zec
/
secant-android-wallet
mirror of https://github.com/zcash/secant-android-wallet.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
secant-android-wallet/.github/ISSUE_TEMPLATE/dependency.md

956 B
Raw Blame History

name about title labels assignees
Dependency update Update existing dependency to a new version. dependencies

For a Gradle dependency:

  1. Update the dependency version in the root gradle.properties
  2. Update the dependency locks
    1. For Gradle plugins: ./gradlew dependencies --write-locks
    2. For Gradle dependencies: ./gradlew resolveAll --write-locks
  3. Verify no unexpected entries appear in the lockfiles. A supply chain attack could occur during this stage. The lockfile narrows the supply chain attack window to this very moment (as opposed to every time a build occurs)
  4. Are there any new APIs or possible migrations for this dependency?

For Gradle itself:

  1. Run ./gradle wrapper --gradle-version $X
  2. Add distributionSha256Sum= in gradle/wrapper/gradle-wrapper.properties, referencing Gradle Release Checksums
  3. Are there any new APIs or possible migrations?