dependabot commits dump html, git log unreadable about comprehensive-rust HOT 9 CLOSED

Alternatively, maybe it's OK that the git log is unreadable? It's clear what the merge is doing from the first line..

Yeah, I tend towards accepting this as an unfortunate side-effect of the combination of squash merges and Dependabot (both of which I think are more important than the ugle commit messages).

I suggest we close this and then the three of us can attempt to trim the suggested commit message to keep the history fairly clean.

from comprehensive-rust.

Hm, I wonder if this is because we're squashing commits? The dependabot commit itself looks OK.

from comprehensive-rust.

It seems there is an error in option or in some key - pls, note this text similar to help message:

[![Dependabot compatibility
    score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.109&new-version=1.0.111)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't
    alter it yourself. You can also trigger a rebase manually by commenting
    `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits
...

from comprehensive-rust.

Yeah, the problem is that we use the PR title and text by default for the squash commit:

Why do we do this? Because we have lots of drive-by PRs from people who might not be long-term contributors. I don't feel we can ask people to pay too much attention to the Git history, but maintaining a nice PR title and description ought to be doable.

Now, unfortunately Dependabot tries to be very fancy and use lots of HTML in its PR description and this breaks the system here.

I suggest that I, @qwandor and @djmitche keep an eye on this: when enabling the auto-merge, we have the option of adjusting the commit message. I let the default with all its ugly HTML get committed a few times, but we can decide to not do that going forward.

from comprehensive-rust.

I don't see an option for the formatting of the PR description itself. The closest is the commit-message option, which seems to be about how the first line of the commit message is formatted.

Alternatively, we could pick one of the other GitHub options for the default commit message of a squash merge.

from comprehensive-rust.

@ophilon, I don't think there is much we can do here apart from being careful to not accept the default commit message when squash merging.

An alternative would be to do regular merges (or rebase merges) for Dependabot PRs. Right now we have those merge types disabled in order to ensure a relatively clean history. I believe the default merge type is sticky (I'm not sure if that's per user?) so the maintainers would need to be careful when clicking the big green button on PRs.

@qwandor and @djmitche, what do you think of that?

from comprehensive-rust.

Doing merge commits sounds good to me.

from comprehensive-rust.

Doing merge commits sounds good to me.

My worry is that people will forget to set the option back to "squash" and so we'll end up with a mix of merges and squashes.

from comprehensive-rust.

Alternatively, maybe it's OK that the git log is unreadable? It's clear what the merge is doing from the first line..

from comprehensive-rust.