doc: add additional guidance for PRs to deps#53499
Closed
Uh oh!
There was an error while loading. Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
- add additional guidance based in discussion related to recent PR to dependency and discussion within the security-wg slack channel. Refs: nodejs/security-wg#1329 Signed-off-by: Michael Dawson <[email protected]>
Collaborator
nodejs-github-bot commented Jun 18, 2024
Review requested:
|
This was referenced Jun 18, 2024
RafaelGSS approved these changes Jun 18, 2024
legendecas approved these changes Jun 18, 2024
marco-ippolito approved these changes Jun 18, 2024
Member
avivkeller left a comment
avivkeller left a comment There was a problem hiding this comment.
One nitpick, but as a triage member, this review isn't blocking nor approving.
Uh oh!
There was an error while loading. Please reload this page.
targos approved these changes Jun 18, 2024
aduh95 reviewed Jun 19, 2024
Comment on lines +147 to +150
| PRs for manual dependency updates should only be accepted if | ||
| the update cannot be generated by the automated tooling, | ||
| the reason is clearly documented and either the PR is | ||
| reviewed in detail or it is from an existing collaborator. |
Contributor
There was a problem hiding this comment.
Should we add a note about only accepting changes that have landed upstream, and "the TSC may grant exception on a case-by-case basis"? I think it's already more or less the policy we're currently organically following, so IMO it'd make sense explicitly state it out.
UlisesGascon approved these changes Jun 19, 2024
lpinca approved these changes Jun 19, 2024
Uh oh!
There was an error while loading. Please reload this page.
Signed-off-by: Michael Dawson <[email protected]>
richardlau approved these changes Jun 19, 2024
marco-ippolito added the author ready mhdawson added a commit that referenced this pull request Jun 20, 2024
- add additional guidance based in discussion related to recent PR to dependency and discussion within the security-wg slack channel. Refs: nodejs/security-wg#1329 Signed-off-by: Michael Dawson <[email protected]> PR-URL: #53499 Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Ulises Gascón <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Richard Lau <[email protected]>
MemberAuthor
mhdawson commented Jun 20, 2024
Landed in 53e9106 |
eliphazbouye pushed a commit to eliphazbouye/node that referenced this pull request Jun 20, 2024
- add additional guidance based in discussion related to recent PR to dependency and discussion within the security-wg slack channel. Refs: nodejs/security-wg#1329 Signed-off-by: Michael Dawson <[email protected]> PR-URL: nodejs#53499 Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Ulises Gascón <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Richard Lau <[email protected]>
targos pushed a commit that referenced this pull request Jun 21, 2024
- add additional guidance based in discussion related to recent PR to dependency and discussion within the security-wg slack channel. Refs: nodejs/security-wg#1329 Signed-off-by: Michael Dawson <[email protected]> PR-URL: #53499 Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Ulises Gascón <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Richard Lau <[email protected]>
bmeck pushed a commit to bmeck/node that referenced this pull request Jun 22, 2024
- add additional guidance based in discussion related to recent PR to dependency and discussion within the security-wg slack channel. Refs: nodejs/security-wg#1329 Signed-off-by: Michael Dawson <[email protected]> PR-URL: nodejs#53499 Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Ulises Gascón <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Richard Lau <[email protected]>
marco-ippolito pushed a commit that referenced this pull request Jul 19, 2024
- add additional guidance based in discussion related to recent PR to dependency and discussion within the security-wg slack channel. Refs: nodejs/security-wg#1329 Signed-off-by: Michael Dawson <[email protected]> PR-URL: #53499 Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Ulises Gascón <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Richard Lau <[email protected]>
marco-ippolito pushed a commit that referenced this pull request Jul 19, 2024
- add additional guidance based in discussion related to recent PR to dependency and discussion within the security-wg slack channel. Refs: nodejs/security-wg#1329 Signed-off-by: Michael Dawson <[email protected]> PR-URL: #53499 Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Ulises Gascón <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Richard Lau <[email protected]>
Merged
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
11 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Refs: nodejs/security-wg#1329