[RESEND. PATCH 1/5] drm/ci: Upgrade requirements because of bothering by GitHub Dependabot
WangYuli
wangyuli at uniontech.com
Thu Oct 31 05:42:16 UTC 2024
On 2024/10/29 18:47, Vignesh Raman wrote:
> Hi Helen,
>
> On 29/10/24 16:07, Helen Mae Koike Fornazier wrote:
>>
>>
>>
>>
>> ---- On Thu, 17 Oct 2024 00:39:48 -0300 WangYuli wrote ---
>>
>> > GitHub Dependabot keeps bugging us about old, vulnerable Python
>> packages.
>> >
>> > Until we figure out a way to make it calm, we're stuck updating our
>> > dependencies whenever it complains.
>> >
>> > I guess it's a good thing in the long run, though, right?
>> > Makes our CI a bit "more secure"...
>> >
>> > Signed-off-by: WangYuli wangyuli at uniontech.com>
>> > --
>> > 2.45.2
>> >
>> >
>>
>>
>> Hi WangYuli,
>>
>> Thanks for this.
>>
>> tbh, I'm tempted in removing the python script that is in the repo,
>> and keep it out-of-tree somewhere, since it is a tool that is only
>> triggered manually in local environment.
>>
>> I also want to hear Vignesh's thoughts about it.
>
> We can remove xfails/update-xfails.py script since we do not use this
> in CI jobs. Once ci-collate [1] is ready and tested for drm-ci, we
> could use this tool directly.
>
> [1] https://gitlab.freedesktop.org/gfx-ci/ci-collate/
>
> Regards,
> Vignesh
>
Cool!
Cheers,
--
WangYuli
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xC5DA1F3046F40BEE.asc
Type: application/pgp-keys
Size: 632 bytes
Desc: OpenPGP public key
URL: <https://lists.freedesktop.org/archives/dri-devel/attachments/20241031/d65100e9/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://lists.freedesktop.org/archives/dri-devel/attachments/20241031/d65100e9/attachment.sig>
More information about the dri-devel
mailing list