dependency_validator icon indicating copy to clipboard operation
dependency_validator copied to clipboard

Published 20 hours ago verified publisher icon Workiva

Update analyzer constraint

Open Attempt3035 opened this issue 9 months ago • 1 comments

Motivation

I noticed analyzer was being resolved to a lower version than available, it's causing warnings in the build runner for freezed.

Changes

I opened the depended-on analyzer versions to include the 6.#.# major release, but less than 7.#.# (Not out yet anyway)

Testing/QA Instructions

I have no idea the implications this may have, and have not looked around this code base. From my testing, everything is operating normally as far as I can see, but this would need a maintainer to run some tests to confirm. I checked the changes in the analyzer package version notes, they seem minimal and I'm guessing won't affect anything with this package :)

Attempt3035 avatar Apr 30 '24 10:04 Attempt3035

Security Insights

No security relevant content was detected by automated scans.

Action Items

  • Review PR for security impact; comment "security review required" if needed or unsure
  • Verify aviary.yaml coverage of security relevant code

Questions or Comments? Reach out on Slack: #support-infosec.

aviary2-wf avatar Apr 30 '24 10:04 aviary2-wf

@Attempt3035 Approach seems fine, looking at the changelog for v6 there's nothing that should effect dependency_validator, and we should catch any issues from the existing unit tests within the repo (we run on both dart 2 and 3)

CI failures are unrelated to this change, and were fixed here: https://github.com/Workiva/dependency_validator/pull/120, If you just merge master on this pr, we can re-run CI and get this merged! Thanks for putting the PR up!

matthewnitschke-wk avatar May 30 '24 03:05 matthewnitschke-wk

QA +1

  • [x] CI passes is sufficient

🚀 @Workiva/release-management-p 🚢

matthewnitschke-wk avatar Jun 03 '24 17:06 matthewnitschke-wk