I support making LGTM a gating job on every PR. On Thu, Dec 16, 2021 at 2:46 PM Alexander Murmann <amurm...@vmware.com> wrote:
> +1 to adding this. Given it has a low false-positive rate, only checks on > code actually changed in the PR and runs quickly compared to some of our > other steps that already happen for every PR, this seems like an easy > decision. > > ________________________________ > From: Robert Houghton <rhough...@vmware.com> > Sent: Thursday, December 16, 2021 14:20 > To: dev@geode.apache.org <dev@geode.apache.org> > Subject: Re: [DISCUSS] Adding LTGM as gating PR checks > > Short answer would be to work with the rest of the community to get the > check to pass, fix the LGTM configuration, something like that. Otherwise, > the Concourse CI has the ability to set PR context messages. > > -Robert > > From: Owen Nichols <onich...@vmware.com> > Date: Thursday, December 16, 2021 at 10:40 AM > To: dev@geode.apache.org <dev@geode.apache.org> > Subject: Re: [DISCUSS] Adding LTGM as gating PR checks > Requiring LGTM looks good to me. It does not seem to have a high rate of > false-positives like some other linters, but if we are making it gating, > what would the process look like to override a false-positive? > > On 12/16/21, 10:37 AM, "Anthony Baker" <bak...@vmware.com> wrote: > > Thanks Robert, I think this is important. I think this is a good first > step. > > In future I think we should consider adding a CI job to ensure that > pre-existing security errors are addressed. Perhaps GitHub code scanning is > worth investigating since they have acquired the LGTM product. > > Anthony > > > > On Dec 16, 2021, at 10:08 AM, Robert Houghton <rhough...@vmware.com> > wrote: > > > > We have had LGTM tests enabled on Apache Geode PRs for quite some > time, and have done a great job of trending those warnings and errors to in > the right direction. I would like to make the change to our GitHub to make > those changes blocking for all new PRs, given their reliability and > lack-of-flakiness. > > > > Does anyone have strong feelings against that? > > > > -Robert Houghton > >
