Skip to content

CI check to make sure that all libraries have their source code verified#10217

Open
daniellehrner wants to merge 2 commits intobesu-eth:mainfrom
daniellehrner:feat/verify_all_dep_sources_present
Open

CI check to make sure that all libraries have their source code verified#10217
daniellehrner wants to merge 2 commits intobesu-eth:mainfrom
daniellehrner:feat/verify_all_dep_sources_present

Conversation

@daniellehrner
Copy link
Copy Markdown
Contributor

@daniellehrner daniellehrner commented Apr 10, 2026

PR description

Adds a new check to the CI that verifies that all libraries that are added to Gradle have their sources verification entries added as well. Reuses logic from the existing resolveSourceArtifacts Gradle task that is adding those sources.

Thanks for sending a pull request! Have you done the following?

  • Checked out our contribution guidelines?
  • Considered documentation and added the doc-change-required label to this PR if updates are required.
  • Considered the changelog and included an update if required.
  • For database changes (e.g. KeyValueSegmentIdentifier) considered compatibility and performed forwards and backwards compatibility tests

Locally, you can run these tests to catch failures early:

  • spotless: ./gradlew spotlessApply
  • unit tests: ./gradlew build
  • acceptance tests: ./gradlew acceptanceTest
  • integration tests: ./gradlew integrationTest
  • reference tests: ./gradlew ethereum:referenceTests:referenceTests
  • hive tests: Engine or other RPCs modified?

@daniellehrner
ci check to make sure that all libraries have their source code verif…
ea10ba9 
…ied as well

Signed-off-by: daniellehrner <daniel.lehrner@consensys.net>
Copilot AI review requested due to automatic review settings April 10, 2026 10:42
Copilot AI reviewed Apr 10, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Adds a CI gate to ensure Gradle dependency verification metadata includes corresponding source artifact entries for resolved external dependencies, reusing the existing source-resolution logic.

Changes:

  • Refactors source-artifact collection/resolution into reusable ext closures in build.gradle.
  • Adds a new verifySourceArtifacts Gradle task that fails if gradle/verification-metadata.xml lacks source entries.
  • Wires the new verification task into the GitHub Actions pre-review workflow as a required job.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File Description
build.gradle Extracts shared dependency/source resolution logic and adds verifySourceArtifacts to validate verification metadata coverage.
.github/workflows/pre-review.yml Adds a new CI job that runs ./gradlew verifySourceArtifacts and gates the “unittests-passed” aggregator on it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@fab-10 fab-10 fab-10 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@daniellehrner @fab-10