From 826bf3e096e4bd31b9f6d14e5712c01868fef730 Mon Sep 17 00:00:00 2001 From: Elizabeth W Date: Thu, 16 Apr 2026 22:50:14 -0600 Subject: [PATCH] forgot to add ovvoc to rejected tools --- docs/pipeline-overview.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/docs/pipeline-overview.md b/docs/pipeline-overview.md index df9cdb2..ebc9f4f 100644 --- a/docs/pipeline-overview.md +++ b/docs/pipeline-overview.md @@ -152,3 +152,12 @@ To achieve this, the architecture utilizes "Defense in Depth," split across seve ### ❌ CrowdSec / Local WAFs * **Why it was rejected:** Because the cluster's sole ingress is routed through Cloudflare Tunnels, malicious traffic and automated DDoS attempts are filtered at Cloudflare's edge network. Running a secondary WAF inside the cluster wastes compute resources to solve a problem that was already mitigated before the traffic reached the home network. + +Here is a concise, professional summary formatted to drop directly into your ADR's **"Tools Explicitly Evaluated and Rejected (The 'Why Not?' List)"** section: + +### ❌ Ovvoc (Automated Dependency Updates & Code Migration) +* **What it does:** An advanced dependency updater that goes beyond version bumping by using AST transforms and AI to actively rewrite application code to fix breaking changes (e.g., migrating Express 4 to 5). +* **Why it was rejected:** + * **Cost-Prohibitive:** At $49/month for a single repository (and $249/month for up to 6), the enterprise pricing is not sustainable for a solo homelab environment. + * **Redundant AI Capabilities:** Because this architecture already relies heavily on local AI-assisted development (e.g., Cursor, Copilot, or Aider), local AI agents can easily be prompted to fix the occasional breaking change in seconds at no additional cost. + * **Diminishing Returns:** The vast majority of security vulnerabilities are patched in non-breaking minor or patch updates. **Renovate Bot** handles these perfectly for free. Ovvoc solves a problem (major version breaking changes) that is too infrequent in a homelab to justify the extreme price tag.