Open vanniktech opened 1 year ago
Hi! Just "a search + replace" is not the best option, because the new version the of external dependency may bring some new transitive dependencies and dependencyGuard
task will fail, if these transitive dependencies are not stated in dependencies lock-files.
Better solution is trigger dependencyGuardBaseline
task after the version updated (via CI or in other way) to update dependencies lock-files properly.
Better solution is trigger
dependencyGuardBaseline
task after the version updated (via CI or in other way) to update dependencies lock-files properly.
I've tried this using:
"postUpgradeTasks": {
"commands": ["./gradlew app:dependencyGuardBaseline"],
"fileFilters": ["**/*.toml"],
"executionMode": "update"
}
However running custom scripts can only be done in the self hosted environment.
So I use renovate to keep my dependencies up to date. Like here: https://github.com/vanniktech/TextBuilder/pull/77 material version was updated, but then the task from dependency guard files since obviously that version hasn't been updated properly.
Slightly off-topic but: Do you happen to know if there is way in which we can feed the text files into renovate so that it'll just do a search + replace?
That would solve the problem of regenerating the file manually and pushing, while still catching regressions in case a new version has been introduced.