[WIP/TESTING] mobile/deps: Bump rules_android -> 0.6.0
#37661
Conversation
phlax
requested review from
RyanTheOptimist,
alyssawilk,
abeyad and
fredyw
as code owners
repokitteh-read-only
bot
added
the
deps
|
CC @envoyproxy/dependency-shepherds: Your approval is needed for changes made to |
| urls = ["https://github.com/bazelbuild/rules_android/archive/refs/tags/v0.6.0.zip"], | ||
| sha256 = "691c90615ebf66aa474fdd5e17b92d54f62e5e3627f4eb224e9321cfcf5fe83f", | ||
| strip_prefix = "rules_android-0.6.0", |
There was a problem hiding this comment.
Seeing more /refs/tags/ creeping into the dependency URLs which makes sens as that is what GitHub uses on the page now. The links work without it though and are cleaner. Almost all the links omit the /refs/tags/. Wondering if we should standardardize?
As per dependency standards we should use the maintainer provided binary here
urls = ["https://github.com/bazelbuild/rules_android/releases/download/v0.6.0/rules_android-v0.6.0.tar.gz"],
sha256 = "af84b69ab3d16dd1a41056286e6511f147a94ccea995603e13e934c915c1631c",
strip_prefix = "rules_android-0.6.0",
There was a problem hiding this comment.
yeah - that works in this case so happy to update
in the general case refs/tags is preferable to direct archive downloads - although the latter is the only option where the upstream doesnt maintain regular releases and/or we want/need to pin to a particular commit
non-releasing upstream are a big pita - using hashes is very insecure because you have to actually check the commit is a real commit on the branch you are expecting - you can use those addresses with any commit in a fork branch without creating any pr or ever landing any commits on the target repos branches
phlax
force-pushed
the
deps-bump-rules_android
branch
from
01cf74b to
ad9ffbb
Compare
|
seems this is not compatible with bazel 6 |
phlax
force-pushed
the
deps-bump-rules_android
branch
2 times, most recently
from
df17c1e to
eef5e6d
Compare
|
This pull request has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions! |
github-actions
bot
added
the
stale
Signed-off-by: Ryan Northey <[email protected]>
phlax
force-pushed
the
deps-bump-rules_android
branch
from
eef5e6d to
27d8675
Compare
phlax
removed
the
stale
Signed-off-by: Ryan Northey <[email protected]>
Signed-off-by: Ryan Northey <[email protected]>
phlax
force-pushed
the
deps-bump-rules_android
branch
from
fda2697 to
5705a14
Compare
Signed-off-by: Ryan Northey <[email protected]>
Signed-off-by: Ryan Northey <[email protected]>
Signed-off-by: Ryan Northey <[email protected]>
Signed-off-by: Ryan Northey <[email protected]>
Signed-off-by: Ryan Northey <[email protected]>
|
I'm afraid this won't work because of |
|
ah - good to know - thanks |
|
This pull request has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions! |
github-actions
bot
added
the
stale
|
This pull request has been automatically closed because it has not had activity in the last 37 days. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions! |
No description provided.