a pr.
> Basically wanting to save those with write privileges time and you can pick
> what and when you merge and know all all potential dependencies are being
> tested.
>
> JUnit, so running against the latest v4.x.
>
> Hamcrest, as junit v4.x depends upon the v1.3 version, it upgrades to the
> v2. So when in 5 or 10 years i'm able to just my java 8 and junit 5 pull
> requests approved they won't break as already using the v2.x hamcrest.
>
> Dot git ignore, if you checkout those project and build them, a few don't
> exclude target so status shows lots. Also I believe discussed on this
> mailing list that ide specific excludes shouldn't be part of the project as
> it's the developer choosing that ide so it should be in their users git
> ignore.
>
> I would like to do some releases to bump everything to at least java 8, and
> then spend my time upgrade unit tests to junit v5 jupiter.
>
> But I might try that next year or the year after, after all we are only 3
> years away from the Java 23 LTS.
>
> John
>
>
> On Wed, 8 Sept 2021 at 23:47, Gilles Sadowski wrote:
>
> > Hello.
> >
> > Le mer. 8 sept. 2021 à 21:10, John Patrick a
> > écrit :
> > >
> > > Hi,
> > >
> > > Could someone look at this pr's, some coming up to a year open.
> >
> > Thanks for the reminder; however ...
> >
> > >
> > > Dependabot, adding the commons standard.
> > > [...]
> > > https://github.com/apache/commons-math/pull/160
> > > https://github.com/apache/commons-numbers/pull/86
> > > [...]
> > > https://github.com/apache/commons-rng/pull/79
> > > https://github.com/apache/commons-statistics/pull/25
> > > [...]
> > >
> >
> > What is the added value for projects' maintainers?
> > [IIUC, this script advertises a new version that, most often than not,
> > provides a solution to a problem that does not exist (for the target
> > project)...]
> >
> > IOW, you (for example) are welcome to watch those update
> > messages and, when a real problem would be solved through an
> > upgrade, a specific PR will be most welcome.
> >
> > Best regards,
> > Gilles
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
> > For additional commands, e-mail: dev-h...@commons.apache.org
> >
> >
-
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
