Stop closing forks / PRs - instead look at refreshing fork #72
Comments
|
Note: we could clear out any PRs where DFIU no longer detects particular dependencies. That could potentially be its own command. ExampleWe see a PR that is updating |
|
It could clear out any PRs where it's currently running for a particular dependency. ExampleWe're updating |
|
I think @justinharringa and I are on the same page, but I am going to re-state the behavior I would want to be extra clear: |
|
Since I've kind of called out 2 different cases, it seems like when implementing the fix, we could decide to spawn new issues if it's too big to fit this in one story. But I'm ok with spawning a new issue as well. |
|
Perhaps a way to handle this would be to create a branch with the full image name (e.g. Duplicate PRs for the same image name with a different tag/digest could be considered something the repo owners could handle manually or could be resolved via another issue/feature here. |
|
@afalko @npwolf perhaps Dependabot has already done the heavy lifting and there is no longer a need for https://github.com/dependabot/dependabot-core/tree/master/docker |
As mentioned in #32 we probably should not be closing out existing PRs / forks because if there are multiple images that a repository depends on, it should receive at least one PR for all updates or a PR for each update.
The impetus for closing them was to handle situations where files had moved or there were potentially other conflicts. (See comment)
Could simply create new PRs based off of a new branch and leave around old ones or try and resolve conflicts within (which seems like a more difficult task).
The text was updated successfully, but these errors were encountered: