Reduce the effort of a core security release

Created on 2 December 2022, over 2 years ago

Updated 1 April 2025, 6 days ago

Core security releases take a lot of effort.

It would be nice if they took less effort or if that effort could be spread more across different people.

The automated testing and prepping of the branch can take some time.

private parallel core repo on gitlab, with gitlab testing enabled if we can do that without exposing commits or test results publicly
between a patch release and a core release, we open a release branch (or 2/3/4 release branches)
Security issues in merge requests against those branches with testing, merge when one is ready, branch also gets tested.
is it OK to push a tag and not a branch to a different repo? If so we could push only the tags to the public core repo when we want to publish the release nodes.

Theoretically this would mean commits to the public core repo would no longer conflict at all. We'd need to merge the commits back into the minor branches and things can go wrong there, but that already happens after release sometimes.

📌 Task

Status

Closed: outdated

Version

1.0

Component

Code

Created by

🇺🇸United States greggles Denver, Colorado, USA

Live updates comments and jobs are added and updated live.

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment 6 days ago →
🇺🇸United States greggles Denver, Colorado, USA
I think many of these things are fixed with the current prototype gitlab workflow.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024