Open
Description
When listing the dependency bumps in our changelogs, we should sanitize them to only output the latest semver bump for a specific repo/dependency.
For example, in Gloo OSS release v1.15.0-beta5 there are two dependency bumps listed for solo-io/envoy-gloo although the important bump for readers of changelog is the latest bump of those two.
Rough logic for this would be updating the renderDependencyBumps function to be something like:
func renderDependencyBumps(changelog * Changelog) string {
// A map to keep track of dependency -> (max) version bump
var maxDependencyMap map[string] string
for _, file: = range changelog.Files {
for _, entry: = range file.Entries {
if entry.Type == DEPENDENCY_BUMP {
dependency: = entry.DependencyOwner + "/" + entry.DependencyRepo
if val,
ok: = maxDependencyMap[dependency];ok {
// if the current dependency tag is greater than the one stored, update it (unsure if i'm using the comparison correctly)
if semver.Compare(entry.DependencyTag, val) > 0 {
maxDependencyMap[dependency] = entry.DependencyTag
}
} else {
maxDependencyMap[dependency] = entry.DependencyTag
}
}
}
}
output: = ""
// using the map which only stored the max bumps per-repo/dependency, set-up the output
for dependency, tag: = range maxDependencyMap {
output = output + "- " + dependency + " has been upgraded to " + tag + ".\n"
}
return output
}
Definition of Done to be discussed but at the very least
- Updating changelog util logic to only output the max dependency upgrades
- Updating our changelog test(s) to ensure this works as expected
- Note: There may be issues with the ordering of dependencies and comparing what we expect. We may need to sort dependencies outputted.
[Maybe] bumping this in solo repos- Following the DoD for other solo repositories which don't require releasing, as long as code has merged and has suitable testing/approval.