-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: Upgrading spring to 3.3.3 to resolve vulnerable dependencies #36266
Conversation
WalkthroughThe pull request introduces significant updates across various modules in the Appsmith project. Key modifications include the removal of explicit version specifications for the Changes
Possibly related PRs
Suggested labels
Suggested reviewers
Poem
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
Documentation and Community
|
@@ -89,7 +89,6 @@ | |||
<dependency> | |||
<groupId>org.springframework.boot</groupId> | |||
<artifactId>spring-boot-starter-webflux</artifactId> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Interesting that we're asking for a test dependency here, we should be able to shade this from interfaces directly. Did you get any clues as to why the version was explicitly mentioned here before?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point. I don't remember why we did this.
Failed server tests
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
Review details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Files selected for processing (1)
- app/client/cypress/fixtures/gitImport.json (1 hunks)
Additional context used
Path-based instructions (1)
app/client/cypress/fixtures/gitImport.json (1)
Pattern
app/client/cypress/**/**.*
: Review the following e2e test code written using the Cypress test library. Ensure that:
- Follow best practices for Cypress code and e2e automation.
- Avoid using cy.wait in code.
- Avoid using cy.pause in code.
- Avoid using agHelper.sleep().
- Use locator variables for locators and do not use plain strings.
- Use data-* attributes for selectors.
- Avoid Xpaths, Attributes and CSS path.
- Avoid selectors like .btn.submit or button[type=submit].
- Perform logins via API with LoginFromAPI.
- Perform logout via API with LogOutviaAPI.
- Perform signup via API with SignupFromAPI.
- Avoid using it.only.
- Avoid using after and aftereach in test cases.
- Use multiple assertions for expect statements.
- Avoid using strings for assertions.
- Do not use duplicate filenames even with different paths.
- Avoid using agHelper.Sleep, this.Sleep in any file in code.
/build-deploy-preview skip-tests=true |
Deploying Your Preview: https://github.com/appsmithorg/appsmith/actions/runs/10992132941. |
Deploy-Preview-URL: https://ce-36266.dp.appsmith.com |
...r/appsmith-plugins/mongoPlugin/src/test/java/com/external/plugins/MongoPluginErrorsTest.java
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 1
Outside diff range and nitpick comments (1)
app/server/appsmith-plugins/mongoPlugin/src/test/java/com/external/plugins/MongoPluginStaleConnTest.java (1)
149-149
: Include descriptive messages in exceptions for better clarityIncluding a message when throwing exceptions like
IllegalStateException
andMongoSocketWriteException
can greatly aid in debugging by providing context about the simulated error.You can modify the code as follows:
- subscriber.onError(new IllegalStateException()); + subscriber.onError(new IllegalStateException("Simulating IllegalStateException for stale connection test"));- subscriber.onError(new MongoSocketWriteException("", null, null)); + subscriber.onError(new MongoSocketWriteException("Simulating MongoSocketWriteException for stale connection test", null, null));Also applies to: 183-183
Review details
Configuration used: .coderabbit.yaml
Review profile: CHILL
Files selected for processing (2)
- app/server/appsmith-plugins/mongoPlugin/src/test/java/com/external/plugins/MongoPluginErrorsTest.java (3 hunks)
- app/server/appsmith-plugins/mongoPlugin/src/test/java/com/external/plugins/MongoPluginStaleConnTest.java (4 hunks)
Files skipped from review as they are similar to previous changes (1)
- app/server/appsmith-plugins/mongoPlugin/src/test/java/com/external/plugins/MongoPluginErrorsTest.java
...ppsmith-plugins/mongoPlugin/src/test/java/com/external/plugins/MongoPluginStaleConnTest.java
Show resolved
Hide resolved
Do not merge, waiting on EE checks to pass. SSO is failing. |
This PR has not seen activitiy for a while. It will be closed in 7 days unless further activity is detected. |
Description
This PR updates Spring and it's associated dependencies to resolve vulnerable dependencies as flagged by Dependabot and Docker Scout.
Automation
/ok-to-test tags="@tag.Git"
🔍 Cypress test results
Tip
🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
Workflow run: https://github.com/appsmithorg/appsmith/actions/runs/11011995792
Commit: 725c1a7
Cypress dashboard.
Tags:
@tag.Git
Spec:
Tue, 24 Sep 2024 11:03:23 UTC
Communication
Should the DevRel and Marketing teams inform users about this change?
Summary by CodeRabbit
New Features
3.3.3
, enhancing application performance and stability.data
object, potentially improving data display.Bug Fixes
spring-boot-starter-webflux
across multiple plugins, streamlining dependency management and reducing potential inconsistencies.Chores