Changelog script

[janiversen]

Here is a partial rewrite of a script I used in another project to make maintenance of CHANGELOG.md a lot easier.

The idea to the PR come from
https://github.com/cdr/code-server/projects/4#card-60917940

The script retrieves information about merged (not just closed) pull requests, and build the information needed in CHANGELOG.

'Development' is used for every PR not fitting the other headlines, so some of those lines still need to be manually handled.

I have tried to match the CHANGELOG.md we have today, but suggestions etc are welcome.

to try it run e.g.
./prepare_changelog.py 3.10.3 1.56.1 3393

first parm is code-server version
second parm is VScode version
third parm is the number of the last PR of the previous release

Checklist

• updated CHANGELOG.md

[codecov]

Codecov Report

Merging #3637 (5ceee87) into main (aa08f84) will not change coverage.
The diff coverage is n/a.

❗ Current head 5ceee87 differs from pull request most recent head 50ba3cb. Consider uploading reports for the commit 50ba3cb to get more accurate results

@@           Coverage Diff           @@
##             main    #3637   +/-   ##
=======================================
  Coverage   60.67%   60.67%           
=======================================
  Files          35       35           
  Lines        1790     1790           
  Branches      404      404           
=======================================
  Hits         1086     1086           
  Misses        562      562           
  Partials      142      142           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update aa08f84...50ba3cb. Read the comment docs.

[janiversen]

I am quite used to look at CI problems from sometimes very big project (like LibreOffice) but to be honest I am totally lost here. I am sure CI audit tries to tell me something, but the message get lost in the amount of information.

Please tell me if my script is causing this?

[jsjoeio]

Thanks for the PR @janiversen 🎉 We have a couple other things in flight but will try to take a look soon.

I am sure CI audit tries to tell me something, but the message get lost in the amount of information.
Please tell me if my script is causing this?

You can ignore that. audit-ci audits for vulnerable packages. We have a fix in #3578 but I have to get it ready for review soon. So don't worry about that one failing. Not your script :)

[jsjoeio]

Hey @janiversen - thanks for your patience with this PR.

It sparked an interesting conversation with the other maintainers. Let me give you some background.

Background

Originally, at the time of release, we used to manually write release notes using PR titles and short descriptions. This was a lot of manual work and not very fun.

We then switched to the CHANGELOG process we have now — when someone submits a PR, they add it to the CHANGELOG (most times) and then at the time of release, we just copy the CHANGELOG notes.

This felt like an improvement but was still somewhat manual.

That's when we agreed it would be nice to automate and I added that note to the Roadmap.

Conclusion

Unfortunately, we've come to the conclusion that an automated CHANGELOG is not the approach we want to go. I feel bad saying this because we do appreciate the time and work you put in to tackling this and don't want to discourage contributions. This is not anything on you but rather my fault for saying you could pick up anything up from the Roadmap without me double-checking that all of those items were fair game.

We came to this decision after comparing two CHANGELOGs - Next.js and Emacs. We all agree the Emacs style provides useful information for the community and that's what we want to aim for moving forward.

I'm going to submit a couple PRs to our docs to update the new process.

In the meantime, I did a quick search through the Roadmap and everything in there still looks like fair game if you want to pick something else up. I'm also happy to discuss anything before you start to prevent something like this moving forward. Feel free to start a GitHub Discussion and @ me if you see something interesting.

Again, thank you for your contribution! We don't have a lot of repeat contributors like yourself so it means a lot that you did this work and want to contribute beyond a single PR ♥️

[janiversen]

Thanks for your detailed explanation, I do not have a problem with the PR being closed, that happens in any project.

But of course it highlights a bigger issue, the difference between making your source "open source" or having an "open source project". An open source project have transparent discussions in order to have a community driven decisions and development, allowing everybody to chip in and influence the decisions. Sadly enough repos are only to have the label "open source" and (to be very blunt) maybe get some free help.

"we've come to the conclusion" and "not the approach we want to go" sounds dangerously like the latter. I am sure your comment "I'm also happy to discuss anything before you start to prevent something like this" was meant as a positive help.

Now I believe to understand why the project only have 46 people that have made more than 1 commit and 9 that with more than 10 commits.

[jsjoeio]

But of course it highlights a bigger issue, the difference between making your source "open source" or having an "open source project"

Yeah, I think this could be a discussion in it of itself.

From my view, I see a couple of different "open source" projects. Here are some examples:

• https://github.com/jsjoeio/twitter-stripe-mrr -> I made this for fun, for myself. I open-sourced it so others could see how it works, fork and use it for themselves.
• https://github.com/facebook/react -> although it's oss, fb controls the roadmap and funds the project with developers who work for fb. they encourage contributions from the community and do a lot of things in the open, but it's impossible for them to do everything in the open.
• https://github.com/rust-lang/rust -> probably one of the great examples of oss and probably what you thought of when you found code-server. everything is run/done by the community with some outside funding, but community drives roadmap.
• https://github.com/supabase/supabase -> they market themselves as an "open source Firebase alternative". why oss? no vendor lock-in. if the company dies, runs out of funding, something else, at least the source code is oss and you can fork/maintain yourself.

I've only been working for Coder since December, but my understanding is code-server is mostly in the last category. We use code-server in our Enterprise product but having it open-source means you're not locked-in and could theoretically create your own version of our product using oss if that's the route you choose. We have a small team (3 people, only 1 full-time) working on code-server as employees of Coder.

Our goal was and never has been to "get some free help." Again, it's about preventing vendor lock-in. That's why we don't expect external contributions, but for those who want to, we do our best to help them and express our gratitude (hence why I was so thrilled you were interesting in contributing to the project).

46 people that have made more than 1 commit

Most of those people who contributed fixed a small thing (possibly related to an issue they encountered).

An open source project have transparent discussions in order to have a community driven decisions and development, allowing everybody to chip in and influence the decisions

We agree that transparent discussions are preferred and we've discussed this multiple times on the team. I think we still have a lot of room for improvement in this area. And there is something we want to also make clear in terms of what Coder (the company)'s goals are for OSS and our relationship with the community.