Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make new v2.2.2 release of devfile/library #1477

Closed
2 tasks done
Tracked by #1476 ...
michael-valdron opened this issue Mar 12, 2024 · 9 comments · Fixed by devfile/library#209
Closed
2 tasks done
Tracked by #1476 ...

Make new v2.2.2 release of devfile/library #1477

michael-valdron opened this issue Mar 12, 2024 · 9 comments · Fixed by devfile/library#209
Assignees
Labels
area/library Common devfile library for interacting with devfiles area/releng Release engineering kind/task

Comments

@michael-valdron
Copy link
Member

michael-valdron commented Mar 12, 2024

Which area/kind this issue is related to?

/kind task

/area library
/area releng

Issue Description

A few steps to be done before a new v2.2.2 release of devfile/library can be made.

Acceptance Criteria

  • Create new release on GitHub
  • Make announcement about new version
@michael-valdron michael-valdron added area/library Common devfile library for interacting with devfiles area/releng Release engineering kind/task labels Mar 12, 2024
@michael-valdron
Copy link
Member Author

#1454 should be completed before v2.2.2 is released.

@Jdubrick
Copy link
Contributor

@michael-valdron is this still blocked? Also, since the vulnerability fix went into registry-support we probably need to update the commit being used in library so that it can be apart of this release. wdyt?

@michael-valdron
Copy link
Member Author

@Jdubrick

is this still blocked?

No, this should be unblocked now.

Also, since the vulnerability fix went into registry-support we probably need to update the commit being used in library so that it can be apart of this release. wdyt?

Yeah the devfile/library dependencies should be updated to use the release after v2.2.2 is cut 👍

@Jdubrick
Copy link
Contributor

@Jdubrick

is this still blocked?

No, this should be unblocked now.

Also, since the vulnerability fix went into registry-support we probably need to update the commit being used in library so that it can be apart of this release. wdyt?

Yeah the devfile/library dependencies should be updated to use the release after v2.2.2 is cut 👍

@michael-valdron since in library it uses the registry-library portion of registry-support, should we not include the update to the dependencies on the library side before v2.2.2 is cut so that release contains the vulnerability fix upstream?
https://github.com/search?q=repo%3Adevfile%2Flibrary%20registry-support&type=code

@michael-valdron
Copy link
Member Author

@Jdubrick

is this still blocked?

No, this should be unblocked now.

Also, since the vulnerability fix went into registry-support we probably need to update the commit being used in library so that it can be apart of this release. wdyt?

Yeah the devfile/library dependencies should be updated to use the release after v2.2.2 is cut 👍

@michael-valdron since in library it uses the registry-library portion of registry-support, should we not include the update to the dependencies on the library side before v2.2.2 is cut so that release contains the vulnerability fix upstream? https://github.com/search?q=repo%3Adevfile%2Flibrary%20registry-support&type=code

I believe it was already done by me last sprint under a dependabot PR devfile/library#204.

Unless there were other vulnerabilities raised and addressed since then.

@Jdubrick
Copy link
Contributor

@Jdubrick

is this still blocked?

No, this should be unblocked now.

Also, since the vulnerability fix went into registry-support we probably need to update the commit being used in library so that it can be apart of this release. wdyt?

Yeah the devfile/library dependencies should be updated to use the release after v2.2.2 is cut 👍

@michael-valdron since in library it uses the registry-library portion of registry-support, should we not include the update to the dependencies on the library side before v2.2.2 is cut so that release contains the vulnerability fix upstream? https://github.com/search?q=repo%3Adevfile%2Flibrary%20registry-support&type=code

I believe it was already done by me last sprint under a dependabot PR devfile/library#204.

Unless there were other vulnerabilities raised and addressed since then.

No you're right I didn't properly check the commit hash to make sure it was one that contained the fix! I just wanted to make sure to take care of a ping I got regarding the library needing the registry-support changes for the vulnerability fix in next release.

@Jdubrick
Copy link
Contributor

Jdubrick commented Apr 2, 2024

All work is completed on this other than the merge from main to v2.2.x release branch as PR checks are failing due to a token error. Going to move this issue into new sprint anyway to track it. Also assigned story points as all work is completed.

@Jdubrick
Copy link
Contributor

Jdubrick commented Apr 2, 2024

Release branch PR: devfile/library#210

@Jdubrick
Copy link
Contributor

Jdubrick commented Apr 2, 2024

Currently blocked by: #1495

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/library Common devfile library for interacting with devfiles area/releng Release engineering kind/task
Projects
Status: Done ✅
Development

Successfully merging a pull request may close this issue.

2 participants