You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Major version updates of the dependencies can have unintended consequences that are time-consuming to reverse and/or fix-forward.
Some recent examples are scala-xml 2.x and slf4j 2.x, both affecting sbt 1.x plugin/build ecosystem. See for example coursier/sbt-coursier#422
In theory, all automatic PRs should be carefully reviewed. But I think people hit merge, trusting that Scala Steward is making the right call.
I wonder if we could add a warning emoji (⚠️) and a note in the PR calling for the attention of the reviewer that they might be cause a downstream "dependency hell"/diamond problem if they hit the merge button.
The text was updated successfully, but these errors were encountered:
Major version updates of the dependencies can have unintended consequences that are time-consuming to reverse and/or fix-forward.
Some recent examples are scala-xml 2.x and slf4j 2.x, both affecting sbt 1.x plugin/build ecosystem. See for example coursier/sbt-coursier#422
In theory, all automatic PRs should be carefully reviewed. But I think people hit merge, trusting that Scala Steward is making the right call.
I wonder if we could add a warning emoji (⚠️ ) and a note in the PR calling for the attention of the reviewer that they might be cause a downstream "dependency hell"/diamond problem if they hit the merge button.
The text was updated successfully, but these errors were encountered: