Conversation
审阅者指南(在小型 PR 上折叠)审阅者指南此 PR 更新了 Android CI 流水线,移除了过时的 Detekt/SARIF 步骤,并用通过环境变量配置的 Maven Central 发布替换了本地发布操作,同时在 Gradle 构建中启用了签名插件。 启用签名后 Gradle 构建插件的类图classDiagram
class GradleBuild {
+android.lirary (plugin)
+android.application (plugin)
+jetbrains.kotlin.android (plugin)
+signing (plugin) // newly added
}
文件级别变更
提示和命令与 Sourcery 互动
自定义你的体验访问你的 仪表板 以:
获取帮助Original review guide in EnglishReviewer's guide (collapsed on small PRs)Reviewer's GuideThe PR updates the Android CI pipeline by removing obsolete Detekt/SARIF steps and replacing the local publish action with a Maven Central publication configured via environment variables, and it enables the signing plugin in the Gradle build. Class diagram for Gradle build plugins after signing enabledclassDiagram
class GradleBuild {
+android.lirary (plugin)
+android.application (plugin)
+jetbrains.kotlin.android (plugin)
+signing (plugin) // newly added
}
File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
There was a problem hiding this comment.
你好 - 我已审阅了你的更改 - 这里有一些反馈:
- 如果你不打算重新启用注释掉的 detekt/SARIF 代码块,请将其删除,以保持 CI 配置的整洁。
- 考虑将 versionName 参数化,而不是硬编码 '2.3.5.1',以简化未来的发布。
- 在发布步骤中添加分支或标签过滤器,以防止从功能分支意外发布。
AI 代理提示
请处理此代码审查中的评论:
## 总体评论
- 如果你不打算重新启用注释掉的 detekt/SARIF 代码块,请将其删除,以保持 CI 配置的整洁。
- 考虑将 versionName 参数化,而不是硬编码 '2.3.5.1',以简化未来的发布。
- 在发布步骤中添加分支或标签过滤器,以防止从功能分支意外发布。
## 单独评论
### 评论 1
<location> `.github/workflows/android.yml:31` </location>
<code_context>
+ ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.GPG_SIGNING_KEY}}
+ ORG_GRADLE_PROJECT_signingInMemoryKeyId: ${{ secrets.GPG_SIGNING_KEY_ID }}
+ ORG_GRADLE_PROJECT_signingInMemoryKeyPassword: ${{ secrets.GPG_SIGNING_PASS_WORD }}
+ run: ./gradlew publishToMavenCentral --no-configuration-cache -PisPublish=true -PversionName=2.3.5.1
\ No newline at end of file
</code_context>
<issue_to_address>
请仔细检查发布步骤中 --no-configuration-cache 的使用。
如果由于发布问题需要此标志,请在工作流中记录原因。随着 Gradle 的发展,请考虑重新审视其必要性。
</issue_to_address>Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Original comment in English
Hey there - I've reviewed your changes - here's some feedback:
- Remove the commented detekt/SARIF code blocks if you’re not planning to re-enable them so the CI config stays clean.
- Consider parameterizing the versionName instead of hardcoding '2.3.5.1' to simplify future releases.
- Add a branch or tag filter to the publish step to prevent accidental publishing from feature branches.
Prompt for AI Agents
Please address the comments from this code review:
## Overall Comments
- Remove the commented detekt/SARIF code blocks if you’re not planning to re-enable them so the CI config stays clean.
- Consider parameterizing the versionName instead of hardcoding '2.3.5.1' to simplify future releases.
- Add a branch or tag filter to the publish step to prevent accidental publishing from feature branches.
## Individual Comments
### Comment 1
<location> `.github/workflows/android.yml:31` </location>
<code_context>
+ ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.GPG_SIGNING_KEY}}
+ ORG_GRADLE_PROJECT_signingInMemoryKeyId: ${{ secrets.GPG_SIGNING_KEY_ID }}
+ ORG_GRADLE_PROJECT_signingInMemoryKeyPassword: ${{ secrets.GPG_SIGNING_PASS_WORD }}
+ run: ./gradlew publishToMavenCentral --no-configuration-cache -PisPublish=true -PversionName=2.3.5.1
\ No newline at end of file
</code_context>
<issue_to_address>
Double-check the use of --no-configuration-cache for publish step.
If this flag is required due to publishing issues, please document the reason in the workflow. Consider revisiting its necessity as Gradle evolves.
</issue_to_address>Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
| ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.GPG_SIGNING_KEY}} | ||
| ORG_GRADLE_PROJECT_signingInMemoryKeyId: ${{ secrets.GPG_SIGNING_KEY_ID }} | ||
| ORG_GRADLE_PROJECT_signingInMemoryKeyPassword: ${{ secrets.GPG_SIGNING_PASS_WORD }} | ||
| run: ./gradlew publishToMavenCentral --no-configuration-cache -PisPublish=true -PversionName=2.3.5.1 No newline at end of file |
There was a problem hiding this comment.
suggestion (performance): 请仔细检查发布步骤中 --no-configuration-cache 的使用。
如果由于发布问题需要此标志,请在工作流中记录原因。随着 Gradle 的发展,请考虑重新审视其必要性。
Original comment in English
suggestion (performance): Double-check the use of --no-configuration-cache for publish step.
If this flag is required due to publishing issues, please document the reason in the workflow. Consider revisiting its necessity as Gradle evolves.
…onment variables
Sourcery 总结
配置 Android CI 以将制品发布到 Maven Central 并进行 GPG 签名,移除未使用的 Detekt/SARIF 步骤,并在构建中启用签名插件。
构建:
CI:
publishToMavenCentral,并将版本提升至 2.3.5.1。Original summary in English
Summary by Sourcery
Configure Android CI to publish artifacts to Maven Central with GPG signing, remove unused Detekt/SARIF steps, and enable the signing plugin in the build
Build:
CI: