Management of dependencies edge cases

[fgibertoni]

We have some dependencies that do not follow a strict versioning scheme or have some special usage. More about them can be found in @mlodic's #2736 mostly in code comments of edited files.

Another approach would be to create some GitHub workflows that are triggered by commits or releases on mentioned repositories. These workflow can then open PRs just like dependabot.

Let us know if any ideas come up and we can discuss them in this issue 😄

[ashknl]

The workflow idea sounds neat! Tho one problem would be how to figure out version bumps for repos that don't make new releases.

[fgibertoni]

You're right.
My idea could be implemented as a polling (once a week like dependabot maybe ?) to the external repository to check for new pushes to main branch. What do you think about that ?

[ashknl]

Polling once a week seems good. We might have to also consider the fact that not all pushes will be code changes.

[fgibertoni]

Would you like to try implementing the approach we discussed ? 😄

[ashknl]

I would love to! I am new to the intelowl project tho, so it might take me a while to learn the codebase and the contribution workflow.

[fgibertoni]

That's not a problem at all! I can assign this issue to you and we have no time limits. We only ask for ping once every two weeks to be sure that the issue is not being abandoned by the assignee.
Also, you can open a draft PR and ask for help if something is missing from the doc or you're having some trouble.
Lmk if you're up for this 😉

[ashknl]

I am up for it then!
Fwiw, a github workflow that runs on a commit/code push to main (or a release for the repos that do make one) is the expected PR for this, right?

[fgibertoni]

Yeah it should be good in my opinion. I think you'll have to go through each repository to see how they release code and adapt the workflow for the requirement.
I'll assign this to you! Let us know if you're in doubt 😄

[github-actions]

This issue has been marked as stale because it has had no activity for 10 days. If you are still working on this, please provide some updates.