Hi, I love pronto but I don't want the extra deps. Because:
- It requires us to keep the dependent gems to be updated.
- Increases the attack vector
- and lowers the chance of this gem being approved by our security scrutiny check.
- Lowers the overal performance
Is it maybe an idea to split things out? We can choose a migration path like this:
We make a pronto-core that includes nothing. only the local runner. This is for people that just want pronto without the gitlab/github integration.
We can then make 2 gems one for gitlab, one for GitHub. And we add then as deps to pronto gem.
It would look like this in the end:
- pronto-core
- pronto-github
- pronto-gitlab
- pronto (basically an empty shim that bundles the top ones above)
Is this maybe a path forwards? Thanks a lot! <3
Hi, I love pronto but I don't want the extra deps. Because:
Is it maybe an idea to split things out? We can choose a migration path like this:
We make a
pronto-corethat includes nothing. only the local runner. This is for people that just want pronto without the gitlab/github integration.We can then make 2 gems one for gitlab, one for GitHub. And we add then as deps to pronto gem.
It would look like this in the end:
Is this maybe a path forwards? Thanks a lot! <3