Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

go: specify that only direct dependencies should be updated #33

Merged
merged 1 commit into from
Aug 30, 2024
Merged

go: specify that only direct dependencies should be updated #33

merged 1 commit into from
Aug 30, 2024

Conversation

roman-khimov
Copy link
Member

This is to avoid things like nspcc-dev/neofs-oauthz#56 (comment).

@roman-khimov
go: specify that only direct dependencies should be updated
e096955 
Indirect ones are usually updated only in case of some security issues. There is
a lot of them and most of the time we don't care much (Go chooses whatever works
for direct dependencies).

Signed-off-by: Roman Khimov <[email protected]>
AnnaShaleva
AnnaShaleva approved these changes Aug 30, 2024
View reviewed changes
Copy link
Member

@AnnaShaleva AnnaShaleva left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not against of this change, but sometimes it's needed. I faced with situations when too stale indirect dependency doesn't allow to properly build the project. I managed to solve it only by indirect dependency upgrade.

@roman-khimov
Copy link
Member Author

That's OK if needed, obviously. The point is that we don't do it by default.

@roman-khimov roman-khimov merged commit d48bb4e into master Aug 30, 2024
1 check passed
@roman-khimov roman-khimov deleted the direct-deps branch August 30, 2024 11:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AnnaShaleva AnnaShaleva AnnaShaleva approved these changes

@carpawell carpawell carpawell approved these changes

@AliceInHunterland AliceInHunterland AliceInHunterland approved these changes

@End-rey End-rey End-rey approved these changes

@tatiana-nspcc tatiana-nspcc tatiana-nspcc approved these changes

@smallhive smallhive Awaiting requested review from smallhive

@cthulhu-rider cthulhu-rider Awaiting requested review from cthulhu-rider

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@roman-khimov @AnnaShaleva @carpawell @AliceInHunterland @End-rey @tatiana-nspcc