Skip to content

build: update forced dependencies#237

Merged
magisk317 merged 1 commit into
betafrom
chore/dependency-force-update
May 8, 2026
Merged

build: update forced dependencies#237
magisk317 merged 1 commit into
betafrom
chore/dependency-force-update

Conversation

@magisk317
Copy link
Copy Markdown
Owner

@magisk317 magisk317 commented May 8, 2026
edited by sourcery-ai Bot
Loading

Automated dependency force maintenance:

  • Removed force rules when natural resolution already matches forced versions.
  • Added or updated force rules for dependencies with open security alerts (Dependabot).
  • Refreshed committed Gradle dependency lockfiles after dependency graph changes.

Summary by Sourcery

更新 Gradle 依赖强制规则,并刷新锁定文件以与更新后的依赖关系图保持一致。

构建:

  • 在共享的依赖约束配置中,为 io.netty:netty-handler-proxy 添加强制版本。
  • 为 app、core 和 runtime 模块重新生成 Gradle 锁定文件,以反映更新后的依赖解析结果。
Original summary in English

Summary by Sourcery

Update Gradle dependency forcing and refresh lockfiles to align with the updated dependency graph.

Build:

  • Add a forced version for io.netty:netty-handler-proxy in the shared dependency constraint configuration.
  • Regenerate Gradle lockfiles for app, core, and runtime modules to reflect the updated dependency resolutions.

@magisk317 magisk317 added dependencies Pull requests that update a dependency file java Pull requests that update java code labels May 8, 2026
@magisk317 magisk317 merged commit 1c317ac into beta May 8, 2026
4 of 5 checks passed
@magisk317 magisk317 deleted the chore/dependency-force-update branch May 8, 2026 05:24
@sourcery-ai
Copy link
Copy Markdown

sourcery-ai Bot commented May 8, 2026
edited
Loading

审阅者指南(在小型 PR 上折叠显示)

审阅者指南

通过添加新的 Netty handler proxy 强制规则来更新 Gradle 的强制依赖版本,并刷新 Gradle 锁定文件以与更新后的依赖图保持一致。

启用更新强制规则后,Gradle 依赖解析流程图

flowchart TD
    A[Start build] --> B[Read build.gradle.kts dependency constraints]
    B --> C[Apply force rules<br>- io.netty:netty-codec-http2:4.1.133.Final<br>- io.netty:netty-common:4.1.118.Final<br>- io.netty:netty-handler:4.1.118.Final<br>- io.netty:netty-handler-proxy:4.1.133.Final]
    C --> D[Resolve dependency graph for each module]
    D --> E[Compare resolved versions with existing gradle.lockfile]
    E -->|Changes detected| F[Regenerate app/core/runtime gradle.lockfile]
    E -->|No changes| G[Reuse existing lockfiles]
    F --> H[Lock updated dependency graph]
    G --> H
    H --> I[Complete build]
Loading

文件级变更

变更 详情 文件
通过为 netty-handler-proxy 添加显式强制规则来对齐 Netty 的强制依赖。
  • 扩展 buildscript 的 dependencyResolutionManagement 强制配置以包含 io.netty:netty-handler-proxy:4.1.133.Final。
  • 在子项目的依赖解析配置中镜像新的 netty-handler-proxy 强制规则。
 build.gradle.kts
重新生成 Gradle 依赖锁定文件以反映更新后的依赖图。
  • 更新 app 模块锁定文件,以在应用新强制规则后捕获解析出的版本。
  • 更新 core 模块锁定文件,以与当前的依赖解析结果保持一致。
  • 更新 runtime 模块锁定文件,以与当前的依赖解析结果保持一致。
 app/gradle.lockfile
core/gradle.lockfile
runtime/gradle.lockfile
技巧与命令

与 Sourcery 交互

  • 触发新的审阅: 在 pull request 中评论 @sourcery-ai review
  • 继续讨论: 直接回复 Sourcery 的审阅评论。
  • 从审阅评论生成 GitHub issue: 通过回复某条审阅评论,请求 Sourcery 从该评论创建一个 issue。你也可以直接回复该评论 @sourcery-ai issue 来从中创建一个 issue。
  • 生成 pull request 标题: 在 pull request 标题的任意位置写入 @sourcery-ai,即可随时生成标题。你也可以在 pull request 中评论 @sourcery-ai title 来(重新)生成标题。
  • 生成 pull request 摘要: 在 pull request 正文任意位置写入 @sourcery-ai summary,即可在你想要的位置生成 PR 摘要。你也可以在 pull request 中评论 @sourcery-ai summary 来(重新)生成摘要。
  • 生成审阅者指南: 在 pull request 中评论 @sourcery-ai guide,即可在任意时间(重新)生成审阅者指南。
  • 解决所有 Sourcery 评论: 在 pull request 中评论 @sourcery-ai resolve,即可将所有 Sourcery 评论标记为已解决。如果你已经处理完所有评论且不想再看到它们,这会很有用。
  • 撤销所有 Sourcery 审阅: 在 pull request 中评论 @sourcery-ai dismiss,即可撤销所有现有的 Sourcery 审阅。特别适用于你想在一次全新的审阅中重新开始——别忘了再评论 @sourcery-ai review 来触发新的审阅!

自定义你的体验

访问你的 控制面板 来:

  • 启用或禁用审阅特性,例如 Sourcery 生成的 pull request 摘要、审阅者指南等。
  • 更改审阅语言。
  • 添加、删除或编辑自定义审阅指令。
  • 调整其他审阅设置。

获取帮助

Original review guide in English
Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Updates Gradle forced dependency versions by adding a new Netty handler proxy force rule and refreshes Gradle lockfiles to align with the updated dependency graph.

Flow diagram for Gradle dependency resolution with updated force rule

flowchart TD
    A[Start build] --> B[Read build.gradle.kts dependency constraints]
    B --> C[Apply force rules<br>- io.netty:netty-codec-http2:4.1.133.Final<br>- io.netty:netty-common:4.1.118.Final<br>- io.netty:netty-handler:4.1.118.Final<br>- io.netty:netty-handler-proxy:4.1.133.Final]
    C --> D[Resolve dependency graph for each module]
    D --> E[Compare resolved versions with existing gradle.lockfile]
    E -->|Changes detected| F[Regenerate app/core/runtime gradle.lockfile]
    E -->|No changes| G[Reuse existing lockfiles]
    F --> H[Lock updated dependency graph]
    G --> H
    H --> I[Complete build]
Loading

File-Level Changes

Change Details Files
Align Netty forced dependencies by adding an explicit force rule for netty-handler-proxy.
  • Extend the buildscript dependencyResolutionManagement forces to include io.netty:netty-handler-proxy:4.1.133.Final.
  • Mirror the new netty-handler-proxy force rule in the subprojects dependency resolution configuration.
 build.gradle.kts
Regenerate Gradle dependency lockfiles to reflect the updated dependency graph.
  • Update the app module lockfile to capture resolved versions after the new force rule.
  • Update the core module lockfile to align with current dependency resolution.
  • Update the runtime module lockfile to align with current dependency resolution.
 app/gradle.lockfile
core/gradle.lockfile
runtime/gradle.lockfile
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

sourcery-ai[bot]
sourcery-ai Bot reviewed May 8, 2026
View reviewed changes
Copy link
Copy Markdown

@sourcery-ai sourcery-ai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey - 我在这里给出了一些总体反馈:

  • 现在 Netty 版本出现了混用(例如 netty-handler 为 4.1.118.Final,而 netty-handler-proxy 和 netty-codec-http2 为 4.1.133.Final),这可能导致一些微妙的运行时问题;建议在可行的情况下,将所有 Netty 模块统一到同一个版本。
  • 被强制的依赖列表在根 buildscript 和 subprojects 块中都出现了一份副本;建议将这些共享的约束提取到一个公共的配置或函数中,以避免未来更新时出现不一致。
给 AI Agent 的提示 
Please address the comments from this code review:

## Overall Comments
- 现在 Netty 版本出现了混用(例如 netty-handler 为 4.1.118.Final,而 netty-handler-proxy 和 netty-codec-http2 为 4.1.133.Final),这可能导致一些微妙的运行时问题;建议在可行的情况下,将所有 Netty 模块统一到同一个版本。
- 被强制的依赖列表在根 buildscript 和 subprojects 块中都出现了一份副本;建议将这些共享的约束提取到一个公共的配置或函数中,以避免未来更新时出现不一致。
Sourcery 对开源项目是免费的——如果你觉得我们的 Review 有帮助,欢迎分享 ✨
帮我变得更有用!请在每条评论上点 👍 或 👎,我会根据你的反馈改进后续的 Review。
Original comment in English

Hey - I've left some high level feedback:

  • Netty versions are now mixed (e.g., netty-handler 4.1.118.Final vs netty-handler-proxy and netty-codec-http2 at 4.1.133.Final), which can cause subtle runtime issues; consider aligning all Netty modules to a single version where feasible.
  • The forced dependency list is duplicated in both the root buildscript and subprojects blocks; consider extracting the shared constraints into a common configuration or function to avoid divergence in future updates.
Prompt for AI Agents 
Please address the comments from this code review:

## Overall Comments
- Netty versions are now mixed (e.g., netty-handler 4.1.118.Final vs netty-handler-proxy and netty-codec-http2 at 4.1.133.Final), which can cause subtle runtime issues; consider aligning all Netty modules to a single version where feasible.
- The forced dependency list is duplicated in both the root buildscript and subprojects blocks; consider extracting the shared constraints into a common configuration or function to avoid divergence in future updates.
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@magisk317