From 24b3ae9a17e8a1bab042d0d743a9673bc1dac1d6 Mon Sep 17 00:00:00 2001 From: Benjamin Wang Date: Wed, 24 May 2023 19:55:30 +0800 Subject: [PATCH] add the rotation worksheet into the dependency management document Signed-off-by: Benjamin Wang --- Documentation/contributor-guide/dependency_management.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Documentation/contributor-guide/dependency_management.md b/Documentation/contributor-guide/dependency_management.md index b7c7a7646..e8a864a2c 100644 --- a/Documentation/contributor-guide/dependency_management.md +++ b/Documentation/contributor-guide/dependency_management.md @@ -8,6 +8,7 @@ Dependency management - [Steps to bump a dependency](#steps-to-bump-a-dependency) - [Indirect dependencies](#indirect-dependencies) - [About gRPC](#about-grpc) + - [Rotation worksheet](#rotation-worksheet) - **[Stable branches](#stable-branches)** # Main branch @@ -83,6 +84,11 @@ The plan is to remove the dependency on some grpc-go's experimental API firstly, `go.opentelemetry.io/otel` version update is indirectly blocked due to this gRPC issue. Please get more details in [pull/15810](https://github.com/etcd-io/etcd/pull/15810). +## Rotation worksheet +The dependabot scheduling interval is weekly; it means dependabot will automatically raise a bunch of PRs per week. +Usually human intervention is required each time. We have a [rotation worksheet](https://docs.google.com/spreadsheets/d/1DDWzbcOx1p32MhyelaPZ_SfYtAD6xRsrtGRZ9QXPOyQ/edit#gid=0), +and everyone is welcome to participate; you just need to register your name in the worksheet. + # Stable branches Usually we don't proactively bump dependencies for stable releases unless there are any CVEs or bugs that affect etcd.