root: add a webgui patch to address security issue#41404
root: add a webgui patch to address security issue#41404wdconinc merged 1 commit intospack:backports/v0.21.1from
Conversation
spackbot-app
bot
requested review from
HadrienG2,
drbenmorgan,
gartung,
greenc-FNAL,
marcmengel,
vitodb and
vvolkl
|
It is a bit problematic to do these 'partial' backports. Say I want to cherry-pick version upgrades in the root package on develop against the v0.21.1 release (I am assuming that's a fairly common workflow), that will now fail because of cherry-pick conflicts. I think the backports should attempt not to break this workflow, and we should aim to backport an entire commit into develop. That's however also problematic in this case since the PR that was merged into develop mixes this security patch with version upgrades. It would have been better to keep the security patch and the version upgrades separate. So, no concrete suggestions from my side but I just wanted to point out the problems I see with this approach in case others have ideas about how to avoid them. |
wdconinc
changed the title
Co-authored-by: jmcarcell <[email protected]>
Co-authored-by: jmcarcell <[email protected]>
Co-authored-by: jmcarcell <[email protected]>
3 participants
Backport of #41289