Pin and automate doing isolated bumps of hub image dependencies' major versions #3565
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
consideRatio
force-pushed
the
pr/major-bump
branch
from
efe9053 to
4216fe0
Compare
consideRatio
force-pushed
the
pr/major-bump
branch
from
4216fe0 to
0d46c77
Compare
minrk
approved these changes
Oct 31, 2024
| @@ -15,3 +15,15 @@ updates: | |||
| interval: monthly | |||
| time: "05:00" | |||
| timezone: Etc/UTC | |||
| - package-ecosystem: pip | |||
| directory: /images/hub/unfrozen | |||
| labels: [breaking] | |||
images/hub/unfrozen/requirements.txt
Outdated
| jupyterhub-idle-culler==1.* | ||
|
|
||
| # Other optional dependencies for additional features | ||
| pymysql==1.* # mysql |
There was a problem hiding this comment.
fwiw, I wouldn't consider a bump of any of these to be a breaking change, but that's not a big deal. Perhaps they shouldn't be pinned?
There was a problem hiding this comment.
Yeah hmmm I agree, they aren't meant to be a breaking change for the user.
It could be relevant to be given a chance to read the changelog before merging though. I'm fine with removing pins or retaining them, but I agree they are reasonably not to be listed as breaking in the end.
I think for all major bumps here, some may not be breaking in the end, so generally a manual consideration about breaking label or not this is probably needed.
consideRatio
commented
Oct 31, 2024
avoids PRs labeling them as 'breaking' Co-authored-by: Erik Sundell <erik.i.sundell@gmail.com>
consideRatio
pushed a commit
to jupyterhub/helm-chart
that referenced
this pull request
Nov 1, 2024
jupyterhub/zero-to-jupyterhub-k8s#3565 Merge pull request #3565 from consideRatio/pr/major-bump
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I had to rename and isolate requirements.in to
unfrozen/requirements.txtbecause it was the only way for me to ensure dependabot worked as wanted.I also had to add some arguments in ci/refreeze specifying files.
Dependabot function verified in a fork, and ci/refreeze function verified manually. No remnants of
requirements.infound when searching.