Skip to content

Version 0.8.0 release#138

Merged
barrycaceres merged 3 commits intomainfrom
caceres-update-dependencies-1
Apr 7, 2026
Merged

Version 0.8.0 release#138
barrycaceres merged 3 commits intomainfrom
caceres-update-dependencies-1

Conversation

@barrycaceres
Copy link
Copy Markdown
Contributor

@barrycaceres barrycaceres commented Apr 7, 2026
edited
Loading

  • Bumped project version from 0.7.2 to 0.8.0
  • Updated io.grpc/grpc-bom from 1.79.0 to 1.80.0
  • Updated com.google.protobuf/protobuf-java-util from 4.33.6 to 4.34.1
  • Updated com.google.protobuf/protoc from 4.33.2 to 4.34.1
  • Updated io.netty/netty-bom from 4.2.10.Final to 4.2.12.Final
  • Updated com.senzing/data-mart-replicator from 2.0.0-beta.2.2 to 2.0.0-beta.2.4
  • Updated com.ibm.icu/icu4j from 78.2 to 78.3
  • Updated com.github.spotbugs/spotbugs-maven-plugin from 4.9.8.2 to 4.9.8.3
  • Updated Dockerfile REFRESHED_AT and Version labels for 0.7.3
  • Updated CHANGELOG.md with 0.7.3 entry

@barrycaceres
Version 0.7.3 release
b4402c8 
- Bumped project version from 0.7.2 to 0.7.3
- Updated io.grpc/grpc-bom from 1.79.0 to 1.80.0
- Updated com.google.protobuf/protobuf-java-util from 4.33.6 to 4.34.1
- Updated com.google.protobuf/protoc from 4.33.2 to 4.34.1
- Updated io.netty/netty-bom from 4.2.10.Final to 4.2.12.Final
- Updated com.senzing/data-mart-replicator from 2.0.0-beta.2.2 to 2.0.0-beta.2.4
- Updated com.ibm.icu/icu4j from 78.2 to 78.3
- Updated com.github.spotbugs/spotbugs-maven-plugin from 4.9.8.2 to 4.9.8.3
- Updated Dockerfile REFRESHED_AT and Version labels for 0.7.3
- Updated CHANGELOG.md with 0.7.3 entry
@barrycaceres barrycaceres self-assigned this Apr 7, 2026
@barrycaceres barrycaceres requested a review from a team as a code owner April 7, 2026 19:28
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 7, 2026

🤖 Claude Code Review

PR Code Review: Version 0.7.3 Dependency Updates

This is a routine dependency update and version bump PR. Here is my analysis:

Code Quality

Code style — Only version strings and dependency versions are changed; no source code logic involved.

No commented-out code — No new commented-out code introduced.

Meaningful variable names — N/A for this PR.

DRY principle — N/A for this PR.

Defects / Logic issues — One notable omission:

  • pom.xml line ~94: The minimum version of com.senzing/sz-sdk was bumped from [4.1.0, ...] to [4.3.0, ...]. This is a breaking compatibility change — any consumer running sz-sdk 4.1.x or 4.2.x will no longer satisfy the dependency constraint. This change is not documented in CHANGELOG.md. It should be called out explicitly (e.g., "Bumped minimum required version of com.senzing/sz-sdk from 4.1.0 to 4.3.0").

CLAUDE.md — Project instructions are appropriately general and not environment-specific.

Testing

✅ No new logic introduced; no new tests required. Dependency version bumps rely on CI for compatibility validation.

Documentation

CHANGELOG.md — The sz-sdk minimum version range change ([4.1.0,...][4.3.0,...]) is not listed in the changelog. All other updated dependencies are documented correctly.

Readme / API docs — No updates needed for a dependency bump release.

Markdown formatting — CHANGELOG follows the existing pattern and is consistent with prior entries.

Security

No hardcoded credentials

No license files (.lic) checked in

No sensitive data in logs or diffs

No input validation concerns — dependency-only changes

Summary

Area Status
Code Quality ❌ Minor issue
Testing
Documentation ❌ Missing changelog entry
Security

One action item before merging:

Add an entry to the CHANGELOG.md [0.7.3] section documenting the sz-sdk minimum version bump:

- Bumped minimum required version of `com.senzing/sz-sdk` from 4.1.0 to 4.3.0.

Automated code review analyzing defects and coding standards

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 7, 2026

🤖 Claude Code Review

PR Code Review — Dependency Updates & Version Bump to 0.7.3

This is a routine dependency update and version bump PR. Here is the review against each checklist item.

Code Quality

  • Style guide: Only configuration/documentation files changed — no Java code style concerns.
  • No commented-out code: The #HEALTHCHECK line in Dockerfile:100 pre-dates this PR and is unchanged.
  • Meaningful variable names: N/A for this diff.
  • DRY principle: N/A.
  • ⚠️ Defects / Logic: The minimum sz-sdk version is bumped from 4.1.0 to 4.3.0 (pom.xml:168), skipping 4.2.x entirely. This is a breaking compatibility change for anyone running on 4.1.x or 4.2.x. It appears intentional (the CHANGELOG documents it), but confirm this is the expected minimum supported version.
  • CLAUDE.md: No issues — the project instructions are appropriately general.

Testing

  • ✅ No new functions or endpoints were added; no new tests required.
  • ✅ Dependency version bumps are validated by the existing test suite at CI time.

Documentation

  • CHANGELOG.md: Updated with a proper [0.7.3] - 2026-04-07 entry listing all changed dependencies. Format matches the existing pattern.
  • Dockerfile: Both builder and final stages updated — REFRESHED_AT and Version labels are in sync (0.7.3 / 2026-04-07).
  • pom.xml: All version properties updated and consistent with what is documented in CHANGELOG.
  • Markdown formatting: CHANGELOG additions follow the existing structure. No trailing whitespace or CommonMark violations observed.

Security

  • ✅ No hardcoded credentials.
  • ✅ No input validation changes.
  • ✅ No sensitive data in logs.
  • ✅ No .lic or AQAAAD-prefixed files present.
  • ✅ Dependency upgrades include Netty (4.2.10.Final4.2.12.Final) and gRPC (1.79.01.80.0), which typically include security and stability fixes — a positive change.

Summary

The PR is clean and consistent. One item worth confirming before merge:

⚠️ pom.xml:168 — The sz-sdk minimum version jumps from 4.1.0 to 4.3.0, bypassing 4.2.x. Verify that dropping support for 4.1.x–4.2.x is intentional and that downstream consumers have been notified or are unaffected.

No blockers found. Approved pending confirmation of the sz-sdk minimum version intent.

Automated code review analyzing defects and coding standards

@barrycaceres
Change release version from 0.7.3 to 0.8.0
c93663f 
- Updated project version in pom.xml from 0.7.3 to 0.8.0
- Updated CHANGELOG.md version header and section references from 0.7.3 to 0.8.0
- Updated Dockerfile Version labels from 0.7.3 to 0.8.0
@barrycaceres barrycaceres changed the title Version 0.7.3 release Version 0.8.0 release Apr 7, 2026
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 7, 2026

🤖 Claude Code Review

PR Code Review

This PR updates dependency versions and bumps the project version from 0.7.2 to 0.8.0.

Code Quality

  • Style guide: No source code changes; version bumps and dependency updates only.
  • No commented-out code: No new commented-out code introduced.
  • Meaningful variable names: N/A — no logic changes.
  • DRY principle: N/A — no logic changes.
  • Defects: No logic, race conditions, or security issues introduced. Dependency updates are straightforward.
  • CLAUDE.md: No issues with project memory configuration.

Minor issue: pom.xml:175data-mart-replicator is pinned to an exact beta version (2.0.0-beta.2.4) rather than a version range, which is inconsistent with sz-sdk using a range ([4.3.0,4.9999999.9999999]). This is a pre-existing pattern, not introduced by this PR, so not a blocker.

Testing

  • Unit/integration tests: No new functionality added; dependency version bumps do not require new tests.
  • Edge cases: N/A.
  • Test coverage: N/A — no logic changes.

Documentation

  • README: No API or usage changes; README update not needed.
  • API docs: No API changes.
  • Inline comments: N/A.
  • CHANGELOG.md: Updated with version 0.8.0 entry dated 2026-04-07 listing all dependency updates clearly.
  • Markdown formatting: CHANGELOG entry follows existing format and CommonMark conventions. No extra whitespace issues observed.

Minor note: CHANGELOG.md still references 0.7.2 as the previous version in the diff context, but there is no 0.7.3 entry visible — the git log shows a 0.7.3 release commit (b4402c8) and a version change commit from 0.7.3 to 0.8.0 (c93663f). The CHANGELOG jump from 0.7.2 directly to 0.8.0 may be intentional, but worth confirming that 0.7.3 was either not released publicly or its CHANGELOG entry exists elsewhere in the file (outside the diff window).

Security

  • No hardcoded credentials: None present.
  • Input validation: N/A.
  • Error handling: N/A.
  • No sensitive data in logs: N/A.
  • No license files (.lic) checked in: None present.

Summary

This is a clean dependency bump PR. The one item to confirm:

Action needed: Verify whether a 0.7.3 CHANGELOG entry exists elsewhere in CHANGELOG.md (below the diff window). The git history shows 0.7.3 was released (b4402c8), but it does not appear in this diff.

Automated code review analyzing defects and coding standards

@barrycaceres barrycaceres merged commit 8d88f18 into main Apr 7, 2026
42 of 52 checks passed
@barrycaceres barrycaceres deleted the caceres-update-dependencies-1 branch April 7, 2026 19:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@docktermj docktermj docktermj approved these changes

@arawinters arawinters arawinters approved these changes

@oskar700 oskar700 Awaiting requested review from oskar700

Assignees

@barrycaceres barrycaceres

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@barrycaceres @docktermj @arawinters