Re: Approving GitHub Dependabot PRs

2020-07-02 Thread Ralph Goers
The changes.xml creates the Manual changes page at http://logging.apache.org/log4j/2.x/changes-report.html#a2.13.3 . I suspect if the issue number is not a Jira issue it will generate a bad link. That is partly why we always creat

Re: Approving GitHub Dependabot PRs

2020-07-02 Thread Ralph Goers
Yes, when merging PRs changes.xml needs to be modified. When I am performing a release I have no way of knowing that a PR as not included in the changes, nor would I want to spend the time researching that. I would suggest that when updating a dependency version that the changes.xml for the cur

Re: Approving GitHub Dependabot PRs

2020-07-02 Thread Gary Gregory
Personally, in most projects, I update changes.xml with my commits, and for PRs as a follow up commit. It is that much less for the release manager to do IMO. What I do not ask is for contributors to updates changes.xml in PRs because that creates conflicts most of the time. Gary On Thu, Jul 2,

Re: Approving GitHub Dependabot PRs

2020-07-02 Thread Volkan Yazıcı
Doh! I have totally missed changes.xml updates while approving GitHub PRs. There I only see JIRA ticket ids as "action.issue" attributes. May I also use GitHub issue ids too? If so, do I need to prefix them with `#`? On Thu, Jul 2, 2020 at 2:30 PM Gary Gregory wrote: > > That's fine with me. You

Re: Approving GitHub Dependabot PRs

2020-07-02 Thread Carter Kozak
I wonder if we should wait until we're ready to cut a release to update the changelog with dependency changes? That way we don't end up with changelog entries for all intermediate versions of dependencies. The release process is already relatively heavy and adding more friction to ship a release

Re: Approving GitHub Dependabot PRs

2020-07-02 Thread Gary Gregory
That's fine with me. You will want to update changes.xml to track changes. Gary On Thu, Jul 2, 2020, 04:10 Volkan Yazıcı wrote: > Hello, > > 1. I will approve GitHub dependabot PRs that pass the CI tests. > 2. I will (blindly?) cherry-pick them onto release-2.x. > > Objections? > > Kind regards

Approving GitHub Dependabot PRs

2020-07-02 Thread Volkan Yazıcı
Hello, 1. I will approve GitHub dependabot PRs that pass the CI tests. 2. I will (blindly?) cherry-pick them onto release-2.x. Objections? Kind regards.

Re: Migrating from Travis CI to GitHub Actions

2020-07-02 Thread Volkan Yazıcı
Good point! setup-java "action" also supports[1] `-ea` suffix in versions: A major Java version e.g. 6, 7, 8, 9, 10, 11, 12, 13, ... A semver Java version specification e.g. 8.0.232, 7.0.181, 11.0.4 e.g. 8.0.x, >11.0.3, >=13.0.1, <8.0.212 An early access (EA) Java version e.g. 14-ea, 15-