Bump identity versions

[YasasRangika]

Purpose

To bump the dependency versions below to incorporate the changes made via:
wso2-extensions/identity-local-auth-basicauth#260
wso2/carbon-identity-framework#7635

Dependency version updates:

• Updated carbon.apimgt.version from 9.32.150 to 9.32.153

• Updated carbon.identity.version from 5.25.736 to 5.25.737

• Updated carbon.identity-local-auth-basicauth.version from 6.7.33 to 6.7.34

Goal

Fixes: wso2/api-manager#4504

Summary by CodeRabbit

• Chores
  • Updated core platform components including API management, identity services, and authentication systems to latest stable versions for improved system reliability and compatibility.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Four Maven POM files updated with identical version bumps across three dependencies: APIM core (9.32.150→9.32.153), Identity core (5.25.736→5.25.737), and Basic Authentication (6.7.33→6.7.34). No structural or behavioral changes introduced.

Changes

Cohort / File(s)	Summary
Maven Dependency Version Updates all-in-one-apim/pom.xml, api-control-plane/pom.xml, gateway/pom.xml, traffic-manager/pom.xml	Updated three public properties: carbon.apimgt.version (9.32.150 → 9.32.153), carbon.identity.version (5.25.736 → 5.25.737), carbon.identity-local-auth-basicauth.version (6.7.33 → 6.7.34)

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

• Identical version bumps applied uniformly across four files with no logic changes
• Straightforward property updates requiring verification that versions are correct and intentional

Poem

🐰 Four POMs hop in sync, versions align,
Identity and APIM in perfect design,
Display names and usernames mend their ways,
Bug fixes bundled in these bright days,
Portal shows truth again—hip, hip, hooray!

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Bump identity versions' accurately describes the main change—updating identity-related dependency versions across multiple pom.xml files.
Linked Issues check	✅ Passed	The version bumps (carbon.identity 5.25.736→5.25.737, carbon.identity-local-auth-basicauth 6.7.33→6.7.34) directly address the root cause of issue #4504 regarding authenticated username consistency in the Developer Portal.
Out of Scope Changes check	✅ Passed	All changes are scoped to dependency version updates across four pom.xml files; no unrelated or out-of-scope modifications are present.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between aeebd84 and eabe27c.

📒 Files selected for processing (4)

• all-in-one-apim/pom.xml (3 hunks)
• api-control-plane/pom.xml (3 hunks)
• gateway/pom.xml (3 hunks)
• traffic-manager/pom.xml (3 hunks)

🔇 Additional comments (4)

traffic-manager/pom.xml (1)

1292-1292: Verify version alignment across traffic-manager, gateway, and api-control-plane modules before approving.

The review shows the apimgt version bump to 9.32.153 (a valid WSO2 release), but the complete versions for identity (line 1316) and basicauth (line 1325) are not shown in this comment. Confirm all three properties match the corresponding versions in gateway/pom.xml and api-control-plane/all-in-one/pom.xml before merging. Also run the suggested stale-version and dependency-convergence scans to ensure no older versions remain elsewhere in the pom hierarchy.

api-control-plane/pom.xml (1)

1292-1292: LGTM on the property updates.

Values align with PR summary. The version updates to carbon.apimgt (9.32.153), carbon-identity-framework (5.25.737), and identity-local-auth-basicauth (6.7.34) are appropriate.

Note: External verification of PR details and issue #4504 references is not possible through public sources. Ensure internally that these versions include the intended fixes before merging.

Optional: Consider adding a release note entry referencing the fixes and affected versions.

gateway/pom.xml (1)

1292-1292: Version bumps require verification—artifacts not found in public repositories.

The stated versions cannot be confirmed as publicly available:

• org.wso2.carbon.apimgt 9.32.153: Not found on Maven Central (latest 9.32.152 available)
• carbon-identity-framework 5.25.737: Not found in public WSO2 Nexus or GitHub
• identity-local-auth-basicauth 6.7.34: Not found in public repositories

Confirm these are:

1. Already released in private/internal WSO2 repositories
2. Correct version numbers (no typos)
3. Compatible with transitive dependencies

Also verify PR merge statuses and release tag mappings mentioned in the original review.

all-in-one-apim/pom.xml (1)

1313-1313: All-in-one parent updated correctly; approve.

• Values match the other modules and PR intent.
• Also applies to: 1337-1337, 1346-1346

Run the sanity script to verify effective values across all parent modules:

#!/bin/bash
rg -nP '(carbon\.apimgt\.version|carbon\.identity\.version|carbon\.identity\-local\-auth\-basicauth\.version)\s*<|<\s*(carbon\.apimgt\.version|carbon\.identity\.version|carbon\.identity\-local\-auth\-basicauth\.version)\s*>' -g '**/pom.xml' -C1

Execute a smoke test for Devportal login with the LDAP settings from issue #4504 to validate end-to-end behavior with these updated versions.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}