Grails - 7.0.0-M5 Upgrade #1143
Conversation
This reverts commit f5e348d.
…match an upstream default grails app
What is broken in M4? |
Our javascript dependencies are horribly out of date. Which means these libraries also have CVEs open against them. |
Yes, I agree that the UI in the UI-Plugin is out of date, but I would not say that it is broken. |
Vulnerabilities are considered bugs, so that's why I had said it was broken. It is functional, just out of date =) |
|
Please see https://ge.grails.org/s/ol67igm3t5v6u - we have some tests failing, but i think they're related to timeouts or waits. Adding |
| } | ||
|
|
||
| grails { | ||
| springDependencyManagement = false |
There was a problem hiding this comment.
We're switching away from the spring dependency management plugin for managing dependencies - it resolves versions differently (based on the spring bom), but we have our own. This is using stock gradle platforms instead.
| private securityConfigGroupPropertyValues | ||
|
|
||
| def passwordEncoder | ||
| PasswordEncoder passwordEncoder |
There was a problem hiding this comment.
minor cosmetic: indentation not correct?
| integrationTestImplementation 'org.spockframework:spock-core' | ||
| testImplementation platform("org.apache.grails:grails-bom:$grailsVersion") | ||
| testImplementation 'org.apache.grails:grails-testing-support-web' | ||
| testImplementation 'org.spockframework:spock-core' |
There was a problem hiding this comment.
minor cosmetic: indentation incorrect?
|
Closing in favor of #1144 |
3 participants
Please note that I opened #1142 since I noticed that the web ui dependencies are not updated. For now, it will be no more broken than it is in M4. The main purpose of this PR is to be able to release support for M5.
I did not separate out the dependencies into compileOnly with this PR because I think we need to discuss strategies here. I have a few ideas on this, but will discuss in the weekly meeting.