You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Deterministic builds AND easy dependency maintenance? Why not both?
My ideal flow would be:
robot identifies updates (on, say, a weekly schedule?) and opens a PR per (unit) of change
implementation: maybe renovate, maybe dependabot, maybe a custom scheduled action workflow that runs cargo update?
detail: we can't change esp32c3-hal independently from esp32-hal-common, so those two dependencies ought to be one "unit"
each PR gets automatically validated by our CI system (for now, cargo check)
detail: we will eventually want to add more thorough checks, but that's out of scope for this issue
wrinkle: when there are multiple concurrent units changing, we'll have to re-run
when CI succeeds, the PR is automatically merged
when CI fails, we hold ourselves to some timeframe to investigate and resolve it (i.e. before the next weekly update?)
NB: resolution might be fixing the PR so it's merge-able, "skip this version" + a PR upstream, "skip automatic updates for dependency" + an issue upstream and/or fork
What do you think?
The text was updated successfully, but these errors were encountered:
Deterministic builds AND easy dependency maintenance? Why not both?
My ideal flow would be:
cargo update?cargo check)What do you think?
The text was updated successfully, but these errors were encountered: