Getting rid of this is good for dormant components ONLY IMO.

It is definitely not a release time task for me. As an RM, I certainly
don't want to spend time doing this at release time. I want to update
dependencies as they become available to let them become part of the code
base where I can check and validate stability over time as I keep
developing and maintaining. I want to know as soon as possible if something
goes wrong, not at release time when *all i want to do* is release.

Gary



On Tue, Oct 3, 2023, 10:47 AM Emmanuel Bourg <ebo...@apache.org> wrote:

> Le 01/10/2023 à 14:09, sebb a écrit :
> > As the subject says: how does one stop dependabot and other analyses
> > from running on dormant components?
>
> +1
>
> And even on all components, updating the dependencies is a release time
> task. Updating 3 times the same Maven plugins between releases is a
> waste of time.
>
> Emmanuel Bourg
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
> For additional commands, e-mail: dev-h...@commons.apache.org
>
>

Reply via email to