Hi @timotheeguerin ,
There's a vulnerability in release branch that blocks CI.
I saw that it was fixed in microsoft/typespec:
#8745
Though it's not back-merged into release branch.
Should we sync this kind of critical fixes into release branch's core as well? And how should we handle this?
A few thoughts in mind after offline discussion with @tadelesh :
We could pull out a branch from latest stable release of microsoft/typespec, cherry-pick the critical fix, and apply it into typespec-azure's release branch. When back-merging release branch, manually handle the potential merge conflict.
/cc @weidongxu-microsoft @msyyc
Hi @timotheeguerin ,
There's a vulnerability in release branch that blocks CI.
I saw that it was fixed in microsoft/typespec:
#8745
Though it's not back-merged into release branch.
Should we sync this kind of critical fixes into release branch's core as well? And how should we handle this?
A few thoughts in mind after offline discussion with @tadelesh :
We could pull out a branch from latest stable release of microsoft/typespec, cherry-pick the critical fix, and apply it into typespec-azure's release branch. When back-merging release branch, manually handle the potential merge conflict.
/cc @weidongxu-microsoft @msyyc