Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pin dependencies #1116

Open
DanielMSchmidt opened this issue Mar 18, 2024 · 1 comment
Open

Pin dependencies #1116

DanielMSchmidt opened this issue Mar 18, 2024 · 1 comment

Comments

@DanielMSchmidt
Copy link
Contributor

Hi there,

As #1107 was introduced by a new minor update to a maven task run in the release process I was wondering what you would think of (optionally?) pinning all used dependencies? Package managers don't seem to rapidly change their publishing workflows so I would assume what works now should also work in the future, so there is not necessarily a need to stay on top of all dependency updates. I'd love to have an option to limit the impact of dependency updates so that my main workflows can remain stable.

I'm more than happy to do a PR if you feel like this is a valuable addition to the project.
@rix0rrr
Copy link
Contributor

rix0rrr commented Mar 18, 2024
edited

Yes, that seems like a good idea. It seems the Maven team noticed and fixed the bug that caused this report already, but it's probably a good idea in general.

The downside being that if the repository teams want to roll out mandatory updates, we won't get them for free anymore :). But still, explicit is better than implicit. So please, and thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rix0rrr @DanielMSchmidt