You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When the TOML file contains dependencies that aren't declared in the build file, but are pulled in as a transitive dependency the version in the TOML file might be downgraded.
The root cause here is that the report.json from the dependency updates plugin will put transitive dependencies as "current" so it seems (e.g. it doesn't check dependency versions of dependencies which makes sense). Because that dependency is then declared in the TOML file it's also not removed, even though it is unused from the perspective of declared dependencies.
When merging the dependency versions with the TOML file the dependency then gets the incorrect "current" version replaced. This would then also impact any existing version groups if that dependency was using a version reference.
I think a situation like this should be treated as "unused" so that it would be removed from the TOML file unless any keep entries prevent that, in which case the original entry should be retained. The trigger could be detecting that a current entry from the incoming report has changed versions vs the TOML file.
The text was updated successfully, but these errors were encountered:
When the TOML file contains dependencies that aren't declared in the build file, but are pulled in as a transitive dependency the version in the TOML file might be downgraded.
The root cause here is that the
report.jsonfrom the dependency updates plugin will put transitive dependencies as "current" so it seems (e.g. it doesn't check dependency versions of dependencies which makes sense). Because that dependency is then declared in the TOML file it's also not removed, even though it is unused from the perspective of declared dependencies.When merging the dependency versions with the TOML file the dependency then gets the incorrect "current" version replaced. This would then also impact any existing version groups if that dependency was using a version reference.
I think a situation like this should be treated as "unused" so that it would be removed from the TOML file unless any keep entries prevent that, in which case the original entry should be retained. The trigger could be detecting that a current entry from the incoming report has changed versions vs the TOML file.
The text was updated successfully, but these errors were encountered: