Skip to content

Auto-update dependencies.#2815

Open
dpebot wants to merge 1 commit into
masterfrom
dpebot-repositorygardener
Open

Auto-update dependencies.#2815
dpebot wants to merge 1 commit into
masterfrom
dpebot-repositorygardener

Conversation

@dpebot

@dpebot dpebot commented Jul 1, 2026

Copy link
Copy Markdown
Collaborator

Brought to you by your friendly Repository Gardener.

@wiz-9635d3485b

wiz-9635d3485b Bot commented Jul 1, 2026

Copy link
Copy Markdown

Wiz Scan Summary

Scanner Findings
Vulnerability Finding Vulnerabilities 1 High 2 Medium 1 Low
Data Finding Sensitive Data -
Secret Finding Secrets -
IaC Misconfiguration IaC Misconfigurations -
SAST Finding SAST Findings -
Software Management Finding Software Management Findings -
Total 1 High 2 Medium 1 Low

View scan details in Wiz

To detect these findings earlier in the dev lifecycle, try using Wiz Code VS Code Extension.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the uiautomator dependency version from 2.3.0 to 2.4.0 across multiple modules and bumps the composeBom version in the Gradle Version Catalog. The reviewer suggests centralizing the uiautomator dependency definition within the Version Catalog (gradle/libs.versions.toml) rather than hardcoding it in individual module build files to ensure consistency.

androidTestImplementation("androidx.test.espresso:espresso-core:3.7.0")
androidTestImplementation("androidx.test:rules:1.7.0")
androidTestImplementation("androidx.test.uiautomator:uiautomator:2.3.0")
androidTestImplementation("androidx.test.uiautomator:uiautomator:2.4.0")

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Instead of hardcoding the dependency version directly in the module's build.gradle.kts file, it is highly recommended to manage it centrally using the Gradle Version Catalog (gradle/libs.versions.toml). This ensures consistency across all modules in this multi-module project.

Suggested Action:

  1. Add the version and library definition to gradle/libs.versions.toml:
    [versions]
    uiautomator = "2.4.0"
    
    [libraries]
    androidx-test-uiautomator = { group = "androidx.test.uiautomator", name = "uiautomator", version.ref = "uiautomator" }
  2. Reference it here using the catalog alias.
    androidTestImplementation(libs.androidx.test.uiautomator)
androidTestImplementation("androidx.test:rules:1.7.0")
androidTestImplementation("androidx.test:runner:1.7.0")
androidTestImplementation("androidx.test.uiautomator:uiautomator:2.3.0")
androidTestImplementation("androidx.test.uiautomator:uiautomator:2.4.0")

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Instead of hardcoding the dependency version directly in the module's build.gradle.kts file, it is highly recommended to manage it centrally using the Gradle Version Catalog (gradle/libs.versions.toml). This ensures consistency across all modules in this multi-module project.

Suggested Action:

  1. Add the version and library definition to gradle/libs.versions.toml:
    [versions]
    uiautomator = "2.4.0"
    
    [libraries]
    androidx-test-uiautomator = { group = "androidx.test.uiautomator", name = "uiautomator", version.ref = "uiautomator" }
  2. Reference it here using the catalog alias.
    androidTestImplementation(libs.androidx.test.uiautomator)
androidTestImplementation("androidx.test:rules:1.7.0")
androidTestImplementation("androidx.test:runner:1.7.0")
androidTestImplementation("androidx.test.uiautomator:uiautomator:2.3.0")
androidTestImplementation("androidx.test.uiautomator:uiautomator:2.4.0")

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Instead of hardcoding the dependency version directly in the module's build.gradle.kts file, it is highly recommended to manage it centrally using the Gradle Version Catalog (gradle/libs.versions.toml). This ensures consistency across all modules in this multi-module project.

Suggested Action:

  1. Add the version and library definition to gradle/libs.versions.toml:
    [versions]
    uiautomator = "2.4.0"
    
    [libraries]
    androidx-test-uiautomator = { group = "androidx.test.uiautomator", name = "uiautomator", version.ref = "uiautomator" }
  2. Reference it here using the catalog alias.
    androidTestImplementation(libs.androidx.test.uiautomator)
androidTestImplementation("androidx.test.espresso:espresso-core:3.7.0")
androidTestImplementation("androidx.test:rules:1.7.0")
androidTestImplementation("androidx.test.uiautomator:uiautomator:2.3.0")
androidTestImplementation("androidx.test.uiautomator:uiautomator:2.4.0")

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Instead of hardcoding the dependency version directly in the module's build.gradle.kts file, it is highly recommended to manage it centrally using the Gradle Version Catalog (gradle/libs.versions.toml). This ensures consistency across all modules in this multi-module project.

Suggested Action:

  1. Add the version and library definition to gradle/libs.versions.toml:
    [versions]
    uiautomator = "2.4.0"
    
    [libraries]
    androidx-test-uiautomator = { group = "androidx.test.uiautomator", name = "uiautomator", version.ref = "uiautomator" }
  2. Reference it here using the catalog alias.
    androidTestImplementation(libs.androidx.test.uiautomator)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

1 participant