I agree. It would be more useful if there was a report that people could consult when preparing to release a new version.
If someone is working on a component, then they may wish to update dependencies as part of that, but these mass updates distract from the day-to-day changes. What is the use case for updating dependencies between releases? AFAICT the reports don't take into account Java version dependencies, nor do they distinguish which updates are necessary for security reasons. But even if they did, I don't think there is a strong use case for updating software between releases. Sebb. On Mon, 14 Sep 2020 at 08:01, Jochen Wiedmann <jochen.wiedm...@gmail.com> wrote: > > For the record: Mails from dependabot are now being deleted > automatically from my inbox. > > I consider this to be a failed experiment, and would like us to terminate it. > > Jochen > > > > -- > > Look, that's why there's rules, understand? So that you think before > you break 'em. > > -- (Terry Pratchett, Thief of Time) > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
