PR #2449 was merged and there are now zero Dependabot alerts against
master.
+1 for freezing from me.
On 2022/02/02 16:36, Charles Givre wrote:
Assuming we pass dependabot, big +1 from me!! Great work everyone!
--C
On Feb 2, 2022, at 9:35 AM, James Turton <[email protected]> wrote:
Please vote again on the assumption that the very minor Postgresql 42.3.1 ->
42.3.2 PR will be merged, clearing the last Dependabot alert. It passed local
testing so it looks like a safe bet.
On 2022/01/30 01:51, Charles Givre wrote:
Hey James,
Alas... I'm afraid I'd have to give a -1 on this. There are some dependabot
alerts at the moment, which we really should resolve (or at least look at)
before cutting a release. One of which has is linked to a severe CVE. Also, I
just submitted a VERY minor bug fix which I'd love to squeak into this release,
but that's not urgent.
Best,
--C
On Jan 29, 2022, at 7:36 AM, James Turton <[email protected]> wrote:
Hello Dev community
Not a moment too soon, we've finally dispatched the last issues holding back 1.20!
Here's a big thank you from the release manager to everyone who helped to push us forward
to this point. I'm sure I'm not the only one receiving the "When it's
coming??" questions. As an interesting bit of trivia, there have been about 9 months
separating recent releases and it has now been about 8 months since 1.19. Who knew we
were so consistent ;-) ?
Please vote for or against a feature freeze on the master branch. I assume
only critical bug or vulnerability fixes get freeze immunity?
Thank you
James
