Re: Dependabot emails are filling my mailbox

2022-09-24 Thread Matt Sicker 
What filters did you set up? That might be a sufficient fix.

—
Matt Sicker

> On Sep 25, 2022, at 00:05, Ralph Goers  wrote:
> 
> Dependabot really doesn’t need to generate ANY emails. Every time it commits 
> something to Github, including creating PRs, we already will get an email for 
> that. 
> So the dependabot emails are just annoying noise. That is why I configured my 
> email server to discard them all last week. 
> 
> Now, instead of getting hundreds of emails seemingly every day from Commons, 
> Maven and Logging I am down to a manageable number. And the ones I now get 
> are because a human did something that warrants human attention.
> 
> Ralph
> 
>> On Sep 23, 2022, at 5:05 PM, Gary Gregory  wrote:
>> 
>> Have you ever heard the expression "Don't shoot the messenger"? ;-)
>> 
>> Dependabot is a great tool IMO.
>> 
>> I think someone had proposed a different email address for bot emails that
>> that obviously did not happen. Then there is classic "inbox rules" reply.
>> Whomever wants to drive this can go ahead...
>> 
>> Gary
>> 
>>> On Fri, Sep 23, 2022, 19:47 Matt Sicker  wrote:
>>> 
>>> After secretary emails, emails related to Dependabot are the next most
>>> common message in my mailbox. I’ve already had to clear out several gigs of
>>> emails, and these Dependabot rebases and relentless updates are making it
>>> impossible to follow anything on the mailing lists anymore.
>>> 
>>> Proposal: all Dependabot messages should be batched into a digest email or
>>> similar. I don’t need multiple notifications per PR, and I don’t need
>>> dozens of Jira issues commented on for no good reason. Alternative: disable
>>> Dependabot as a failed experiment.
>>> 
>>> —
>>> Matt Sicker
>

Re: Dependabot emails are filling my mailbox

2022-09-24 Thread Ralph Goers 
Dependabot really doesn’t need to generate ANY emails. Every time it commits 
something to Github, including creating PRs, we already will get an email for 
that. 
So the dependabot emails are just annoying noise. That is why I configured my 
email server to discard them all last week. 

Now, instead of getting hundreds of emails seemingly every day from Commons, 
Maven and Logging I am down to a manageable number. And the ones I now get 
are because a human did something that warrants human attention.

Ralph

> On Sep 23, 2022, at 5:05 PM, Gary Gregory  wrote:
> 
> Have you ever heard the expression "Don't shoot the messenger"? ;-)
> 
> Dependabot is a great tool IMO.
> 
> I think someone had proposed a different email address for bot emails that
> that obviously did not happen. Then there is classic "inbox rules" reply.
> Whomever wants to drive this can go ahead...
> 
> Gary
> 
> On Fri, Sep 23, 2022, 19:47 Matt Sicker  wrote:
> 
>> After secretary emails, emails related to Dependabot are the next most
>> common message in my mailbox. I’ve already had to clear out several gigs of
>> emails, and these Dependabot rebases and relentless updates are making it
>> impossible to follow anything on the mailing lists anymore.
>> 
>> Proposal: all Dependabot messages should be batched into a digest email or
>> similar. I don’t need multiple notifications per PR, and I don’t need
>> dozens of Jira issues commented on for no good reason. Alternative: disable
>> Dependabot as a failed experiment.
>> 
>> —
>> Matt Sicker

Re: Dependabot emails are filling my mailbox

2022-09-24 Thread Matt Sicker 
On a normal GitHub project, you’d only be notified once. Instead, we’re getting 
personal emails, list emails, Jira emails (to both personal emails and list 
emails), needless rebasing on a branch (!!), and pinging every single Jira 
issue in the rebased history. It’s spamming over ten emails where one is 
sufficient.

—
Matt Sicker

> On Sep 24, 2022, at 01:23, Gary Gregory  wrote:
> 
> Maybe this discussion should take place in a Dependabot ticket? We can't
> change it here ;-)
> 
> Gary
> 
>> On Fri, Sep 23, 2022, 22:39 Matt Sicker  wrote:
>> 
>> The messenger only needs one email per update. I’m getting several for
>> each one. I can’t even tell if humans are contributing anything anymore.
>> 
>> —
>> Matt Sicker
>> 
 On Sep 23, 2022, at 17:06, Gary Gregory  wrote:
>>> 
>>> Have you ever heard the expression "Don't shoot the messenger"? ;-)
>>> 
>>> Dependabot is a great tool IMO.
>>> 
>>> I think someone had proposed a different email address for bot emails
>> that
>>> that obviously did not happen. Then there is classic "inbox rules" reply.
>>> Whomever wants to drive this can go ahead...
>>> 
>>> Gary
>>> 
 On Fri, Sep 23, 2022, 19:47 Matt Sicker  wrote:
 
 After secretary emails, emails related to Dependabot are the next most
 common message in my mailbox. I’ve already had to clear out several
>> gigs of
 emails, and these Dependabot rebases and relentless updates are making
>> it
 impossible to follow anything on the mailing lists anymore.
 
 Proposal: all Dependabot messages should be batched into a digest email
>> or
 similar. I don’t need multiple notifications per PR, and I don’t need
 dozens of Jira issues commented on for no good reason. Alternative:
>> disable
 Dependabot as a failed experiment.
 
 —
 Matt Sicker
>>

Re: [log4cxx] JIRA Updates and next release?

2022-09-24 Thread Tobias Frost 
On Sat, Sep 24, 2022 at 09:56:50AM -0400, Robert Middleton wrote:
> Because of the above, I'm inclined to do an 0.13.1 release before the
> end of the year and wait a bit on the next major version before we're
> comfortable with it.  Does anybody have any thoughts?

Just a datapoint: Debian 11 ("bookworm") will got to the first stage of freeze
[1] on January 12th, 2023. I guess 0.13.1 will be ABI compatible, so a release
end of this year should work. (As such changes would be allowed until February
12th, aka Soft-Freeze.)
If SONAME needs to be bumped, it could get though to get it into bookworm, as
then the January 12th deadline becomes effective for log4cxx.

[1] https://release.debian.org/bookworm/freeze_policy.html

Cheers,
--
tobi



signature.asc
Description: PGP signature

[log4cxx] JIRA Updates and next release?

2022-09-24 Thread Robert Middleton 
Thanks to Steven Webb's efforts, a number of long-standing JIRA issues
have now been fixed - thank you very much!  I've gone through JIRA and
marked those issues as resolved at this point.  This means that there
are only ~9 issues left in JIRA(LOGCXX-532 can probably be closed at
this point - I'm fairly certain this is invoking undefined behavior
that we just can't fix while still keeping the same features).

The remaining issues shouldn't involve heavy refactoring at all.  This
brings up the question as to what/when should the next release be?  We
can do an 0.13.1 to fix a handful of issues in master that have been
reported, or we could do the next release as a major release(I've been
calling it 1.0.0).

I think there's still work that needs to be done before we do a 1.0.0,
including(but not limited to):
* Making sure the API is clear and stable
* Making sure the ABI is stable(this should be accomplished at this
point, but I want to add some reserved fields to LocationInfo incase
we ever need to expand it
* Any other performance improvements that we can make.  If we can
automate some of these performance tests, that would be great as well.
* Having better error reporting - many exceptions that are thrown are
basically swallowed and just print out to stderr at the moment.  Come
to think of it, do we even want exceptions?  It seems like a bad idea
for the logging framework to throw exceptions

Because of the above, I'm inclined to do an 0.13.1 release before the
end of the year and wait a bit on the next major version before we're
comfortable with it.  Does anybody have any thoughts?

-Robert Middleton

Re: Dependabot emails are filling my mailbox

2022-09-24 Thread Gary Gregory 
Maybe this discussion should take place in a Dependabot ticket? We can't
change it here ;-)

Gary

On Fri, Sep 23, 2022, 22:39 Matt Sicker  wrote:

> The messenger only needs one email per update. I’m getting several for
> each one. I can’t even tell if humans are contributing anything anymore.
>
> —
> Matt Sicker
>
> > On Sep 23, 2022, at 17:06, Gary Gregory  wrote:
> >
> > Have you ever heard the expression "Don't shoot the messenger"? ;-)
> >
> > Dependabot is a great tool IMO.
> >
> > I think someone had proposed a different email address for bot emails
> that
> > that obviously did not happen. Then there is classic "inbox rules" reply.
> > Whomever wants to drive this can go ahead...
> >
> > Gary
> >
> >> On Fri, Sep 23, 2022, 19:47 Matt Sicker  wrote:
> >>
> >> After secretary emails, emails related to Dependabot are the next most
> >> common message in my mailbox. I’ve already had to clear out several
> gigs of
> >> emails, and these Dependabot rebases and relentless updates are making
> it
> >> impossible to follow anything on the mailing lists anymore.
> >>
> >> Proposal: all Dependabot messages should be batched into a digest email
> or
> >> similar. I don’t need multiple notifications per PR, and I don’t need
> >> dozens of Jira issues commented on for no good reason. Alternative:
> disable
> >> Dependabot as a failed experiment.
> >>
> >> —
> >> Matt Sicker
>