You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have run into issues with edx specific packages being added as dependencies. The specific example mentioned in the Paragon issue was @edx/brand (as opposed to @edx/brand-openedx)
Ideally this would support both org-wide and repo-specific rules for package allow/block lists.
In order to address this across the entire org, it was decided that adding a workflow to this .github repository (and using repo_checks to ensure it's added to the appropriate repositories) would be the ideal path forward.
This has some overlap with openedx/edx-platform#33189 which is probably also worth looking at for detecting python dependencies in the wrong org.
The text was updated successfully, but these errors were encountered:
Sparked by openedx/paragon#2240
We have run into issues with
edxspecific packages being added as dependencies. The specific example mentioned in the Paragon issue was@edx/brand(as opposed to@edx/brand-openedx)Ideally this would support both org-wide and repo-specific rules for package allow/block lists.
In order to address this across the entire org, it was decided that adding a workflow to this
.githubrepository (and usingrepo_checksto ensure it's added to the appropriate repositories) would be the ideal path forward.This has some overlap with openedx/edx-platform#33189 which is probably also worth looking at for detecting python dependencies in the wrong org.
The text was updated successfully, but these errors were encountered: