On Wed, 2022-04-06 at 11:35 -0700, Eric Norman wrote:
> Perhaps some analysis of whether bumping the dependency version
> changes the
> generated Import-Package instruction can provide some insight
> regarding the
> compatibility. If the new version of the dependency only has changes
> in
>
Perhaps some analysis of whether bumping the dependency version changes the
generated Import-Package instruction can provide some insight regarding the
compatibility. If the new version of the dependency only has changes in
packages that we are not directly using then it should be safeish to
(sent the initial email from the wrong account, please reply to _this_
email)
On Wed, 2022-04-06 at 13:47 +, Robert Munteanu wrote:
> Hi,
>
> We will start getting dependabot PRs for our sling modules, for
> instance
>
> https://github.com/apache/sling-org-apache-sling-xss/pull/18
>
>
Hi,
We will start getting dependabot PRs for our sling modules, for
instance
https://github.com/apache/sling-org-apache-sling-xss/pull/18
While I understand the reasoning behind this service, in Sling we have
long had a policy of depending on the lowest possible version of the
API, to ensure
