Apache Superset: Improve probing including pre-release versions #990
Conversation
|
Warning Rate limit exceeded@amotl has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 11 minutes and 22 seconds before requesting another review. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate Unit Tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
amotl
force-pushed
the
superset-4.1.3rc1
branch
2 times, most recently
from
674a510 to
043b5c6
Compare
amotl
changed the title
|
Hi @mistercrunch and @sadpandajoe, thanks a stack for your positive reply at apache/superset#33162 (comment), and for releasing Apache Superset 4.1.3rc1, which resolves this problem for us and possibly others. Do you also intend to backport apache/superset#33216 to any 3.x branch, and subsequently run a release, or is it out of service? It also looks like the same patch needs to be forward-ported to Apache Superset 5.x, as currently only Apache Superset 4.x is succeeding. With kind regards, |
|
Probably not. LTS comes at the cost of moving forward faster. Looking for more people to help with release management, but highly encourage people to push their environment forward along with us. |
|
Thanks for your reply. So we will submit a patch like apache/superset#33216 to the development head to cover an upcoming 5.x release, and remove Apache Superset 3.x from our testing rig, because it will never get fixed? |
|
Trying to think of the best way to either a) offer some LTS where it matters, or b) marking older versions as "not supported, may have security issues". Realistically given the focus of current maintainers, support previous/current/next major is already challenging. The main issue is around supporting a large tree of dependency both on the backend and frontend. Some tooling offers issue reporting on the dep tree, flagging individual librairies down the tree that have issues, but the whole thing is challenging to manage. Realistically the only way to stay on top of it is automation/tooling, using things like Snyk and @dependabot / @supersetbot to help in the process. Now given the largely manual process dictated by the ASF the includes humans voting release through email, things get pretty hard. Release automation / tooling would really help. It's probably a matter of reinvesting in custom tooling like https://github.com/apache-superset/cherrytree and https://github.com/apache-superset/supersetbot - or go with the latest AI-powered tooling to try and support/automate release management. Until AI takes over, this would require a significant amount of good old human-powered engineering. |
|
Another thought on the current release process. It seems possible for maintainers to allow people like you who want older releases to be pushed forward, to open PRs against release branches, and allow release branches to be ahead of official release (that require email voting, issue of multiple release candidates, and finally release publishing). So maybe we allow for release branches to evolve, so say you target the 3.1 branch with the marshmallow boundary PR, we merge it, and they 3.1 is ahead of the latest official release, say |
Oh wow. I would never have imagined such obstacles. Thanks for your extensive elaboration.
Yes indeed. On the CrateDB repository, we are maintaining the 4.x and 5.x branches, dropped support for 3.x, and are currently transitioning to 6.x. All active branches of major versions accept changes, and we are employing Mergify to support fluent backports of PRs without needing to do that manually. Of course, it is naturally up to you which major versions you will be supporting. Our thinking just was that because 5.x is still in its infancy, we felt it would be obvious to keep 3.x and 4.x active, but we haven't been able to find a 3.x branch to direct our dependency fix to.
I don't disagree, but we are really looking at "just accepting patches" on particular spots where things go south, in this case with Marshmallow 4.x. This does not necessarily mean to redesign the whole dependency management machinery. I absolutely hear you on maintainer burnout topics, related to all of that. I think no matter what, KISS approaches are the only ones that are bearable. 🍀 |
|
If we wanted to work around the hurdles of "official ASF releases" which require an email vote, tarballs on a ASF-hosted SVN and all, people can/could point their build system to our release branches. In our case, the minor (ie 4.1) is a branch, and the official release (ie 4.1.1) is a tag on that branch. In theory we could move faster if you build on 4.1 and we can easily target PRs to those branches (say fixing the |
About
Apache Superset 4.1.3rc1 released on May 6 could make our CI happy again.
References
marshmallow>=4.0.0apache/superset#33162 (comment)