Skip to content

Update Selenium to 4.28.1 +semver:feature #99

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 14, 2025
Merged

Update Selenium to 4.28.1 +semver:feature #99

merged 1 commit into from
Feb 14, 2025

Conversation

mialeska
Copy link
Contributor

PR Details

Related Issue Link:
How Has This Been Tested
Checklist
  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

@mialeska mialeska added java dependencies Pull requests that update a dependency file labels Feb 14, 2025
@mialeska mialeska self-assigned this Feb 14, 2025
@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Feb 14, 2025
edited
Loading

Walkthrough

This pull request updates the copyright year in the LICENSE file from 2024 to 2025. Additionally, several dependency versions in the pom.xml file have been updated: log4j, TestNG, Guava, selenium-java, and java-client now use newer version numbers. These changes are limited to metadata and dependency version updates without any alterations to the project’s functionality or control flow.

Changes

File Change Summary
LICENSE Updated copyright year from 2024 to 2025.
pom.xml Updated dependency versions:
- log4j: 2.24.2 → 2.24.3
- TestNG: 7.10.2 → 7.11.0
- Guava: 33.3.1-jre → 33.4.0-jre
- selenium-java: 4.27.0 → 4.28.1
- java-client: 9.3.0 → 9.4.0.

Possibly related PRs

Poem

I'm a rabbit, hopping with glee,
Nibbling on code changes merrily,
New years and versions now in sight,
LICENSE and pom shine ever so bright,
Carrots of updates make my day clear—
With each change, I hop and cheer!
🐇✨

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0bb9c41 and 59cad9c.

📒 Files selected for processing (2)
  • LICENSE (1 hunks)
  • pom.xml (4 hunks)
✅ Files skipped from review due to trivial changes (1)
  • LICENSE
⏰ Context from checks skipped due to timeout of 90000ms (2)
  • GitHub Check: aquality-automation.aquality-selenium-core-java (Analyse code with SonarQube)
  • GitHub Check: aquality-automation.aquality-selenium-core-java (Run tests)
🔇 Additional comments (6)
pom.xml (6)

20-20: LGTM! All dependency updates follow semantic versioning.

The updates include patch and minor version bumps, which should maintain backward compatibility according to semantic versioning:

  • log4j: 2.24.2 -> 2.24.3 (patch)
  • testng: 7.10.2 -> 7.11.0 (minor)
  • guava: 33.3.1-jre -> 33.4.0-jre (minor)
  • selenium-java: 4.27.0 -> 4.28.1 (minor)
  • java-client: 9.3.0 -> 9.4.0 (minor)

Also applies to: 107-107, 124-124, 134-134, 139-139

20-20:

✅ Verification successful

Verify log4j version for security advisories.

The log4j version has been updated from 2.24.2 to 2.24.3.

🏁 Script executed:

#!/bin/bash
# Check for security advisories and latest versions of log4j
curl -s https://pypi.org/pypi/log4j/json | jq '.info.version'

gh api graphql -f query='
{
  securityVulnerabilities(first: 5, ecosystem: MAVEN, package: "org.apache.logging.log4j:log4j-core") {
    nodes {
      advisory {
        summary
        severity
        publishedAt
      }
      vulnerableVersionRange
      firstPatchedVersion {
        identifier
      }
    }
  }
}'

Length of output: 1629

Log4j Version Security Check Complete

  • The update from 2.24.2 to 2.24.3 has been verified against Maven security advisories.
  • The GraphQL check confirms that the previously reported vulnerabilities (affecting versions below 2.3.2, between 2.4.0 and 2.12.3, or in the 2.13.x range) do not impact version 2.24.3.
  • The PyPi query returning null is expected since Log4j is managed through the Maven ecosystem.

139-139:

✅ Verification successful

Verify java-client version compatibility.

The java-client version has been updated from 9.3.0 to 9.4.0. Since this is a minor version update, please verify there are no breaking changes.

🌐 Web query:

What are the breaking changes in Appium java-client 9.4.0 compared to 9.3.0?

💡 Result:

Appium Java-client version 9.4.0 introduces no documented breaking changes compared to 9.3.0 based on available release notes[1][2]. However, key updates include:

Enhancements in 9.4.0:

  • Added support for bidirectional communication via HasBiDi interface implementation[2]
  • Improved compatibility with Selenium 4.28.x[2]

Dependency Updates:

  • Requires Selenium ≥4.28.x[2]

While no explicit breaking changes exist between these versions, users should note:
1. Selenium Compatibility: The mandatory Selenium upgrade (from ≤4.19.x in earlier versions) might introduce compatibility issues with existing test infrastructure[1][5]
2. BiDi Requirements: New HasBiDi interface requires WebDriver implementations supporting Chrome DevTools Protocol[2]

For context, major breaking changes in recent Java-client history include:

  • Java 11+ requirement since v9.x[1]
  • Removal of deprecated MobileBy class and legacy capability interfaces in v9.x[1][4]

Developers upgrading from pre-9.x versions should consult the v8-to-v9 migration guide[1][4].

Citations:

Action Required: Confirm Selenium Dependency Compatibility

The upgrade from Appium java-client 9.3.0 to 9.4.0 does not introduce any documented breaking changes. However, please ensure that your test environment is using Selenium ≥4.28.x as required by the updated client, and review any potential impacts arising from the new bidirectional communication support via the HasBiDi interface if applicable.

  • File: pom.xml (line 139)
  • Note: Verify that your Selenium dependency and infrastructure are compatible with the new requirement.

107-107:

✅ Verification successful

Verify TestNG version compatibility.

The TestNG version has been updated from 7.10.2 to 7.11.0. Since this is a minor version update, please verify there are no breaking changes.

🌐 Web query:

What are the breaking changes in TestNG 7.11.0 compared to 7.10.2?

💡 Result:

Based on an analysis of available release notes and GitHub history up to February 2025, TestNG v7.x releases show no documented breaking changes between v7.X.X versions according to official sources[1][3][5]. However, significant compatibility considerations exist when upgrading from older major versions:

Compatibility Considerations

1️⃣ Java Version Requirements

  • Later v7.X.X builds require Java SE ≥17 (minimum Java SE ≥8 for v6.X.X)[9]

2️⃣ Eclipse Plugin Dependencies

  • TestNG Eclipse Plugin ≥v8.X required for IDE integration with v7.X.X+ due to core framework architecture changes[9]

3️⃣ Third-Party Integration Impacts

  • Quantum test framework v1.X requires explicit removal of legacy TestNG dependencies when upgrading from v6.X → v7.X[7]

Key Version-Specific Fixes

  • v7.X.X
    • Fixed thread pool management conflicts with use-global-thread-pool[1]
    • Improved data provider retry logic[1][3]
    • Enhanced assertion failure messages for array comparisons[1][3]

While incremental updates between minor versions (e.g., v7.Y.Z → v7.Y+1.Z) typically maintain backward compatibility[1][3], major version jumps (v6 → v7) may require codebase adjustments due to deprecated API removals and concurrency model changes[9].

Citations:

TestNG Version Update Confirmed

The update in pom.xml (line 107) from 7.10.2 to 7.11.0 is a minor version bump. Based on the release notes and GitHub history up to February 2025, there are no documented breaking changes between these two minor versions of TestNG. While no breaking API changes were found, please ensure that:

  • Your Java version meets any newer minimum requirements (e.g., Java SE 17 for later builds if applicable).
  • Your IDE or Eclipse plugin integrations are updated if they depend on specific TestNG features.

Overall, the upgrade appears safe without breaking changes.

124-124:

❓ Verification inconclusive

Verify Guava version compatibility.

The Guava version has been updated from 33.3.1-jre to 33.4.0-jre. Since this is a minor version update, please verify there are no breaking changes.

🌐 Web query:

What are the breaking changes in Guava 33.4.0-jre compared to 33.3.1-jre?

💡 Result:

Guava 33.4.0-jre introduces one notable behavioral change that could break existing code:

I/O Stream Handling Changes

  • ByteSink/CharSink flush behavior: These classes no longer call flush() before close() by default[1]. This affects code relying on streams that override close() without flushing buffered data: 
    // Old behavior (pre-33.4): flush() called automatically before close()
// New behavior: No automatic flush()
try (OutputStream out = byteSink.openStream()) {
    out.write(data);
}
    Impact: Requires manual flush() calls if using non-standard stream implementations where:
    1. Streams override close() without flushing
    2. Code depends on pre-close flushing behavior

Other changes are backward-compatible:

  • Deprecated but retained: Charsets constants (still present but marked deprecated)[1]
  • New APIs: Added features like ToStringHelper.omitEmptyValues() and HTTP header constants without breaking existing functionality[1]

No binary incompatibilities or removed APIs were introduced between 33.3.1 and 33.4.0[1][10].

Citations:

Action Required: Verify Explicit Flush in I/O Stream Handling

The Guava version in pom.xml has been updated from 33.3.1-jre to 33.4.0-jre. Note that Guava 33.4.0 introduces a behavioral change where ByteSink and CharSink no longer call flush() automatically before close(). Please review your usage of these classes—if you rely on the prior flush behavior for non-standard stream implementations, you may need to add explicit flush() calls.

  • File: pom.xml (Line 124)
  • Change: Version update to <version>33.4.0-jre</version>
  • Impact: Manual flush may be required to mimic the old behavior if your code depends on it.

134-134:

❓ Verification inconclusive

Verify Selenium version compatibility and changes.

The Selenium version has been updated from 4.27.0 to 4.28.1, which aligns with the PR objective.

🌐 Web query:

What are the breaking changes in Selenium 4.28.1 compared to 4.27.0?

💡 Result:

Selenium 4.28.1 introduces several breaking changes compared to 4.27.0 across its components:

Core Framework Changes

  • CDP Version Updates
    Removed Chrome DevTools Protocol (CDP) support for Chrome v129 while adding v132[1][3][4]. Existing implementations relying on CDP commands specific to v129 will break.

  • Null Safety Enforcement
    Added strict nullability annotations in Java and .NET bindings[4][7]. Code previously allowing null values in these contexts may now throw compilation errors:

    // Java example requiring non-null values
Cookie cookie = new Cookie.Builder("name", "value") 
    .domain(requireNonNull(domain)) // Now enforced
    .build();

Language-Specific Breaking Changes

Java:

  • Encapsulated additionalCommands field with getAdditionalCommands() method[3][7]. Direct field access will fail: 
    // Broken in 4.28.x
driver.getCommandExecutor().additionalCommands.add(...);

// Fixed approach
driver.getCommandExecutor().getAdditionalCommands().add(...);

Ruby:

  • Minimum Ruby version requirement increased from 2.7 → 3.1[9]. Older Ruby installations can no longer run Selenium.
  • Updated cookie handling return types from Hash to frozen data structures[9].

Python:

  • Removed deprecated service_args parameter from EdgeService[1][7]. Migrate to supported service configurations: 
    # Deprecated in 4.28.x
service = EdgeService(service_args=['--log-level=DEBUG'])

# New approach using service_class
service = EdgeService()
service.service_class.args.append('--log-level=DEBUG')

Grid Changes

  • Session Management
    Introduced strict session timeout handling with --drain-after-session-count flag[3][10]. Grid nodes now forcefully terminate after reaching session limits rather than draining gracefully.

  • Node Registration
    Added validation for platformName capabilities - empty values now default to "ANY" instead of "WINDOWS"[3][7]. Capability mismatches may cause node registration failures.

Dependency Updates

Component v4.27.x v4.28.x Impact
ChromeDriver v131.x v132.x Requires Chrome ≥v132
EdgeDriver v131.x v132.x Requires Edge ≥v132
GeckoDriver v0.34.x v0.35.x Firefox compatibility changes
Selenium Manager v1.x v2.x Browser detection logic updated

These changes require testing automation suites against updated browser versions and addressing any compilation errors from stricter type checks[2][3][6][8].

Citations:

Action: Validate Compatibility with Selenium 4.28.1 Breaking Changes

The pom.xml update to version 4.28.1 meets the PR objective. However, Selenium 4.28.1 introduces several breaking changes compared to 4.27.0. Please verify that our codebase and test suites gracefully handle the following:

  • CDP Updates: Confirm that any CDP integrations are updated to support Chrome v132 instead of v129.
  • Null Safety Enforcement: Check that our Java (and other language) bindings comply with the stricter nullability requirements, avoiding any potential compilation issues.
  • Java API Changes: Ensure that any direct accesses of the additionalCommands field are replaced by the new getAdditionalCommands() method.
  • Driver and Dependency Updates: Verify that related driver versions (e.g., ChromeDriver, EdgeDriver, GeckoDriver) and Selenium Manager updates are compatible with our current configuration.

Once these factors are confirmed, the version update can be considered fully integrated.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@mialeska mialeska merged commit 933f155 into master Feb 14, 2025
5 checks passed
@coderabbitai coderabbitai bot mentioned this pull request Feb 14, 2025
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] approved these changes

Assignees

@mialeska mialeska

Labels
dependencies Pull requests that update a dependency file java
Projects
Aquality Core
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mialeska