Hi everyone,Last summer, we introduced bumpbuddy [1], a daemon watching for new upstream releases for our packages.
Bumpbuddy offers a centralized and automated way for tracking and reporting new upstream release for our Package Maintainers; also providing a public place (in the form of GitLab issues [2]) for anyone to discuss the state of a pending package update, allowing for more transparency in the process.
Since the initial introduction published a few months ago, bumpbuddy got a fair amount of new features & releases, so we thought it might be a good time for a follow-up!
## DashboardBumpbuddy's data are now publicly exposed and reported on a dedicated web dashboard [3]. This dashboard allows anyone to visualize and search through the state of monitored packages.
Here are the list of the reported parameters: - Package: The package name.- Local version: The current version of the package in our GitLab package repositories. - Upstream version: The latest upstream version for the package reported by bumpbuddy.
- Up to date: "Up to date" status of the package.
- ✅ = Up to date
- ❌ = Out of date
- ⚠️ = Bumpbuddy is not able to determine the latest upstream
release (due to nvchecker failures)
- Issues: Link to the GitLab issue reporting the "out of date" status of
a package and / or repeated nvchecker failures.
- Last check: Time and date of the last check for the package. ## Report of repeated nvchecker failuresAs mentioned in the dashboard paragraph, bumpbuddy now also reports repeated nvchecker failures (after a specific threshold) through GitLab issues [4]. This allows to keep track and investigate eventual faulty nvchecker configurations preventing bumpbuddy to properly detect new upstream releases.
Once the issue is fixed (and if not done already); such issues are automatically closed by bumpbuddy itself at the next run [5].
## New dedicated issue labelsTo allow for more fine grained classification of the opened GitLab issues, the `scope::out-of-date` label was replaced by `package::out-of-date`, so that the reported upstream release can be further classified (e.g. with `scope::security` or `scope::bug`).
Following the same pattern, issues for repeated nvchecker failures are labelled with `package::nvchecker` and `scope::bug`.
## General improvements and fixes Various improvements and fixes have been added, including: - Error handling for API calls, avoiding unexpected duplicate issues.- Continious update of the API data, to ensure up to date data for consumers. - Improvements of the pkgbases to GitLab path names conversion (so that e.g. the `bonnie++` pkgbase is correctly converted to `bonnieplusplus` in the GitLab path name). - Update opened GitLab issues on local package version changes (and not only on upstream version changes). - Deletion of the automated comment when updating an opened issue (as it globally ended up as extra "noise").
## Work in progress We have some work in progress regarding our future goals, most notably:- pkgctl: Automatically close 'out-of-date' issue when releasing a new package version [6], allowing for an instant closing of 'out-of-date' issues when the matching (or a newer) version is being pushed (as compared to today where issues are only closed at the next bumpbuddy run), and generally reducing the extra "noise" cause by the multiple notifications when an issue is being closed by bumpbuddy. - archweb: import bumpbuddy data [7], getting closer to our future goal of replacing the current "Flag Package Out-of-Date" manual button by automated bumpbuddy reports.
Further work regarding additional future goals will follow!Huge thanks to klausenbusk, anthraxx and jelle for their amazing work on those new features, improvements and ongoing efforts!
[1] https://lists.archlinux.org/archives/list/[email protected]/message/3QINI22ULKMDVXG75P7QATV3E5GVMZR3/ [2] https://gitlab.archlinux.org/archlinux/packaging/packages/python-fastapi/-/issues/30
[3] https://bumpbuddy.archlinux.org/[4] https://gitlab.archlinux.org/archlinux/packaging/packages/schroot/-/issues/1 [5] https://gitlab.archlinux.org/archlinux/packaging/packages/schroot/-/issues/1#note_396171
[6] https://gitlab.archlinux.org/archlinux/devtools/-/merge_requests/338 [7] https://github.com/archlinux/archweb/pull/598 -- Regards, Robin Candau / Antiz
OpenPGP_0xFDC3040B92ACA748.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
