[Feature]: Provide a BOM module for managing dependencies (#4966)#4987
Conversation
|
@kuntal1461 we really appreciate your work and commitment! |
kuntal1461
force-pushed
the
feature/bom-module-4966
branch
from
9788674 to
0069c2d
Compare
|
Hi @daniel-kmiecik Please check once . and please let know anything I need to updated |
|
Hi @daniel-kmiecik |
|
align all versions, include |
ewaostrowska
force-pushed
the
feature/bom-module-4966
branch
2 times, most recently
from
cf8b83e to
fc3a787
Compare
|
Hi @kuntal1461, thank you for your input in the topic! I introduced few changes here as I feel like this PR did not cover the whole issue:
|
ewaostrowska
force-pushed
the
feature/bom-module-4966
branch
4 times, most recently
from
c94cd7e to
bf3a6b5
Compare
There was a problem hiding this comment.
Pull request overview
Adds a Maven Bill of Materials (BOM) for Swagger Core artifacts and introduces CI/release automation to keep the BOM version aligned with the root project version.
Changes:
- Added
swagger-bommodule that manages versions for the javax + Jakartaio.swagger.core.v3runtime artifacts. - Added a reactor “integration test” module that imports the BOM and resolves managed artifacts to catch drift/regressions.
- Updated CI workflows and release scripts to enforce/maintain version lock-step for the BOM.
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| README.md | Documents BOM usage for Maven/Gradle consumers. |
| pom.xml | Registers the new BOM and BOM integration test modules in the reactor. |
| modules/swagger-bom/pom.xml | New standalone BOM POM with dependencyManagement and release publishing config. |
| modules/swagger-bom-integration-test/pom.xml | New module that imports the BOM and resolves managed deps as a regression check. |
| CI/prepare-release.sh | Ensures BOM version is set during release preparation. |
| CI/post-release.sh | Ensures BOM version is advanced after a release. |
| .github/workflows/maven.yml | Adds a CI drift-guard verifying BOM version matches the root version. |
| .github/workflows/maven-pulls.yml | Adds the same BOM/root version drift-guard for PR builds. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
ewaostrowska
force-pushed
the
feature/bom-module-4966
branch
from
bf3a6b5 to
d21fc00
Compare
ewaostrowska
force-pushed
the
feature/bom-module-4966
branch
from
d21fc00 to
4c82d4b
Compare
Fixes: #4966
modules/swagger-bom/pom.xml(new) — Standalone BOM POM (not parented by the reactor) that lists allio.swagger.core.v3runtime artifacts for both thejavaxand Jakarta families under<dependencyManagement>, pinned to${project.version}. Includes areleaseprofile with GPG signing and Sonatype Central publishing.modules/swagger-bom-integration-test/pom.xml(new) — Reactor module that importsswagger-bomand declares every managed artifact without explicit versions. Themaven-dependency-plugin:resolvegoal runs atvalidatephase and fails the build if any artifact cannot be resolved, giving an automated regression test for the BOM.pom.xml— Registers both new modules in the reactor<modules>list..github/workflows/maven.yml/maven-pulls.yml— Added a pre-build step that extracts the root reactor version and the BOM version and fails CI if they differ (drift-guard).CI/prepare-release.sh/post-release.sh— Addedmvn versions:setcalls formodules/swagger-bomso the BOM version is bumped in lock-step with the rest of the project during releases.README.md— New "Maven BOM" section with Maven<dependencyManagement>and Gradleplatform()usage snippets, and an explanation of why build plugins are intentionally excluded from the BOM.