Somehow I replied on the wrong thread. I was OK with requiring PRs that I could self approve. I was not OK with requiring every PR require multiple approvals.
Ralph > On Apr 15, 2022, at 3:24 PM, Volkan Yazıcı <[email protected]> wrote: > > I couldn't introduce branch protection (aka. RTC review-then-commit) since > Gary was strongly against it. It was just me, Matt, and Carter supporting > the idea; Ralph was also sort of against it. You can search the archives > for details. > > I couldn't even introduce commit signatures. Sigh... > > On Fri, Apr 15, 2022 at 5:34 AM Remko Popma <[email protected]> wrote: > >> I remember we discussed changing our development process to use PRs instead >> of committing directly to the release branches. >> This was part of trying to increase our security score, especially the >> Branch Protection part >> in scorecard (https://github.com/ossf/scorecard/blob/main/docs/checks.md). >> >> Questions: >> * how many approvals did we agree on before a PR can be merged? >> * if a PR is merged into release-2.x, can it be cherry-picked onto 3.0 >> directly, or does the change to the 3.0 branch need a separate PR? >> * what to do with the updates to changes.xml? Does that need to be included >> in the PRs? >>
