Skip to content

releng: update versions to 0.17.0#266

Merged
arfio merged 2 commits into
eclipse-tracecompass-incubator:masterfrom
arfio:releng
Apr 9, 2026
Merged

releng: update versions to 0.17.0#266
arfio merged 2 commits into
eclipse-tracecompass-incubator:masterfrom
arfio:releng

Conversation

@arfio
Copy link
Copy Markdown
Contributor

@arfio arfio commented Apr 9, 2026
edited by coderabbitai Bot
Loading

What it does

releng: update versions to 0.17.0

How to test

Build and check versions

Follow-ups

N/A

Review checklist

  • As an author, I have thoroughly tested my changes and carefully followed the instructions in this template

Summary by CodeRabbit

  • Chores
    • Bumped version from 0.16.0 to 0.17.0 across all project modules, including feature manifests, bundle manifests, and Maven build configurations to maintain consistency across the codebase.

arfio added 2 commits April 9, 2026 10:31
@arfio
skeleton: add raw strings for regex warning
8d427d3 
Signed-off-by: Arnaud Fiorini <fiorini.arnaud@gmail.com>
@arfio
update versions to 0.17.0
a745867 
Signed-off-by: Arnaud Fiorini <fiorini.arnaud@gmail.com>
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Apr 9, 2026
edited
Loading

📝 Walkthrough

Walkthrough

A comprehensive version bump across Eclipse Trace Compass Incubator from 0.14.0-SNAPSHOT (Maven parent) and 0.16.0.qualifier (features/bundles) to 0.17.0-SNAPSHOT and 0.17.0.qualifier respectively. Maven module version declarations removed to rely on parent inheritance. Python build scripts updated to use raw string literals for regex patterns.

Changes

Cohort / File(s) Summary
Feature definitions (analyses/)
analyses/org.eclipse.tracecompass.incubator.analysis/feature.xml, analyses/org.eclipse.tracecompass.incubator.eventfieldcount/feature.xml, analyses/org.eclipse.tracecompass.incubator.executioncomparison/feature.xml, analyses/org.eclipse.tracecompass.incubator.filters/feature.xml, analyses/org.eclipse.tracecompass.incubator.gpu/feature.xml, analyses/org.eclipse.tracecompass.incubator.inandout/feature.xml, analyses/org.eclipse.tracecompass.incubator.kernel/feature.xml, analyses/org.eclipse.tracecompass.incubator.lttng2.ust.extras/feature.xml, analyses/org.eclipse.tracecompass.incubator.rocm/feature.xml, analyses/org.eclipse.tracecompass.incubator.tmf.ui.multiview/feature.xml		 Version attribute updated from 0.16.0.qualifier to 0.17.0.qualifier across all feature definitions.
Feature definitions (tracetypes/)
tracetypes/org.eclipse.tracecompass.incubator.atrace/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.dpdk/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.ftrace/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.gerrit/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.hudson.maven/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.jifa/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.opentracing/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.otf2/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.perf.profiling/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.ros/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.ros2/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.system/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.tracecompass/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.traceevent/feature.xml, tracetypes/org.eclipse.tracecompass.incubator.uftrace/feature.xml		 Version attribute updated from 0.16.0.qualifier to 0.17.0.qualifier across all trace type feature definitions.
Feature definitions (rcp/ & scripting/)
rcp/org.eclipse.tracecompass.incubator.rcp.branding.feature/feature.xml, rcp/org.eclipse.tracecompass.incubator.rcp/feature.xml, scripting/org.eclipse.tracecompass.incubator.scripting.javascript/feature.xml, scripting/org.eclipse.tracecompass.incubator.scripting.python/feature.xml, scripting/org.eclipse.tracecompass.incubator.scripting/feature.xml		 Version attribute updated from 0.16.0.qualifier to 0.17.0.qualifier for RCP and scripting features.
Feature definitions (trace-server/ & vm/)
trace-server/org.eclipse.tracecompass.incubator.trace.server.jersey.rest/feature.xml, vm/org.eclipse.tracecompass.incubator.virtual.machine.analysis/feature.xml		 Version attribute updated from 0.16.0.qualifier to 0.17.0.qualifier.
Root and module pom.xml files
pom.xml, analyses/pom.xml, common/pom.xml, common/org.eclipse.tracecompass.incubator.releng-site/pom.xml, common/org.eclipse.tracecompass.incubator.target/pom.xml, doc/pom.xml, rcp/pom.xml, scripting/pom.xml, trace-server/pom.xml, tracetypes/pom.xml, vm/pom.xml		 Maven parent version updated from 0.14.0-SNAPSHOT to 0.17.0-SNAPSHOT. Root pom.xml also updates target-platform artifact version reference.
Documentation bundle manifests
doc/.../META-INF/MANIFEST.MF (15 files)		 OSGi Bundle-Version updated from 0.16.0.qualifier to 0.17.0.qualifier across all documentation module bundles.
Documentation module pom.xml files
doc/org.eclipse.tracecompass.incubator.atrace.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.eventfieldcount.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.executioncomparison.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.filters.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.ftrace.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.gerrit.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.gpu.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.inandout.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.kernel.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.lttng2.ust.extras.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.opentracing.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.otf2.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.perf.profiling.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.ros.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.ros2.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.scripting.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.system.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.trace.server.doc.dev/pom.xml, doc/org.eclipse.tracecompass.incubator.uftrace.doc.user/pom.xml, doc/org.eclipse.tracecompass.incubator.virtual.machine.analysis.doc.user/pom.xml		 Maven parent version updated from 0.14.0-SNAPSHOT to 0.17.0-SNAPSHOT. Module-level <version>0.16.0-SNAPSHOT</version> declarations removed, relying on parent inheritance.
RCP component files
rcp/org.eclipse.tracecompass.incubator.rcp.branding/META-INF/MANIFEST.MF, rcp/org.eclipse.tracecompass.incubator.rcp.branding/plugin.xml, rcp/org.eclipse.tracecompass.incubator.rcp.branding/pom.xml, rcp/org.eclipse.tracecompass.incubator.rcp.branding.feature/pom.xml, rcp/org.eclipse.tracecompass.incubator.rcp/pom.xml		 Bundle-Version updated to 0.17.0.qualifier. About text in plugin.xml updated to display Version: 0.17.0. Maven parent versions and module version declarations updated consistently.
Product definition files
rcp/org.eclipse.tracecompass.incubator.rcp.product/legacy/tracing.incubator.product, rcp/org.eclipse.tracecompass.incubator.rcp.product/tracing.incubator.product, trace-server/org.eclipse.tracecompass.incubator.trace.server.product/legacy-e4.34/traceserver.product, trace-server/org.eclipse.tracecompass.incubator.trace.server.product/traceserver.product		 Product version attribute and About text version strings updated from 0.16.0 to 0.17.0.
Product and trace-server pom.xml files
rcp/org.eclipse.tracecompass.incubator.rcp.product/pom.xml, trace-server/org.eclipse.tracecompass.incubator.trace.server.product/pom.xml, trace-server/org.eclipse.tracecompass.incubator.tsp.client.core/pom.xml		 Maven parent version updated from 0.14.0-SNAPSHOT to 0.17.0-SNAPSHOT. Module-level version declarations removed where present.
Trace server bundle manifest
trace-server/org.eclipse.tracecompass.incubator.trace.server.jersey.rest.core/META-INF/MANIFEST.MF		 Bundle-Version updated from 0.16.0.qualifier to 0.17.0.qualifier.
Build automation scripts
skeleton/scripts/update_parent_pom_versions.py, skeleton/scripts/update_root_pom_versions.py		 Regex patterns and replacements converted to raw string literals (r"...") for proper escape sequence handling in version substitution logic.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~20 minutes

Suggested reviewers

  • MatthewKhouzam

Poem

🐰 Hops with glee through version lands,
From fourteen to seventeen, the numbers dance!
Bundles, features, POMs aligned,
A rabbit's work—no bugs to find!
The incubator now versioned bright,
All in one hop, done right!

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'releng: update versions to 0.17.0' accurately and concisely summarizes the primary change—a version bump across the project from 0.16.0 to 0.17.0.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai Bot reviewed Apr 9, 2026
View reviewed changes
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@skeleton/scripts/update_parent_pom_versions.py`:
- Line 26: The regex is built by interpolating sys.argv[2] and sys.argv[3]
directly which allows meta-characters like "." to behave as regex tokens; change
the re.sub call to escape CLI inputs using re.escape(sys.argv[2]) and
re.escape(sys.argv[3]) when constructing the pattern and replacement so the
version strings are treated as literals (i.e., replace "<version>" + sys.argv[2]
+ r"-SNAPSHOT</version>(\n\s+</parent>)" with a pattern that uses
re.escape(sys.argv[2]) and build the replacement using the escaped sys.argv[3]
plus "-SNAPSHOT</version>\g<1>" to preserve the captured group).

In `@skeleton/scripts/update_root_pom_versions.py`:
- Around line 30-32: The regex patterns use raw sys.argv[2] (and sys.argv[3] in
the pattern) which contains dots and other regex metacharacters; escape those
values before inserting into the pattern (e.g., old_ver = re.escape(sys.argv[2])
and new_ver = re.escape(sys.argv[3]) or at least escape old_ver for the match)
and then build the re.sub patterns using old_ver in the pattern while using the
unescaped sys.argv[3] (or new_ver unescaped for the replacement text) in the
replacement string; update both re.sub calls that reference
sys.argv[2]/sys.argv[3] (the lines assigning fileContent via re.sub) to use
re.escape(...) when constructing the regex.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2cbd653f-564f-4127-8ad9-181224d2cd23

📥 Commits

Reviewing files that changed from the base of the PR and between acf0796 and a745867.

📒 Files selected for processing (99)
  • analyses/org.eclipse.tracecompass.incubator.analysis/feature.xml
  • analyses/org.eclipse.tracecompass.incubator.eventfieldcount/feature.xml
  • analyses/org.eclipse.tracecompass.incubator.executioncomparison/feature.xml
  • analyses/org.eclipse.tracecompass.incubator.filters/feature.xml
  • analyses/org.eclipse.tracecompass.incubator.gpu/feature.xml
  • analyses/org.eclipse.tracecompass.incubator.inandout/feature.xml
  • analyses/org.eclipse.tracecompass.incubator.kernel/feature.xml
  • analyses/org.eclipse.tracecompass.incubator.lttng2.ust.extras/feature.xml
  • analyses/org.eclipse.tracecompass.incubator.rocm/feature.xml
  • analyses/org.eclipse.tracecompass.incubator.tmf.ui.multiview/feature.xml
  • analyses/pom.xml
  • common/org.eclipse.tracecompass.incubator.releng-site/pom.xml
  • common/org.eclipse.tracecompass.incubator.target/pom.xml
  • common/pom.xml
  • doc/org.eclipse.tracecompass.incubator.atrace.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.atrace.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.eventfieldcount.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.eventfieldcount.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.executioncomparison.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.executioncomparison.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.filters.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.filters.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.ftrace.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.ftrace.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.gerrit.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.gerrit.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.gpu.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.gpu.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.inandout.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.inandout.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.kernel.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.kernel.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.lttng2.ust.extras.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.lttng2.ust.extras.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.opentracing.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.opentracing.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.otf2.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.otf2.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.perf.profiling.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.perf.profiling.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.ros.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.ros.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.ros2.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.ros2.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.scripting.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.scripting.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.system.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.system.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.trace.server.doc.dev/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.trace.server.doc.dev/pom.xml
  • doc/org.eclipse.tracecompass.incubator.uftrace.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.uftrace.doc.user/pom.xml
  • doc/org.eclipse.tracecompass.incubator.virtual.machine.analysis.doc.user/META-INF/MANIFEST.MF
  • doc/org.eclipse.tracecompass.incubator.virtual.machine.analysis.doc.user/pom.xml
  • doc/pom.xml
  • pom.xml
  • rcp/org.eclipse.tracecompass.incubator.rcp.branding.feature/feature.xml
  • rcp/org.eclipse.tracecompass.incubator.rcp.branding.feature/pom.xml
  • rcp/org.eclipse.tracecompass.incubator.rcp.branding/META-INF/MANIFEST.MF
  • rcp/org.eclipse.tracecompass.incubator.rcp.branding/plugin.xml
  • rcp/org.eclipse.tracecompass.incubator.rcp.branding/pom.xml
  • rcp/org.eclipse.tracecompass.incubator.rcp.product/legacy/tracing.incubator.product
  • rcp/org.eclipse.tracecompass.incubator.rcp.product/pom.xml
  • rcp/org.eclipse.tracecompass.incubator.rcp.product/tracing.incubator.product
  • rcp/org.eclipse.tracecompass.incubator.rcp/feature.xml
  • rcp/org.eclipse.tracecompass.incubator.rcp/pom.xml
  • rcp/pom.xml
  • scripting/org.eclipse.tracecompass.incubator.scripting.javascript/feature.xml
  • scripting/org.eclipse.tracecompass.incubator.scripting.python/feature.xml
  • scripting/org.eclipse.tracecompass.incubator.scripting.ui.tests/pom.xml
  • scripting/org.eclipse.tracecompass.incubator.scripting/feature.xml
  • scripting/pom.xml
  • skeleton/scripts/update_parent_pom_versions.py
  • skeleton/scripts/update_root_pom_versions.py
  • trace-server/org.eclipse.tracecompass.incubator.trace.server.jersey.rest.core/META-INF/MANIFEST.MF
  • trace-server/org.eclipse.tracecompass.incubator.trace.server.jersey.rest/feature.xml
  • trace-server/org.eclipse.tracecompass.incubator.trace.server.product/legacy-e4.34/traceserver.product
  • trace-server/org.eclipse.tracecompass.incubator.trace.server.product/pom.xml
  • trace-server/org.eclipse.tracecompass.incubator.trace.server.product/traceserver.product
  • trace-server/org.eclipse.tracecompass.incubator.tsp.client.core/pom.xml
  • trace-server/pom.xml
  • tracetypes/org.eclipse.tracecompass.incubator.atrace/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.dpdk/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.ftrace/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.gerrit/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.hudson.maven/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.jifa/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.opentracing/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.otf2/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.perf.profiling/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.ros/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.ros2/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.system/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.tracecompass/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.traceevent/feature.xml
  • tracetypes/org.eclipse.tracecompass.incubator.uftrace/feature.xml
  • tracetypes/pom.xml
  • vm/org.eclipse.tracecompass.incubator.virtual.machine.analysis/feature.xml
  • vm/pom.xml

Comment thread skeleton/scripts/update_parent_pom_versions.py
sys.exit('Usage: python update_parent_pom_versions.py [file] [old version] [new version]')
fileContent = open(sys.argv[1]).read()
fileContent = re.sub("<version>" + sys.argv[2] + "-SNAPSHOT</version>(\n\s+</parent>)", "<version>" + sys.argv[3] + "-SNAPSHOT</version>\g<1>", fileContent)
fileContent = re.sub("<version>" + sys.argv[2] + r"-SNAPSHOT</version>(\n\s+</parent>)", "<version>" + sys.argv[3] + r"-SNAPSHOT</version>\g<1>", fileContent)
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
python - <<'PY'
import re
old = "0.14.0"
pattern_unescaped = "<version>" + old + r"-SNAPSHOT</version>(\n\s+</parent>)"
pattern_escaped = rf"<version>{re.escape(old)}-SNAPSHOT</version>(\n\s+</parent>)"

text_good = "<version>0.14.0-SNAPSHOT</version>\n  </parent>"
text_bad  = "<version>0x14y0-SNAPSHOT</version>\n  </parent>"

print("unescaped matches good:", bool(re.search(pattern_unescaped, text_good)))
print("unescaped matches bad :", bool(re.search(pattern_unescaped, text_bad)))
print("escaped matches bad   :", bool(re.search(pattern_escaped, text_bad)))
PY

Repository: eclipse-tracecompass-incubator/org.eclipse.tracecompass.incubator

Length of output: 196

🏁 Script executed:

fd -type f -name "update_parent_pom_versions.py"

Repository: eclipse-tracecompass-incubator/org.eclipse.tracecompass.incubator

Length of output: 279

🏁 Script executed:

fd --type f -name "update_parent_pom_versions.py"

Repository: eclipse-tracecompass-incubator/org.eclipse.tracecompass.incubator

Length of output: 339

🏁 Script executed:

find . -name "update_parent_pom_versions.py"

Repository: eclipse-tracecompass-incubator/org.eclipse.tracecompass.incubator

Length of output: 157

🏁 Script executed:

cat -n ./skeleton/scripts/update_parent_pom_versions.py | head -40

Repository: eclipse-tracecompass-incubator/org.eclipse.tracecompass.incubator

Length of output: 1433

🏁 Script executed:

wc -l ./skeleton/scripts/update_parent_pom_versions.py

Repository: eclipse-tracecompass-incubator/org.eclipse.tracecompass.incubator

Length of output: 160

Escape CLI version input before using it in a regex pattern.

Line 26 interpolates sys.argv[2] directly into the regex pattern. Since versions contain ., the pattern can match unintended values and perform incorrect replacements (e.g., a version "0.14.0" pattern would incorrectly match "0x14y0").

Proposed fix 
-fileContent = re.sub("<version>" + sys.argv[2] + r"-SNAPSHOT</version>(\n\s+</parent>)", "<version>" + sys.argv[3] + r"-SNAPSHOT</version>\g<1>", fileContent)
+pattern = rf"<version>{re.escape(sys.argv[2])}-SNAPSHOT</version>(\n\s+</parent>)"
+replacement = rf"<version>{sys.argv[3]}-SNAPSHOT</version>\g<1>"
+fileContent = re.sub(pattern, replacement, fileContent)
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
fileContent = re.sub("<version>" + sys.argv[2] + r"-SNAPSHOT</version>(\n\s+</parent>)", "<version>" + sys.argv[3] + r"-SNAPSHOT</version>\g<1>", fileContent)
pattern = rf"<version>{re.escape(sys.argv[2])}-SNAPSHOT</version>(\n\s+</parent>)"
replacement = rf"<version>{sys.argv[3]}-SNAPSHOT</version>\g<1>"
fileContent = re.sub(pattern, replacement, fileContent)
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@skeleton/scripts/update_parent_pom_versions.py` at line 26, The regex is
built by interpolating sys.argv[2] and sys.argv[3] directly which allows
meta-characters like "." to behave as regex tokens; change the re.sub call to
escape CLI inputs using re.escape(sys.argv[2]) and re.escape(sys.argv[3]) when
constructing the pattern and replacement so the version strings are treated as
literals (i.e., replace "<version>" + sys.argv[2] +
r"-SNAPSHOT</version>(\n\s+</parent>)" with a pattern that uses
re.escape(sys.argv[2]) and build the replacement using the escaped sys.argv[3]
plus "-SNAPSHOT</version>\g<1>" to preserve the captured group).

Comment thread skeleton/scripts/update_root_pom_versions.py
Comment on lines +30 to +32
fileContent = re.sub(r"(<artifactId>org.eclipse.tracecompass.*</artifactId>\n\s+)<version>" + sys.argv[2] + "-SNAPSHOT</version>", r"\g<1><version>" + sys.argv[3] + "-SNAPSHOT</version>", fileContent)
# Also the target platform version being used
fileContent = re.sub("<version>" + sys.argv[2] + "-SNAPSHOT</version>(\n\s+</artifact>)", "<version>" + sys.argv[3] + "-SNAPSHOT</version>\g<1>", fileContent)
fileContent = re.sub("<version>" + sys.argv[2] + r"-SNAPSHOT</version>(\n\s+</artifact>)", "<version>" + sys.argv[3] + r"-SNAPSHOT</version>\g<1>", fileContent)
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Apr 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Confirm where sys.argv[2] is directly embedded in re.sub patterns
rg -n -C2 're\.sub\(|sys\.argv\[2\]|re\.escape' skeleton/scripts/update_root_pom_versions.py

Repository: eclipse-tracecompass-incubator/org.eclipse.tracecompass.incubator

Length of output: 708

Escape sys.argv[2] before injecting into regex patterns.

Lines 30 and 32 directly concatenate the old version into regex patterns without escaping. Version strings contain . which are unescaped regex metacharacters, causing over-matching. For example, version "0.16.0" would match "0X16X0" where X is any character, leading to unintended replacements.

🔧 Proposed fix 
 fileContent = open(sys.argv[1]).read()
-fileContent = re.sub(r"(<artifactId>org.eclipse.tracecompass.*</artifactId>\n\s+)<version>" + sys.argv[2] + "-SNAPSHOT</version>", r"\g<1><version>" + sys.argv[3] + "-SNAPSHOT</version>", fileContent)
+old_version = re.escape(sys.argv[2])
+new_version = sys.argv[3]
+fileContent = re.sub(
+    rf"(<artifactId>org\.eclipse\.tracecompass.*</artifactId>\n\s+)<version>{old_version}-SNAPSHOT</version>",
+    rf"\g<1><version>{new_version}-SNAPSHOT</version>",
+    fileContent,
+)
 # Also the target platform version being used
-fileContent = re.sub("<version>" + sys.argv[2] + r"-SNAPSHOT</version>(\n\s+</artifact>)", "<version>" + sys.argv[3] + r"-SNAPSHOT</version>\g<1>", fileContent)
+fileContent = re.sub(
+    rf"<version>{old_version}-SNAPSHOT</version>(\n\s+</artifact>)",
+    rf"<version>{new_version}-SNAPSHOT</version>\g<1>",
+    fileContent,
+)
 open(sys.argv[1], "w").write(fileContent)
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
fileContent = re.sub(r"(<artifactId>org.eclipse.tracecompass.*</artifactId>\n\s+)<version>" + sys.argv[2] + "-SNAPSHOT</version>", r"\g<1><version>" + sys.argv[3] + "-SNAPSHOT</version>", fileContent)
# Also the target platform version being used
fileContent = re.sub("<version>" + sys.argv[2] + "-SNAPSHOT</version>(\n\s+</artifact>)", "<version>" + sys.argv[3] + "-SNAPSHOT</version>\g<1>", fileContent)
fileContent = re.sub("<version>" + sys.argv[2] + r"-SNAPSHOT</version>(\n\s+</artifact>)", "<version>" + sys.argv[3] + r"-SNAPSHOT</version>\g<1>", fileContent)
old_version = re.escape(sys.argv[2])
new_version = sys.argv[3]
fileContent = re.sub(
rf"(<artifactId>org\.eclipse\.tracecompass.*</artifactId>\n\s+)<version>{old_version}-SNAPSHOT</version>",
rf"\g<1><version>{new_version}-SNAPSHOT</version>",
fileContent,
)
# Also the target platform version being used
fileContent = re.sub(
rf"<version>{old_version}-SNAPSHOT</version>(\n\s+</artifact>)",
rf"<version>{new_version}-SNAPSHOT</version>\g<1>",
fileContent,
)
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@skeleton/scripts/update_root_pom_versions.py` around lines 30 - 32, The regex
patterns use raw sys.argv[2] (and sys.argv[3] in the pattern) which contains
dots and other regex metacharacters; escape those values before inserting into
the pattern (e.g., old_ver = re.escape(sys.argv[2]) and new_ver =
re.escape(sys.argv[3]) or at least escape old_ver for the match) and then build
the re.sub patterns using old_ver in the pattern while using the unescaped
sys.argv[3] (or new_ver unescaped for the replacement text) in the replacement
string; update both re.sub calls that reference sys.argv[2]/sys.argv[3] (the
lines assigning fileContent via re.sub) to use re.escape(...) when constructing
the regex.

MatthewKhouzam
MatthewKhouzam approved these changes Apr 9, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@MatthewKhouzam MatthewKhouzam left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good drive by too!

@arfio arfio merged commit de7e96d into eclipse-tracecompass-incubator:master Apr 9, 2026
3 checks passed
@arfio arfio deleted the releng branch April 10, 2026 15:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@MatthewKhouzam MatthewKhouzam MatthewKhouzam approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@arfio @MatthewKhouzam