+1
> On 7 Dec 2020, at 18:28, Harry Metske <harry.met...@gmail.com> wrote: > > yes, agree on all of them > > cheers, > Harry > >> On Mon, 7 Dec 2020 at 15:32, Juan Pablo Santos Rodríguez < >> juanpablo.san...@gmail.com> wrote: >> >> Hi, >> >> right now there are 3 opened pull requests: >> >> #14: Update AbstractUserDatabase.java - this is more a request than a PR, >> so I'd be +1 on closing it without >> merging and redirecting the user to JIRA >> >> #15: Add dependabot config file (also contains a few javadocs fixes) - It >> would be a nice to have, but I'd like to >> request to add some exclusions (f.ex., servlet-api, jsp-api should not be >> upgraded, tomcat's updates should be >> ok within 9.x.x range but not for 10.x.x). Also, I've haven't used it so I >> don't know how dependabot behaves with >> versions not following semantic versioning. For instance, slf4j should stay >> on 1.7.30 and not be upgraded to >> latest 2.0.0-alpha1 >> >> #16: Refine class member fields - this is a big PR, as it affects 71 files. >> OTOH, changes on those files are small >> enough (mostly adding the final modifier throughout the code). I'd be more >> comfortable if we merge this after >> 2.11.0-M8. There are too many files affected by this PR, and I'd like to >> start the release vote tomorrow, so I think >> it's better if this kind of change is introduced with more time to see that >> there are no unintended side-effects.. >> >> sounds reasonable? >> >> >> best regards, >> juan pablo >>
