chore: update contributing guide to match librarian#7924
chore: update contributing guide to match librarian#7924GautamSharda wants to merge 1 commit intomainfrom
Conversation
| - If a review has stalled or the context has shifted, leave a comment to | ||
| clarify expectations, or close the PR. Keeping the dashboard clean is encouraged. | ||
|
|
||
| ### Addressing Urgent Issues |
There was a problem hiding this comment.
@pearigee this isn't currently what we do, but just wanted to check with you this will be the new way we do things. if so we should update the rotation instructions for triaging.
There was a problem hiding this comment.
Yes, I think we want to move in this direction. We are a very small team and don't have a ton of PR review bandwidth. Keeping the dashboard clean by more aggressively clarifying expectations or closing PRs is one way we can stay above water.
There was a problem hiding this comment.
oh sorry, I meant more about how we triage issues (critical etc)
|
|
||
| ### Handling Dependency Updates | ||
|
|
||
| We only update dependencies for security vulnerabilities, bug fixes, or to add |
There was a problem hiding this comment.
@pearigee this also isn't the case but wanted to check if this is the new way of doing things.
There was a problem hiding this comment.
How do we handle this currently?
I think the intention here is just to limit contributions with random version bumps. Every time we bump a dependency it creates an opportunity for regression and could create more operational burden for the team.
That's not to say we (the owners of this code) cannot update versions as needed, just that we have a policy ground to deny version bump PRs without suitable justification.
Apologies if I am misunderstanding the comment.
There was a problem hiding this comment.
Oh I just meant, we don't really use dependabot or npm audit, instead we use renovate-bot and then manually update some dependencies if we're upgrading node version or something
| We categorize issues into two primary levels of urgency: | ||
|
|
||
| - **critical 🚨**: requires immediate fix, even outside business hours |
There was a problem hiding this comment.
Right now, we have a business hours rotation. There isn't someone checking for critical issues on weekends.
@julieqiu @GautamSharda is labeling something as "critical" at our discretion? Do other teams have a method of escalation other than filing an issue (for business hours review by a rotation member)?
3 participants
Thank you for opening a Pull Request! Before submitting your PR, there are a few things you can do to make sure it goes smoothly:
Source: https://github.com/googleapis/librarian/blob/main/CONTRIBUTING.md
Fixes b/488395387