Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Protect the master branch to avoid accidental commits #444

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Protect the master branch to avoid accidental commits #444

wants to merge 2 commits into from

Conversation

elharo
Copy link
Contributor

@elharo elharo commented Oct 16, 2024

No description provided.

@elharo elharo requested a review from hboutemy October 16, 2024 11:57
michael-o
michael-o requested changes Oct 16, 2024
View reviewed changes
Copy link
Member

@michael-o michael-o left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is something we need to discuss in general AND will this block pushed to master directly? Then no releases will be possible anymore.

@elharo
Copy link
Contributor Author

elharo commented Oct 16, 2024

The goal is to block direct pushes to master. If the release process requires doing that, then yes, we might need to adjust the release process first, which we should do. Direct commits to master are a risk for supply chain attacks. Discussion is ongoing on the dev list.

@michael-o michael-o marked this pull request as draft October 16, 2024 12:30
@elharo elharo marked this pull request as ready for review October 16, 2024 12:49
@michael-o michael-o marked this pull request as draft October 17, 2024 07:02
@elharo elharo marked this pull request as ready for review October 17, 2024 11:34
slawekjaranowski
slawekjaranowski requested changes Oct 23, 2024
View reviewed changes
Copy link
Member

@slawekjaranowski slawekjaranowski left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

First we need to change a release procedure, scripts before do it.
Now we need direct push to master during release.

@slawekjaranowski
Copy link
Member

We also should change a rule:

The Apache Maven project uses a Commit then Review policy ....

https://maven.apache.org/project-roles.html#committers

@elharo
Copy link
Contributor Author

elharo commented Oct 23, 2024

#569

@pzygielo
Copy link
Contributor

@slachiewicz slachiewicz self-requested a review October 24, 2024 18:30
slachiewicz
slachiewicz reviewed Oct 24, 2024
View reviewed changes
Copy link
Member

@slachiewicz slachiewicz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

-1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@slachiewicz slachiewicz slachiewicz approved these changes

@slawekjaranowski slawekjaranowski slawekjaranowski requested changes

@michael-o michael-o michael-o requested changes

@hboutemy hboutemy Awaiting requested review from hboutemy

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@elharo @slawekjaranowski @pzygielo @michael-o @slachiewicz