Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump rest-assured.version from 5.3.0 to 5.3.2 #36080

Merged
merged 3 commits into from
Oct 17, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 21, 2023

Bumps rest-assured.version from 5.3.0 to 5.3.2.
Updates io.rest-assured:rest-assured from 5.3.0 to 5.3.2

Changelog

Sourced from io.rest-assured:rest-assured's changelog.

Changelog 5.3.2 (2023-09-08)

  • Add onFailMessage into validatable response (#1724). This means that you can use onFailMessage after then like: when().get("/somewhere").then().onFailMessage("My fail message").statusCode(200); (thanks to Ilya Koshaleu for pull request)
  • Added support for path parameters methods in RestAssuredMockMvc (#1723) (thanks to Jefersom Martins for pull request)
  • Make header blacklisting case-insensitive (#1722) (thanks to Bekh-Ivanov Aleksey for pull request)
  • Blacklisted headers added to LogConfig are now case-insensitive by default
  • Fixed so that testing multipart data request along with passing path parameters doesn't fail anymore in RestAssuredMockMvc (#1673) (thanks to Andrey Demin for pull request)
  • Improved compatibility issues with newer version of Spring Security
  • Upgraded kotlin from 1.8.22 to 1.9.10
  • Upgraded scala to 2.12.18

Changelog 5.3.1 (2023-06-16)

  • Upgraded Guava library to 32.0.1-jre
  • Fixed "Unexpected logic in PathSupport.getPath" (issue 1682) (thanks to fucct for pull request)
  • Fixed "Not able to POST xml file using Inpustream" (issue 1160) (thanks to Balasaravanan for pull request)
  • Fixed "MockMvcRequestSenderImpl convertCookies function is not copying the httpOnly, sameSite and expires from the servletCookies into the cookieBuilder" (issue 1462) (thanks to Justin Tay for pull request))
  • Fixed "Accept cookies that have an expiration date" (issue 1430) (thanks to Stéphane Épardaud for pull request)
  • Upgraded the Kotlin extension module to use Kotlin 1.8.22
  • Upgraded Groovy to 4.0.11
  • Upgraded faster jackson to 2.14.3
  • Upgraded Hamcrest to 2.2
Commits

Updates io.rest-assured:json-schema-validator from 5.3.0 to 5.3.2

Updates io.rest-assured:kotlin-extensions from 5.3.0 to 5.3.2

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the area/dependencies Pull requests that update a dependency file label Sep 21, 2023
@quarkus-bot

This comment has been minimized.

@gsmet
Copy link
Member

gsmet commented Sep 22, 2023

Issue is:

+-io.quarkus:quarkus-security-test-utils:jar:999-SNAPSHOT
  +-io.quarkus:quarkus-junit5-internal:jar:999-SNAPSHOT:compile
    +-org.awaitility:awaitility:jar:4.2.0:compile
      +-org.hamcrest:hamcrest:jar:2.1:compile
and
+-io.quarkus:quarkus-security-test-utils:jar:999-SNAPSHOT
  +-io.rest-assured:rest-assured:jar:5.3.2:compile
    +-org.hamcrest:hamcrest:jar:2.2:compile

I suppose we would have to enforce hamcrest version somewhere.

@gsmet gsmet force-pushed the dependabot/maven/rest-assured.version-5.3.2 branch from 352928f to dcf9832 Compare October 5, 2023 15:14
@quarkus-bot quarkus-bot bot added the area/infra-automation anything related to CI, bots, etc. that are used to automated our infrastructure label Oct 5, 2023
@gsmet
Copy link
Member

gsmet commented Oct 5, 2023

I enforced the hamcrest version but I'm really not sure it's a good idea to enforce the RESTAssured, Awaitility and hamcrest version in our BOM. I wonder if we should move all these to the build-parent instead.

Obviously, that would be a breaking change.

@quarkus-bot

This comment has been minimized.

dependabot bot and others added 3 commits October 6, 2023 14:44
Bumps `rest-assured.version` from 5.3.0 to 5.3.2.

Updates `io.rest-assured:rest-assured` from 5.3.0 to 5.3.2
- [Changelog](https://github.com/rest-assured/rest-assured/blob/master/changelog.txt)
- [Commits](https://github.com/rest-assured/rest-assured/commits)

Updates `io.rest-assured:json-schema-validator` from 5.3.0 to 5.3.2

Updates `io.rest-assured:kotlin-extensions` from 5.3.0 to 5.3.2

---
updated-dependencies:
- dependency-name: io.rest-assured:rest-assured
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.rest-assured:json-schema-validator
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.rest-assured:kotlin-extensions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Both REST Assured and Awaitility depend on hamcrest. I'm not sure it's a
good idea to have these three in the BOM really and it might be a good
idea to move them out of the BOM and let users define the versions.

We will see how it goes.
I had a closer look at the test following the new failure and AFAICT the
test assertion looks incorrect, we should arrive on landing page first.
@gsmet gsmet force-pushed the dependabot/maven/rest-assured.version-5.3.2 branch from dcf9832 to 3563cda Compare October 6, 2023 12:57
@gsmet
Copy link
Member

gsmet commented Oct 6, 2023

@stuartwdouglas any chance you could have a look at this commit: 3563cda ? My understanding is that the test assertion was wrong from the beginning and somehow REST Assured wasn't checking things properly. Not sure if you remember as it has been a while.
From what I can see, when logging with a new user and not requiring a specific page, we should land on the landing page and not on the admin page.

@cescoffier could you have a look too to make sure I didn't go crazy.

Copy link
Member

@cescoffier cescoffier left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The assertion change is a little annoying. We need to investigate.

@@ -84,7 +84,7 @@ public void testFormBasedAuthSuccess() {
.then()
.assertThat()
.statusCode(302)
.header("location", containsString("/admin"))
.header("location", containsString("/landing"))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Weird...

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I didn't change it lightly. From what I saw in the test, this is actually the right behavior. Given it's triggered by a REST Assured update, I suspect it was a bug in REST Assured.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Our cookie uses redirect.setMaxAge(0). I'm wondering how Restassured handles this case (if it does).

@stuartwdouglas
Copy link
Member

I guess it is a change in the cookie behaviour. I think this is ok, it would be good to understand exactly what changed though.

My guess is that with the old version the cookie that stores the redirect back location is still being sent, but with the new version it is not. I am guessing that they did not handle cookies with max-age=0 correctly, and now they have fixed it.

@gsmet
Copy link
Member

gsmet commented Oct 6, 2023

Yeah, I saw a couple of commits related to that. This one by @FroMage might be related: rest-assured/rest-assured@a68bcc5

@stuartwdouglas
Copy link
Member

That is probably it.

@quarkus-bot
Copy link

quarkus-bot bot commented Oct 6, 2023

Failing Jobs - Building 3563cda

Status Name Step Failures Logs Raw logs Build scan
✔️ JVM Tests - JDK 11
✔️ JVM Tests - JDK 17
JVM Tests - JDK 20 Build ⚠️ Check → Logs Raw logs
✔️ Maven Tests - JDK 11
Maven Tests - JDK 11 Windows Build Failures Logs Raw logs

Full information is available in the Build summary check run.

Failures

⚙️ Maven Tests - JDK 11 Windows #

📦 integration-tests/maven

io.quarkus.maven.it.DevMojoIT.testExternalReloadableArtifacts line 1448 - More details - Source on GitHub

org.awaitility.core.ConditionTimeoutException: Condition with lambda expression in io.quarkus.maven.it.DevMojoIT was not fulfilled within 1 minutes.
	at org.awaitility.core.ConditionAwaiter.await(ConditionAwaiter.java:167)
	at org.awaitility.core.CallableCondition.await(CallableCondition.java:78)

io.quarkus.maven.it.JarRunnerIT.testPlatformPropertiesOverridenInApplicationProperties line 135 - More details - Source on GitHub

org.awaitility.core.ConditionTimeoutException: Condition with lambda expression in io.quarkus.maven.it.JarRunnerIT that uses io.quarkus.maven.it.verifier.MavenProcessInvocationResult was not fulfilled within 1 minutes.
	at org.awaitility.core.ConditionAwaiter.await(ConditionAwaiter.java:167)
	at org.awaitility.core.CallableCondition.await(CallableCondition.java:78)

io.quarkus.maven.it.JarRunnerIT.testNonAsciiDir line 70 - More details - Source on GitHub

java.lang.AssertionError: 

Expecting actual:

io.quarkus.maven.it.DevMojoIT.testExternalReloadableArtifacts line 1448 - More details - Source on GitHub

org.awaitility.core.ConditionTimeoutException: Condition with lambda expression in io.quarkus.maven.it.DevMojoIT was not fulfilled within 1 minutes.
	at org.awaitility.core.ConditionAwaiter.await(ConditionAwaiter.java:167)
	at org.awaitility.core.CallableCondition.await(CallableCondition.java:78)

io.quarkus.maven.it.JarRunnerIT.testPlatformPropertiesOverridenInApplicationProperties line 135 - More details - Source on GitHub

org.awaitility.core.ConditionTimeoutException: Condition with lambda expression in io.quarkus.maven.it.JarRunnerIT that uses io.quarkus.maven.it.verifier.MavenProcessInvocationResult was not fulfilled within 1 minutes.
	at org.awaitility.core.ConditionAwaiter.await(ConditionAwaiter.java:167)
	at org.awaitility.core.CallableCondition.await(CallableCondition.java:78)

io.quarkus.maven.it.JarRunnerIT.testNonAsciiDir line 70 - More details - Source on GitHub

java.lang.AssertionError: 

Expecting actual:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/dependencies Pull requests that update a dependency file area/infra-automation anything related to CI, bots, etc. that are used to automated our infrastructure area/kotlin area/vertx kind/component-upgrade
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants