Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

go.mod: Replace carolynvs/magex with uwu-tools/magex v0.10.0 #3270

Merged
merged 2 commits into from
Dec 3, 2024
Merged

go.mod: Replace carolynvs/magex with uwu-tools/magex v0.10.0 #3270

merged 2 commits into from
Dec 3, 2024

Conversation

justaugustus
Copy link
Contributor

What does this change

  • go.mod: Replace carolynvs/magex with uwu-tools/magex v0.10.0

What issue does it fix

Original repo will no longer receive updates.
While the package does not require frequent updates, I'd like to ensure that dependents have an import that will receive periodic & security updates.

Notes for the reviewer

This change was discussed with @schristoff, who is now also a co-maintainer of the project.

uwu-tools/magex has existing CNCF dependents, including Kubernetes Release Engineering and Project Stacker: https://github.com/uwu-tools/magex/network/dependents

Checklist

  • (N/A) Did you write tests?
  • (N/A) Did you write documentation?
  • (N/A) Did you change porter.yaml or a storage document record? Update the corresponding schema file.
  • If this is your first pull request, please add your name to the bottom of our Contributors list. Thank you for making Porter better! 🙇‍♀️

@justaugustus
go.mod: Replace carolynvs/magex with uwu-tools/magex v0.10.0
be2f37d 
Signed-off-by: Stephen Augustus <foo@auggie.dev>
@justaugustus
CONTRIBUTORS: Add Stephen Augustus
2fbec2b 
Signed-off-by: Stephen Augustus <foo@auggie.dev>
@justaugustus justaugustus mentioned this pull request Dec 3, 2024
Merged
@justaugustus
Copy link
Contributor Author

I noticed get.porter.sh/magefiles would also need this change, so I've opened a PR here: getporter/magefiles#45

@troy0820
Copy link
Member

troy0820 commented Dec 3, 2024

Thanks @justaugustus for doing this. Looking over the PR now.

@troy0820
Copy link
Member

troy0820 commented Dec 3, 2024

This looks good to me. Not sure how you want to do this @schristoff but we can merge this and then the other or the other promote to v0.10.0 and then import that to get rid of the indirect dep.

troy0820
troy0820 approved these changes Dec 3, 2024
View reviewed changes
go.mod Show resolved Hide resolved
justaugustus
justaugustus commented Dec 3, 2024
View reviewed changes
go.mod Show resolved Hide resolved
@justaugustus
Copy link
Contributor Author

...but we can merge this and then the other or the other promote to v0.10.0 and then import that to get rid of the indirect dep

@troy0820 — Minor aside that getporter/magefiles does not have Dependabot configured (unlike this repo; unsure if that's intentional), so any future updates on the upstream will require manual intervention (which could cause the magex versions to diverge).

@troy0820
Copy link
Member

troy0820 commented Dec 3, 2024

@troy0820 — Minor aside that getporter/magefiles does not have Dependabot configured (unlike this repo; unsure if that's intentional), so any future updates on the upstream will require manual intervention (which could cause the magex versions to diverge).

Yeah, not sure if we want to but it will be good to enforce that there so we can deal with CVEs updates where necessary and uplift that here. We can put an issue there for this. I can merge this PR.

Thanks @justaugustus

@troy0820 troy0820 merged commit dcd45df into getporter:main Dec 3, 2024
40 checks passed
@justaugustus justaugustus deleted the magex branch December 3, 2024 15:18
@justaugustus
Copy link
Contributor Author

Happy to help, Troy!

@justaugustus justaugustus mentioned this pull request Dec 4, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@troy0820 troy0820 troy0820 approved these changes

@schristoff schristoff Awaiting requested review from schristoff schristoff is a code owner

@sgettys sgettys Awaiting requested review from sgettys sgettys is a code owner

@bdegeeter bdegeeter Awaiting requested review from bdegeeter bdegeeter is a code owner

@kichristensen kichristensen Awaiting requested review from kichristensen kichristensen is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@justaugustus @troy0820