Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Draft Upgrade Policy & Process #36

Merged
merged 3 commits into from
Nov 8, 2023
Merged

Draft Upgrade Policy & Process #36

merged 3 commits into from
Nov 8, 2023

Conversation

seanmakesgames
Copy link
Member

Fixes #35

@seanmakesgames seanmakesgames requested a review from tukib November 6, 2023 17:23
@seanmakesgames seanmakesgames requested a review from a team as a code owner November 6, 2023 17:23
@danswann
Copy link
Member

danswann commented Nov 6, 2023

  1. If this is supposed to be a policy global to our projects, does it belong in the wiki repo?
  2. If we're already optimistically upgrading minor versions, why do we need to do that again as a prerequisite for a major version upgrade? Seems like in the overwhelming majority of cases, steps 1-9 would be unnecessary. Is that what the "only do the steps which are applicable" clause is supposed to solve?
  3. Should we consider configuring dependabot to automatically open package bump PRs?

@seanmakesgames
Copy link
Member Author

  1. If this is supposed to be a policy global to our projects, does it belong in the wiki repo?

yes and no. We will be testing it out here, then moving it once it's had some bake time. (and we've moved stuff around so we know where to put it.

  1. If we're already optimistically upgrading minor versions, why do we need to do that again as a prerequisite for a major version upgrade? Seems like in the overwhelming majority of cases, steps 1-9 would be unnecessary. Is that what the "only do the steps which are applicable" clause is supposed to solve?

We do not.
Yes
While it should be unlikely that we have to do anything in the prerequisite steps here because we 'should' be up to date with our dependencies already. There are a bunch of reasons why we may not be. What we want to avoid is combining any PRs of updating dependencies together with doing the major version update. Even with auto-update tooling, checking on these dependencies at this step is good.

  1. Should we consider configuring dependabot to automatically open package bump PRs?

Yes. But we do not need to take this on at this time. Create a very simple issue for that if you please.

@danswann
Copy link
Member

danswann commented Nov 6, 2023

Makes sense.

@tukib
Copy link
Member

tukib commented Nov 7, 2023

Looks great, though I think the policy & process could be clearer to answer these questions:

  • At what point in the upgrade process is an issue created for documenting upgrade-specific decisions?
  • Does the policy support upgrading across major versions optimistically as long as they are considered stable?

tukib
tukib approved these changes Nov 7, 2023
View reviewed changes
Copy link
Member

@tukib tukib left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me!

@seanmakesgames seanmakesgames merged commit 7df367b into main Nov 8, 2023
3 checks passed
@seanmakesgames seanmakesgames deleted the seanmakesgames-patch-1 branch November 8, 2023 02:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tukib tukib tukib approved these changes

@danswann danswann danswann approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Dependency Upgrade Policy
3 participants
@seanmakesgames @danswann @tukib