Add and sync DEPENDENCY_POLICY.md #20
Assignees
Comments
|
Update table (sync repos details) for Dependency Policy in issue #16 |
yada
added a commit
that referenced
this issue
Sep 23, 2024
Signed-off-by: Yacine Kheddache <yacine@microcks.io>
yada
added a commit
that referenced
this issue
Sep 23, 2024
Signed-off-by: Yacine Kheddache <yacine@microcks.io>
|
Sync and merged ✅ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Reason/Context
Describe Microcks External Dependency Policy
Needed for #16
Description
The DEPENDENCY_POLICY.md file in a CNCF (Cloud Native Computing Foundation) project outlines the guidelines and rules for managing dependencies within the project. Its primary purposes include:
Clarity on Dependency Management: It provides clear instructions on how dependencies should be added, updated, or removed, ensuring that all contributors follow a consistent approach.
Versioning Guidelines: It specifies which versions of dependencies are acceptable, helping maintain compatibility and stability across the project.
Security Practices: The document may include security considerations, such as how to handle vulnerable dependencies or the process for auditing them regularly.
Contribution Process: It may detail how contributors can propose changes to dependencies, including review processes or approval requirements.
Licensing Compliance: It helps ensure that all dependencies comply with the project's licensing requirements, avoiding legal issues down the line.
Overall, the DEPENDENCY_POLICY.md fosters a robust and secure dependency management strategy, contributing to the overall health and sustainability of the project.
Implementation ideas
Ref: https://github.com/microcks/microcks-testcontainers-go/blob/main/DEPENDENCY_POLICY.md
The text was updated successfully, but these errors were encountered: