Use different branches for security patches #483
Labels
No Label
abra
abra-gandi
awaiting-feedback
backups
bug
build
ci/cd
community organising
contributing
coopcloud.tech
democracy
design
documentation
duplicate
enhancement
finance
funding
good first issue
help wanted
installer
kadabra
performance
proposal
question
recipes.coopcloud.tech
security
test
wontfix
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: coop-cloud/organising#483
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
I ask myself how to handle this situation:
An app recipe received a major update (i.e.
2.0.3->3.0.0
) with breaking changes. After the recipe is updated the software releases critical security patches for both the previous (2.0.4
) and the current release (3.0.1
).Performing a major update with breaking changes is nothing I just do by the way. I like to test major updates for a while before rolling them out on the production systems. For critical security patches you don't have the time, to wait for the right moment and to test it for a while.
Further the autoupdater
kadabra
should not perform major updates in the background.Therefore I had the idea to release minor updates / security patches on a different branch. I think for abra this should not be a problem, as abra just reads the tags and checks out for it. But I'm not sure in what kind of new problems we'll run if we have recipe versions on different branches.
Interesting, yeh! I think that's mostly an issue for recipe maintainers, if you want to work on separate branches, then go for it? I guess it would be a nice workflow but since most recipe maintenance is done very ad-hoc, this wouldn't be new 😆 No major issues come to mind...