Skip to content

Commit

Permalink
Use Dependabot version updates but just for GitHub Actions
Browse files Browse the repository at this point in the history 
A number of reusable actions, such as actions/checkout, are in old
major versions, including versions that use old deprecated versions
of Node.js, such as Node 16 (rather than the current Node 20).

Dependabot version updates were disabled for Rust crates in GitoxideLabs#143
and GitoxideLabs#144, with other means used to keep things up to date. This
does not reverse that even partially, as it enables version updates
only for GitHub Actions (which it has not been used on before).

Because most actions are specified with major version tags that get
reset to the latest stable minor/patch version under that major
version, the actual frequency of updates should not be anywhere
near daily. Nonetheless, it may make sense to further refine this
configuration, such as to check for updates less often as well as
to group multiple updates into a single PR when doing so.
  • Loading branch information
@EliahKagan
EliahKagan committed May 7, 2024
1 parent 5d1b0af commit cae5259
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
version: 2
updates:
- package-ecosystem: github-actions
directory: "/"
schedule:
interval: daily

0 comments on commit cae5259

Please sign in to comment.