scala-steward icon indicating copy to clipboard operation
scala-steward copied to clipboard

Published 20 hours ago verified publisher icon scala-steward-org

Prevent all major upgrades unless explicitly allowed

Open nadavwr opened this issue 1 year ago • 1 comments

We are about to roll out Scala Steward to some 70 private repos. We have our own internal libraries (all having the same groupId) for which we want minors and patches to be upgraded. We of course also rely on many 3rd party libraries, for which we only want patch upgrades. possibly minors too, but never majors.

I start out with this:

pullRequests.grouping = [
  { name = internal, title = "internal minor upgrades", filter = [
    { group = internal, version = minor },
    { group = internal, version = patch }
  ] },
  { name = patches, title = "3rd party patches", filter = [ { version = patch } ] }
  { name = unsafe, title = "upgrades with no compatibility guarantees (unsafe)", filter = [ { version = major } ] }
]

So:

  • all internal patches+minors end up in an "internal minor upgrades" PR
  • all 3rd party patch upgrades end up in a "3rd party patches" PR
  • all major upgrades end up in the "unsafe" PR
  • 3rd party minor upgrade aren't covered by grouping rules, so each receives its own PR

My foremost concern is about the "unsafe" PR for major upgrades. Using the grouping rule I can put all major upgrades in one PR and limit noise, but realistically this PR will always fail CI and we would never consider merging it. It's just wasteful.

Note that #1163 isn't what I'm looking for -- I can't preemptively add ignore/allow/etc rules for any dependency added down the road in any of our repos.

Is there a way to prevent all major upgrades by Scala Steward? Any workaround? Maybe a pointer for adding this? (I'd love to contribute)

nadavwr avatar Feb 16 '23 11:02 nadavwr

Is there a way to prevent all major upgrades by Scala Steward? Any workaround?

Nothing I'm aware of.

Maybe a pointer for adding this?

Maybe we can tweak UpdatePattern so that is possible to have a configuration like updates.ignore = [ { version = major } ]. The elements of the updates.ignore list are UpdatePatterns and it currently requires a groupId and the version: VersionPattern field does not yet support major, minor, patch values.

fthomas avatar Feb 19 '23 09:02 fthomas