-
Notifications
You must be signed in to change notification settings - Fork 248
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependencies #1724
Update dependencies #1724
Conversation
Worth updating the GitHub Action too, so that you get the checks to ✅ ? |
Hey @NyCodeGHG |
046b34d
to
4689153
Compare
@lucaswiechmann done! |
Hey @NyCodeGHG thanks for that. Also, could you please check and fix the github actions? Follow some details:
|
Hey @NyCodeGHG
Could you explain a little more the motivation to update all of those dependencies to their latest version?
Have you noticed other vulnerabilities other than the ones merged on this another PR ? If so, my suggestion is to update only the dependencies that has vulnerabilities. More context: these changes could affect many people which are already using maestro today, besides that this brings major changes on how we manage our cloud internally, which we would need to test very careful before deciding to go ahead with this PR. |
It's good practice to keep your dependencies up to date, so it's easier to update when a vulnerability gets public.
no
i'm not sure i see the major change? the java version is probably the biggest update but other than that |
Proposed Changes
This PR updates all dependencies to their latest versions.
A few dependencies such as ktor and logback had vulnerabilites before (also see #1720)
It also raises the build and runtime JDK requirements, as the Android Gradle Plugin requires running gradle with Java 17 and targeting Java 11. The Android APK Parser libraries used in maestro now also require at least Java 11 at runtime.
I also cherry-picked eec3de0 as the warning which existed with Gradle 7, is now a hard error in Gradle 8.
Testing
Ran the android advanced flow on an emulator.
Issues Fixed