MonkeyCanCode commented on code in PR #3410: URL: https://github.com/apache/polaris/pull/3410#discussion_r2680665852
########## .gitignore: ########## @@ -20,12 +20,10 @@ regtests/derby.log regtests/metastore_db regtests/output/ -# This file, if checked in after running for example regtests, contains unmanaged dependencies that eventually -# cause unnecessary "security alerts" like https://github.com/apache/polaris/pull/718. Review Comment: > [Question] Should we keep this comment since it explains why we exclude `*.lock" file from git? To be honest, I also wondered for a while why poetry.lock was excluded intially. That is a very good call out. So earlier we have poetry.lock excluded due to project dependencies updated but not updated for the lock file. But it does appears renovate bot can handle that as well (https://docs.renovatebot.com/modules/manager/pep621/#additional-information). Let me add this line back in as well as the uv.lock file. But I am not sure if uv.lock will actually get update when it is in .gitignore file. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
