dep: Fix verify_and_print_latest_release logic #19111
Conversation
kfaseela
force-pushed
the
dependency-detection-logic
branch
2 times, most recently
from
f0d6d5c
to
1b2db21
Compare
There was a problem hiding this comment.
thanks for this @kfaseela
ive left a comment about just using the get_releases and iterating in all cases. I think it would be more reliable, but it would probably also have a performance cost
i have stepped through the code and afaict the PR fixes the issue at hand
tools/dependency/release_dates.py
Outdated
| # and not really the latest release in chronological order. Add a backup logic to guard against such cases. | ||
| latest_release_version = parse_version(latest_release.tag_name) | ||
| current_version = parse_version(version_min) | ||
| if (latest_release_version >= current_version): |
There was a problem hiding this comment.
im wondering about this - i think i can imagine a situation where the latest_release's version is higher than the current version but is still not the highest numbered version
There was a problem hiding this comment.
Could you please give an example for this case?
There was a problem hiding this comment.
eg if we have version 1.16.3 and the last release (by date) is 1.17.2 but the highest versioned release is 1.18.0 it would return 1.17.2
There was a problem hiding this comment.
Removed this logic now, and have only the iteration over all releases. Please take a look.
I initially did iterating over get_releases for all cases, and as you said it was doing it for all cases taking more time for the script to run. And the current issue seemed to be a corner case. I wanted to reduce the harm caused by the changes. So decided to do it this way. |
|
im not sure how much of a corner case it is A good example woudl be envoy's releases https://github.com/envoyproxy/envoy/releases where several minor versions are maintained and so there are lots of releases that are not in version order |
Ok, let me try to do the iteration for all the packages, and see how it goes |
Fixes envoyproxy#19109 Signed-off-by: Faseela K <faseela.k@est.tech>
kfaseela
force-pushed
the
dependency-detection-logic
branch
from
1b2db21
to
9f40147
Compare
* main: (77 commits) Fix verify_and_print_latest_release logic (envoyproxy#19111) http2: drain only once when reached max_requests_per_connection (envoyproxy#19078) Overload: Reset H2 server stream only use codec level reset mechanism (envoyproxy#18895) Update QUICHE from c2ddf95dc to 7f2d442e3 (envoyproxy#19095) tools: Fix dependency checker release dates bug (envoyproxy#19109) cve_scan: Use `envoy.dependency.cve_scan` (envoyproxy#19047) tcp: fix overenthusiastic bounds on the new pool (envoyproxy#19036) dep: update Proxy-Wasm C++ host (2021-11-18). (envoyproxy#19074) build(deps): bump frozendict from 2.0.7 to 2.1.0 in /tools/base (envoyproxy#19080) kafka: dependency upgrades (envoyproxy#18995) build(deps): bump charset-normalizer in /tools/dependency (envoyproxy#19105) build(deps): bump slack-sdk in /.github/actions/pr_notifier (envoyproxy#19093) dep: Remove dependency - six (envoyproxy#19085) Remove requested_server_name_ field from StreamInfo (envoyproxy#19102) broken link path fix for items http_filters/grpc_json_transcoder_filter (envoyproxy#19101) quic: turn off GRO (envoyproxy#19088) Listener: Add global conn limit opt out. (envoyproxy#18876) Specify type for matching Subject Alternative Name. (envoyproxy#18628) Fix a broken example in Lua filter docs (envoyproxy#19086) Fix a small typo (envoyproxy#19058) ... Signed-off-by: Michael Puncel <mpuncel@squareup.com>
Signed-off-by: Faseela K faseela.k@est.tech
Commit Message: dep: Fix verify_and_print_latest_release logic
Additional Description: Fixes #19109 Fix #19136
Risk Level: low
Testing: local testing of the script done