Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Require review by listed maintainers #19

Open
cjw85 opened this issue Sep 28, 2022 · 2 comments
Open

Require review by listed maintainers #19

cjw85 opened this issue Sep 28, 2022 · 2 comments

Comments

@cjw85
Copy link

cjw85 commented Sep 28, 2022

(Please move this to another project if desired).

Currently PRs to recipes can be approved by any member. A particular stumbling point with this is when the bot picks up a change to a pypi repo and makes an automatic PR and blindly performs a review and approves the PR with no knowledge of the package. As examples a new package may require requirements updating, or a change to a build script in order for the resultant pacakge to work correctly, as the build process does not run complete testing more simply "if it compiles it works".

IIRC conda-forge has the mechanism that only maintainers listed in the meta.yaml can approve a PR.

@dpryan79
Copy link
Contributor

dpryan79 commented Sep 28, 2022

Conda-forge has the luxury of allowing per-package maintainers because they have per-package repositories (this has its own set of issues). There's no real mechanism on github to enforce this except keeping a massive "owners" file. That would theoretically be possible, but would be a rather large effort. Perhaps a good compromise would be for the bot to automatically ping the listed maintainers, so they're promptly notified of the updated PR.

@cjw85
Copy link
Author

cjw85 commented Oct 15, 2022

I would think it isn't too difficult to, for example, make a CI test that fails until the point at which a maintainer listed in the meta file has approved the PR.

The problem you have currently is that there's a handful of users, possibly well intentioned but also I suspect in some part just trying to gain kudos, approving PRs for software for which they have absolutely no knowledge. This undermines the review process and you may as well simply have the bot auto merging the PRs it's making.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants