scala-steward icon indicating copy to clipboard operation
scala-steward copied to clipboard

Published 20 hours ago verified publisher icon scala-steward-org

Erroneously updating `http4s-okhttp-client` to non-existent versions

Open adamnfish opened this issue 3 years ago • 0 comments

Since The Great Schism of http4s, Scala Steward has been trying to update http4s-okhttp-client to versions that do not exist. Unfortunately, this is in a private repository but I'll try and include the full details here.

My dependencies are defined in a separate file, and look a bit like the following. Note that http4s-okhttp-client is defined separately with its own version number. lazy val http4sOkHttp = "0.23.11" is only used in one place, as shown:

object Dependencies {
  object Versions {
    lazy val http4s = "0.23.11"

    lazy val http4sOkHttp = "0.23.11"

    lazy val http4sPrometheusMetrics = "0.24.0"
    // ... etc
  }

  object Libs {  
    lazy val http4sDsl                 = "org.http4s"            %% "http4s-dsl"                % Versions.http4s
    lazy val http4sOkHttpClient        = "org.http4s"            %% "http4s-okhttp-client"      % Versions.http4sOkHttp
    lazy val http4sBlazeServer         = "org.http4s"            %% "http4s-blaze-server"       % Versions.http4s
    lazy val http4sCirce               = "org.http4s"            %% "http4s-circe"              % Versions.http4s
    lazy val http4sMetrics             = "org.http4s"            %% "http4s-prometheus-metrics" % Versions.http4sPrometheusMetrics
    // ... etc
  }

  object Module {  
    lazy val `my-module-deps` = Seq(
      http4sDsl,
      http4sOkHttpClient,
      http4sBlazeServer,
      http4sCirce,
      http4sMetrics,
      // ... etc
    )
  }
}

Whenever Scala Steward I get PRs raised with titles like "Upgrade http4s-blaze-server from 0.23.11 to 0.23.12" but with the following diff:

-    lazy val http4s = "0.23.11"
+    lazy val http4s = "0.23.12"

     lazy val http4sPrometheusMetrics = "0.24.0"

-    lazy val http4sOkHttp = "0.23.11"
+    lazy val http4sOkHttp = "0.23.12"

While it's true this does update http4s-blaze-server from 0.23.11 to 0.23.12, it has also updated http4s-okhttp-client to a non-existent version.

Running dependencyUpdates shows all the correct versions, and without any mention of updating the http4s-okhttp-client dependency:

[info] Found 3 dependency updates for my-module
[info]   org.http4s:http4s-blaze-server : 0.23.11 -> 0.23.12
[info]   org.http4s:http4s-circe        : 0.23.11 -> 0.23.13
[info]   org.http4s:http4s-dsl          : 0.23.11 -> 0.23.13

This suggests the problem is either with how Scala Steward is parsing the dependencies, or how it updates the files afterwards.

It isn't the end of the world, I can manually patch the PRs that Scala Steward is raising. This is a bit of a papercut though, and It does also mean that we have to be careful to make sure we aren't automatically merging any of these changes.

Apologies I can't link you to a repository, hopefully this is enough information to be helpful and thank you!

adamnfish avatar Jul 21 '22 11:07 adamnfish