git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[oslo][requirements] Bandit Strategy


On 2019-05-15 13:08:32 -0500 (-0500), Ben Nemec wrote:
[...]
> The reason we did it this way is to prevent 1.6.1 from blocking
> all of the repos again if it doesn't fix the problem or introduces
> a new one. If so, it blocks the uncapping patches only and we can
> deal with it on our own schedule.

Normally, if it had been treated like other linters, projects should
have been guarding against unanticipated upgrades by specifying
something like a <1.6.0 version and then expressly advancing that
cap at the start of a new cycle when they're prepared to deal with
fixing whatever problems are identified.
-- 
Jeremy Stanley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190515/dcb70aca/attachment.sig>