Support only opening PRs for certain sources #249
Labels
enhancement
New feature or request
Comments
|
At the moment we simply have too much of a PR spam, in the case of many gnome modules you only want an update (a PR) on each release of the main module and during a release week I could see a lot of unwanted PRs. |
|
Another related idea, perhaps if CVE checking (e.g. #8) is ever added, f-e-d-c can make PRs for CVE affected modules regardless if it's the main module. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This was discussed on Matrix a bit ago, but I couldn't find an issue so I opened one.
It would be useful for maintainers to only get PRs when it is really needed. A manifest may include many instances of x-checker-data in their manifest. But this means often PRs will be opened for library updates and the Flatpak probably don't need to be urgently updated.
So it would handy if f-e-d-c could be told to only create PRs under certain circumstances. One configuration could be to only open an update PR when the main source is updated.
I see at least two ways of approaching this:
Current x-checker-data works as it already does. Add an option to opt-out particular sources of being critical. This means update PRs will not be made for that source unless the main or a critical source gets an update.
x-checker-data defaults are changed. Update PRs will only be opened if the main source gets an update. Override this assumption by marking a source as critical, which means a PR is opened as soon as a source gets an update.
From a security perspective it seems somewhat reasonable to update things as soon as possible. But that can easily become excessive. I am not sure what the sane default is here.
The text was updated successfully, but these errors were encountered: