[GitHub] [kafka] machi1990 commented on pull request #13673: MINOR: Update dependencies (minor versions only)
machi1990 commented on PR #13673: URL: https://github.com/apache/kafka/pull/13673#issuecomment-1534757023 > > In relation to dependency upgrade, has there been any discussion around automated tooling e.g usage of dependabot or renovate? > > I don't know. I have seen @ijuma being the one who periodically performs dependency upgrades. He may be able to provide more info about this. Thanks, I'll be interested in any details that could be provided @ijuma > Dependabot is a good idea (and some other Apache communities use it), except when it leads to noise. I don't know if there is a way to "mute" it and enable only at the beginning of a release cycle. Yes, it is possible. With dependabot you can limit the number of PRs opened. Setting the limit to `0` will equate disabling depedency update for a given package ecosystem. Renovate has a disabling flag, which could be used. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [kafka] machi1990 commented on pull request #13673: MINOR: Update dependencies (minor versions only)
machi1990 commented on PR #13673: URL: https://github.com/apache/kafka/pull/13673#issuecomment-1534706839 In relation to dependency upgrade, has there been any discussion around automated tooling e.g usage of dependabot or renovate? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [kafka] machi1990 commented on pull request #13673: MINOR: Update dependencies (minor versions only)
machi1990 commented on PR #13673: URL: https://github.com/apache/kafka/pull/13673#issuecomment-1534704953 Thanks @divijvaidya I am wondering whether it is best to separate each upgrade on a separate PR? That makes each dependency update atomic and thus easier to revert in case we notice issue related to a specific dependency upgrade. What do you think? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
