Assign Dependabot/Renovate reviewers in each repo

ChristophWurst commented 2 years ago

Describe the task

Dependabot bumps are currently handled by everyone. In the same way this sometimes feels like nobody is responsible. Therefore we want to have one or two dedicated people per repo who do take care of the bumps. This doesn't mean anyone else must not review/merge bumps. It rather means if bumps are not taken care of, especially in the case of security fixes and critical bug fixes, we know who's the right person to have a look.

Many repos have different ecosystems to maintain. E.g. Mail has github action, composer and npm bumps. We can and should distribute this to more than one person to avoid a bottle neck.

Affected components

[x] Calendar https://github.com/nextcloud/calendar/pull/4604
[x] Calendar Resource Management
[x] Contacts https://github.com/nextcloud/contacts/pull/4116
[x] Mail https://github.com/nextcloud/mail/pull/7107
[x] cdav-library
[x] nextcloud/calendar-availability-vue
[x] nextcloud/calendar-js

To do

[ ] Coordinate who can do which repos/bumps
[ ] Update dependabot.yml
[ ] Update renovate.json

ChristophWurst commented 4 months ago

@GretaD @st3iny is this done?

st3iny commented 2 months ago

Is done. Although, Contacts has only a single reviewer for all of its renovate rules.

I'll open a PR to distribute reviews a bit.

nextcloud / groupware