You could try archiving the projects. That way all jobs are disabled,
including dependabot. You can't push anymore, but unarchiving is just as
easy as archiving.
Rob
On 03/10/2023 19:22, Gary Gregory wrote:
Getting rid of this is good for dormant components ONLY IMO.
It is definitely not a release time task for me. As an RM, I certainly
don't want to spend time doing this at release time. I want to update
dependencies as they become available to let them become part of the code
base where I can check and validate stability over time as I keep
developing and maintaining. I want to know as soon as possible if something
goes wrong, not at release time when *all i want to do* is release.
Gary
On Tue, Oct 3, 2023, 10:47 AM Emmanuel Bourg <ebo...@apache.org> wrote:
Le 01/10/2023 à 14:09, sebb a écrit :
As the subject says: how does one stop dependabot and other analyses
from running on dormant components?
+1
And even on all components, updating the dependencies is a release time
task. Updating 3 times the same Maven plugins between releases is a
waste of time.
Emmanuel Bourg
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org